Re: [exim] Problems with yahoo

Top Page
Delete this message
Reply to this message
Author: Odhiambo Washington
Date:  
To: exim users
Subject: Re: [exim] Problems with yahoo
On 9 December 2015 at 15:42, <Lena@???> wrote:

> > From: Odhiambo Washington
>
> > Of late I am having difficulties delivering mail to users on Yahoo who
> are
> > subscribed to a mailing list that I run for the community.
> > The following error fills my log:
> >
> > 2015-12-08 18:58:29 Start queue run: pid=7681
> > 2015-12-08 18:58:31 1a4rOm-000Cmj-TP [188.125.69.79] SSL verify error:
> > depth=2 error=unable to get local issuer certificate cert=/
> > C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign,
> Inc.
> > - For authorized use only/CN=VeriSign Class 3 Public Pr
> > imary Certification Authority - G5
>
> > root@gw:/var/spool/exim/db # exim -bV
>
> > OpenSSL Content_Scanning DKIM Old_Demime DNSSEC PRDR OCSP
>
> > From: Graeme Fowler
>
> > That shouldn't be causing you delivery problems, that's just Exim
> > logging certificate validation errors
>
> For less such warnings logged, openssl should be given root certificate
> file.
> In case of FreeBSD install the ca_root_nss port
> (it installs /usr/local/openssl/cert.pem ) and restart Exim.
> In FreeBSD if Exim uses openssl from base (not from ports) then
> in `make config` make sure the option is checked:
> "add symlink to /etc/ssl/cert.pem".
>
> Unrelated to this error (or rather warning) message:
> for better delivery to yahoo I use:
>
> begin routers
> remote_domains_throttled:
>   driver = dnslookup
>   domains = \N^yahoo\.\N : rocketmail.com : ymail.com : y7mail.com : \
>         btinternet.com : btopenworld.com : att.net : sbcglobal.net :
> rogers.com
>   retry_use_local_part
>   transport = throttled_smtp
> ...
> begin transports
> throttled_smtp:
>   driver = smtp
>   serialize_hosts = *
>   connection_max_messages = 5
>   max_rcpt = 9
>   retry_use_local_part

>
> Also, set up SPF (with ?all at the end), DMARC with p=none,
> sign all messages with DKIM (using any domain).
>
>

Hello Lena,

I have been using same router/transport except I did not have the max_rcpt
= 9.

For SPF+DKIM, I already have those (please check kictanet.or.ke). Haven't
setup DMARC. Is there a cookbook lying somewhere for this?



--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."