emails to Yahoo are ending up in SPAM folder despite spf=pass, dkim=pass and dmarc=pass

Question

Are we possibility having a reputation problems with Yahoo emails?

Yahoo raw mail header finds my policy I published: dmarc=success(p=REJECT,sp=REJECT)

Emails to clients at Google and Outlook are not ending up in spam, but Yahoo is.

Finally a week back we solved the dkim 'FAIL' with domain we were experiencing for a good long time.

This is a copy of the latest xml dmarc report from Yahoo:

<?xml version="1.0"?>   
<feedback>  
  <report_metadata> 
    <org_name>Yahoo! Inc.</org_name>    
    <email>postmaster@dmarc.yahoo.com</email>   
    <report_id>1596849225.380362</report_id>    
    <date_range>    
      <begin>1596758400</begin> 
      <end>1596844799</end> 
    </date_range>   
  </report_metadata>    
  <policy_published>    
    <domain>filmfix.com</domain>    
    <adkim>r</adkim>    
    <aspf>r</aspf>  
    <p>reject</p>   
    <pct>100</pct>  
  </policy_published>   
  <record>  
    <row>   
      <source_ip>76.80.54.218</source_ip>   
      <count>2</count>  
      <policy_evaluated>    
        <disposition>none</disposition> 
        <dkim>pass</dkim>   
        <spf>pass</spf> 
      </policy_evaluated>   
    </row>  
    <identifiers>   
      <header_from>filmfix.com</header_from>    
    </identifiers>  
    <auth_results>  
      <dkim>    
        <domain>filmfix.com</domain>    
        <result>pass</result>   
      </dkim>   
      <spf> 
        <domain>filmfix.com</domain>    
        <result>pass</result>   
      </spf>    
    </auth_results> 
  </record> 
</feedback>

It looks like we are all good to go.

So I tested by sending an email, and my emails ended up in my Yahoo spam folder.

I must mention that my text/plain raw block under

Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

still has some formatting issues. It has lots of =3D20 and other strings inside it. Making it hard to read, like in here:

=3DEF=3DBB=3DBF =3D0D =3DE2=3D9D=3DA4 =3DC3=3D84pfel fallen von B=3DC3=3DA4=
ume wenn sie =3D
=3DC3=3DBCberreif      =3D20
 sind, oder wenn der Wurm im Apfel steckt.          =3D0D =3D0A=3D

(It is work in progress for now.)

UPDATE 1:

I since changed my dmarc DNS record from v=DMARC1; p=reject; ... to v=DMARC1; p=none; ... and will see if that could be the reason why they sometimes do not even get delivered; not even in spam!

and now I am back to: v=DMARC1; p=quarantine; ...

UPDATE 2:

Today we received an estimate inquiry request from a bellsouth.net email. He did not receive our automated estimate email reply.

We found this fact out by sending him a separate email, without any links in it, yet still using FilmFix.com, but that email ended up in his spam folder.

Response received from 76.80.54.218:

Authoritative response (AA): No
Recursion available (RA): Yes
Truncated (TC): No

Answer section:
A-record for bellsouth.net:
    IP address: 216.77.188.73
    TTL = 10800 (3 hours)

Additional section:
EDNS0 options:
    UDP payload size: 1280
    DNSSEC OK (DO flag): No

looking up IP 73.188.77.216.in-addr.arpa I get this:

Response received from 76.80.54.218:

Authoritative response (AA): No
Recursion available (RA): Yes
Truncated (TC): No

Header:
RCODE 3 - Non-Existent Domain

Authority section:
SOA-record for 77.216.in-addr.arpa:
    Primary DNS server: ns0.attdns.net
    Responsible person: eiss-dns@att.com
    Serial number: 2019121901
    Refresh interval: 3600
    Retry interval: 1800
    Expire interval: 2592000
    Default / minimum TTL: 300
    TTL = 300 (5 minutes)

Additional section:
EDNS0 options:
    UDP payload size: 1280
    DNSSEC OK (DO flag): No

We also used to have AT&T as ISP, also providing us with a rDNS entry at the time (for a different IP address.)

UPDATE 3:

Here are my DNS settings (a partial outtake.) I use Simple DNS Plus as controller.

I just noticed that there is an entry for 76-80-54-219.filmfix.net with a lower priority number of [10] (marked in blue), whereas 76-80-54-218.filmfix.net has [11]. I only have spf, dkim and dmarc setup for IP 76.80.54.218, so I went ahead and removed that 76-80-54-219.filmfix.net entry. I am not sure if that could have been causing an issue. Gmail and Outlook have been OK with that configuration.

Some time back, well before spf, dkim and dmarc it was suggested to have two IP's to not end up in spam. I am not sure if this is still so.

UPDATE 4:

I have been monitoring my dmarc reports. I use easydmarc.com to read them. here is my report from August 31, 2020 to September 14, 2020, also here as image:

On Sep. 2nd Yahoo! Inc. recorded a dkim fail, and on Sep 7th a dkim pass (but without notation of the dkim result.) It looks like we are still having issues with Yahoo.

