phpphpmailerpostfix-mtablacklistyahoo-mail

This message always puts me into the Yahoo blacklist temporarily. Is there anything wrong with it?


When ever I send this message to Yahoo, I get a temporary block right after. I only sent it to myself, so no spam reporting done there.

# all variables declared before...
$mail = new PHPMailer(true);

    $mail->isSMTP();
    $mail->Host       = 'localhost';
    //$mail->SMTPAuth   = true;
    $mail->Username   = 'noreply@example.com';
    //$mail->Password   = 'password';
    //$mail->SMTPSecure = 'ssl';
    $mail->Port       = 25;
    $mail->SMTPAutoTLS = false;

    $mail->setFrom("noreply@example.com", "ExampleUser");
    $mail->addAddress("myemailaddress@yahoo.com");
    
    $mail->isHTML(true);
    $mail->Subject = "Web Development";
    $mail->Body    = "
    <div style='text-align: center; margin: auto;'>
    <div style='background-color: #EEEEEE; font-family: Arial, sans-serif; padding-top: 50px; padding-bottom: 50px; text-align: center; margin: auto;'>
    <div style='max-width: 400px; text-align: center; margin: auto;'>
    <div style='background-color: white;'>
    <a href='https://www.example.com'><img src='https://www.example.com/logo.jpg' style='border: solid black; width: 100%;'></a>
    <div style='text-align: left;'>
    <b>Name:</b> $name<br><b>E-Mail:</b> $email
    <br><br><span style='white-space: pre;'>$message</span>
    </div>
    </div><br>
    <div style='background-color: #767676; color: white;'>
    <b>Copyright &copy; 2012-$date Me</b><br>
    <b>All Rights Reserved</b>
    </div>
    </div>
    </div>
    </div>
";
    $mail->AltBody = "Example
--
$message

Copyright (c) 2012-$date me
All Rights Reserved
";
    $mail->XMailer    = "0"; 
    $mail->CharSet = 'UTF-8';
    $mail->Encoding = 'base64';
    
    $mail->DKIM_domain = 'example.com';
    $mail->DKIM_private = '../../private-dkim.key';
    $mail->DKIM_selector = 'default';
    $mail->DKIM_passphrase = '';
    $mail->DKIM_identity = $mail->From;
    $mail->DKIM_copyHeaderFields = false;

if (!$mail->send()) {
    echo "Message could not be sent.";
} else {
?>
        <h3>Thank-you <?php echo htmlentities($_POST['name'], ENT_QUOTES); ?>. Your message has been sent. You may get a reply within 24 hours or more. Return back to <a href='/contact_us/'>Contact Us</a>.</h3>
<?php
}

Why does this cause my IP address to go into the Yahoo Blacklist? I do not see anything wrong with this. relay=mx-apac.mail.gm0.yahoodns.net[xxx.xxx.xxx.xxx]:25, delay=393, delays=390/0.03/2.7/0.11, dsn=4.7.0, status=deferred (host mx-apac.mail.gm0.yahoodns.net[xxx.xxx.xxx.xxx] said: 421 4.7.0 [TSS04] Messages from xxx.xxx.xxx.xxx temporarily deferred due to unexpected volume or user complaints - xxx.xxx.xxx.xxx; see https://postmaster.verizonmedia.com/error-codes (in reply to MAIL FROM command))

Edit:

Received: from xxx.xxx.xxx.xxx
 by atlas321.free.mail.bf1.yahoo.com with HTTP; Mon, 14 Dec 2020 08:32:56 +0000
Return-Path: <noreply@examplw.com>
Received: from xxx.xxx.xxx.xxx (EHLO example.com)
 by xxx.xxx.xxx.xxx with SMTPs; Mon, 14 Dec 2020 08:32:56 +0000
X-Originating-Ip: [xxx.xxx.xxx.xxx]
Received-SPF: pass (domain of mydomain.com designates xxx.xxx.xxx.xxx as permitted sender)
Authentication-Results: atlas321.free.mail.bf1.yahoo.com;
 dkim=pass header.i=@example.com header.s=default;
 spf=pass smtp.mailfrom=example.com;

It seems that it passed DKIM, DMARC, SPF. And even rDNS (PTR) is setup for the IP address.


Solution

  • I don't think you're doing anything wrong here, it's just life as an email sender. Yahoo and Microsoft domains tend to use delivery deferral to throttle deliveries, whereas gmail tends to just put everything in the spam folder.

    It's not saying that there is anything wrong with this particular message, but that it doesn't like the overall aggregate of messages that it's seeing from you. This may be due to some things that are within your control, so make sure that your SPF records are correct, and that you are doing DKIM signing (which is particularly important for Yahoo – they invented it and enforce it very strictly).

    I see that you are sending via your localhost - that is fine, so long as your local mail server is DKIM signing for you and relaying correctly. High volume delivery is almost impossible with free/open-source mail servers as they usually lack things like delivery throttling, or they have it but it's difficult to configure.