What is up with Yahoo and why do they not include SPF records in the dns ?

It appears that Yahoo! is going on the record as being strongly anti-SPF in more ways than one.

In addition to not providing SPF records for their own domains, within the past week, SBC/Yahoo! implemented port 25 filtering on their dynamic IP DSL service accounts.  This means that if you are connecting from an SBC/Yahoo! DSL account, you *MUST* use their SMTP servers, or your outgoing mail will not go through.

Yes, I know that SBC/Yahoo! is certainly not the first misguided ISP to do this... but the fact that they have NOT blocked port 25 up to this point is the very reason that we have been sending a lot of business their way.  We had to immediately pull our SPF records earlier this week and go into "mad scramble" mode to get about 80 of our clients switched-over to SBC/Yahoo! SMTP servers for sending mail.  We certainly didn't want to do this, but had no other choice.

They supposedly have an "opt-out" of port 25 filtering.  I tried it, and it is completely meaningless.  They even sent an email message back to me stating that the opt-out does NOT mean that you can use your own SMTP server, you have to continue using the SBC/Yahoo! SMTP server.  So, what the **** is the purpose of an opt-out if you're not really able to opt-out of anything?!

Of course, I expect SBC/Yahoo! to stubbornly hold their ground, as large ISPs generally do in cases like these (example: Verizon's opposition to anti-spam efforts such as the well-known "empty mail FROM" issue).  Unfortunately, SBC/Yahoo! is so large that the departure of these 80 or so client accounts to a different ISP won't even be noticeable to them.

Jim,

Very glad to see you back on the forum.  As always, your responces are very accurate, informative and entertaining!  Besides the "Big ISP" problems, we have a big problem with (and I hope I am not insulting anyone) geeky Linux "experts" that seem to "know it all".  My latest is a web host that sees absolutely nothing wrong with setting up his customer forms to be FROM: mailto:dont-reply-to-this@no-domain.none" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - dont-reply-to-this@no-domain.none   Literaly!  Real hard to do a dns or mx lookup on that one.  Just one stupid battle after another.

Dan S.

This is just nuts.

Am I missing some technical issue that escapes me? I continue to get spam and phishing from Ebay and Paypal and if they simply added SPF records wouldn't this just go away for any one using SPF lookups ?

What is wrong with these people ?

 Lee

can you help me

i can not login my ac**t mail in yahoo just in my haues b c

 bot i can got it in cufe net ?

regardes

walid

My feelings about anyone trying to make a better SPF, like yahoo, is that SPF is already implemented in the wild...digitalkeys is not...therefore, SPF should be the industry accepted standard regardless of any pros and cons of any other method of authenticating the source of email.

Holding back on implementing SPF because they think they've got something better would be like someone holding back on making their word processor cross-compatible with Microsoft Word because they think they have a better file format to offer.

Yahoo and these other ISP's who have yet to implement ANY anti-spoofing technologies already being utilized by a large number of third party email servers are only allowing their domain names to continue to be trashed by spammers and viruses alike.