In the report, it looks like we have had two impersonation attempts. One by secureserver.net 173.201.193.33, and another by hostpoint.ch 217.26.49.174, if I am reading this correctly.

Further more, I since added an image-tracker to my "requesting-an-estimate" auto reply emails. Like this I can identify if a user is getting the email they requested.

Request from email addresses from these domains

@gmail.com
@icloud.com
@swissmail.org
@wibox.fr

logged the image as requested.

These did not return a request for the image, from which I can conclude (with some assumption) that the email got never viewed (and probably ended up in spam):

@yahoo.com
@verizon.net
@spamgourmet.com
@ameritech.net

UPDATE 5:

I am now gradually moving towards dmarc reject policy for failed emails.

This is new policy

v=DMARC1; p=reject; pct=25; rua=mailto:[left out]; ruf=mailto:[left out]; sp=reject; fo=0:1:d:s;

Just a quick comment - your Yahoo report is for the domain filmix.**com** while everything else (easydmarc and DNS) is for filmix.**net** - maybe you are just sending the e-mails from a wrong domain? Also, you _are_ showing a different website at filmfix.com. — jaskij, Sep 15 '20 at 20:40
@JanDorniak Sorry, I should have mentioned that. _(I do not have `filmix`, but `filmfix` as domain name.)_ I use [filmfix.com](https://www.filmfix.com) and [filmfix.ch](https://www.filmfix.ch) for my websites and [filmfix.net](https://www.filmfix.net). to send out emails. I use `.net` as mail server. I hope that helps. — MeSo2, Sep 15 '20 at 21:41
Sorry, that was a typo. And the Yahoo report you pasted clearly says `filmfix.com` — jaskij, Sep 15 '20 at 21:43
Does this answer your question? [Fighting Spam - What can I do as an: Email Administrator, Domain Owner, or User?](https://serverfault.com/questions/419407/fighting-spam-what-can-i-do-as-an-email-administrator-domain-owner-or-user) — Gerald Schneider, Jan 05 '22 at 07:13
@GeraldSchneider Thank you for the link. I have since added an image tracker for important emails and can report back that Yahoo emails are finally being received and viewed; and that Yahoo is honoring the tracker by not removing it. — MeSo2, Jan 05 '22 at 15:57

score 0 · Accepted Answer · answered Aug 20 '20 at 11:09

0

Yahoo! uses Spamhaus, make sure your outgoing IP isn't listed there.
Fill the Contact form and wait for someone from Verizon team get in touch with you
Check the Yahoo Deliverability FAQs and make sure you are compliant with their statements
There's way more to deliverability than having the SPF/DKIM & DMARC Record setup (rightly configured) - Make sure your sending practices are on good terms. (Not receiving too many bounces, validating email addresses in case of cold marketing, respecting opt-out leads' decisions, getting rid of unengaged users, etc.)

answered Aug 20 '20 at 11:09

WishIWasALink

26
4

Thank you. This explains why Verizon users are not getting our emails! Our email count per week can be counted on one hand. We used to have Verizon as ISP some very long time ago, with a rDNS entry. Maybe that is still floating somewhere and causing the problem. – MeSo2 Aug 20 '20 at 19:07
I checked with Spamhaus, and neither out IP or domain names are listed. – MeSo2 Aug 20 '20 at 19:26
@MeSo2, if you're using a dedicated IP, and you are in total control of that, then the delisting process should be easy from the Yahoo! Contact form side. Keep me in the loop on what happens. – WishIWasALink Aug 22 '20 at 00:02
I will keep you informed. For now I am in communication with postmastersupport at cc.yahoo.com – MeSo2 Aug 23 '20 at 14:52
I added **Update 2**. Is it possible that an old AT&T rDNS entry with the wrong IP could be causing this problem? So far Yahoo Postmaster has been sending me links to go check out, and noted: _Per our privacy policies, we can't give out any additional information regarding IP activity or status._ – MeSo2 Aug 27 '20 at 21:30
That is possible. As I can see you've whitelisted just your single IP "76.80.54.218" in your SPF Record, not sure about DKIM (can you provide the selector name), and your DMARC Policy is set to Quarantine. I would only suggest you to enforce your DMARC Policy to higher levels after some DMARC aggregate report monitoring, and making sure all your outgoing servers are properly authenticated with SPF & DKIM. If you're not sure about that, just keep yourself in Monitoring mode (p=none). – WishIWasALink Aug 28 '20 at 00:07
I added **Update 3** with a partial image of my DNS setting for filmfix.net. My DKIM selector name is `ojai2020`, and DMARC is set to `p=quarantine`. – MeSo2 Aug 28 '20 at 15:07
I added Update 4 - it looks like the problem persists. – MeSo2 Sep 14 '20 at 16:52