Yahoo Declares War on Zombies

Yahoo gave e-mail deliverability a New Year’s gift. It publicized the fact it uses Spamhaus blocklists to stop three sources of spam and is taking up arms against the global army of spam-spewing zombies (define).

You might think Yahoo telling us it intends to find even more ways to block our unwanted messages isn’t much of a gift. And nothing gets the average marketer’s back up faster than a blocklist, which lists IP addresses, domains, or senders suspected of spamming.

But as a deliverability guy, I’m pleased because this helps move us closer to my idea of e-mail nirvana: total ISP transparency. It’s why I love when ISPs post information publicly on their postmaster Web sites or, in this case, on the Yahoo Mail Blog.

Our best defense against delivery concerns is proper education from the source. The more Yahoo tells us about how it sorts acceptable e-mail from spam and fraud, the better we senders can manage our e-mail programs. The messages we send are more likely to reach the inbox rather than get blocked outright or shunted off to the junk folder.

Yahoo Takes on the Zombie Army

Yahoo now blocks e-mail messages sent from computers using a dynamic IP address (one that changes with each use, as opposed to one from a fixed IP, which remains the same). This is designed to thwart the common spammer trick of hijacking millions of home computers through e-mail-borne viruses and using them to send their junk through the back door (in this case, Yahoo’s back-end servers).

Affected e-mail comes from computers using extended e-mail addresses (the search engine gave “” as an example). All e-mail must now come through an ISP’s designated mail gateway.

In other words, you’re OK if you use Yahoo’s Web-based interface (although that’s a terrible way to send commercial e-mail) or its POP (define), SMTP (define), or IMAP (define) services.

This change shouldn’t affect e-mail marketers using a legitimate server, whether in-house or contracted through an e-mail service provider.

Yahoo Confirms Using Spamhaus

Yahoo’s announcement that it’s begun using three blocklists administered by Spamhaus confirms something many of us suspected but didn’t know for sure.

This means Yahoo’s servers will now check incoming IP addresses against these three blocklists, each of which checks for spam from a different source:

  • The Exploits Block List (XBL) is a real-time database of IP addresses of hijacked PCs infected by illegal third-party exploits, such as open proxies; worms and viruses with built-in spam engines; and other types of Trojan horse exploits. This is the list Yahoo will check to find zombie computers and block any e-mail sent from those sources.
  • The Spamhaus Block List (SBL) is a database of identified (“verified,” according to Spamhaus’ Web site) spam sources, as well as spam “gangs” and anyone who supports spammers, such as networks or e-mail services that don’t prevent abuse or misuse. List users can compare incoming IP addresses against the database and block any e-mail coming from a listed address.
  • The Policy Block List (PBL) is a database of end-user IP address ranges that aren’t authorized to send unauthenticated SMTP e-mail to any Internet mail server except those provided for specifically by an ISP for that customer’s use. According to Spamhaus, the PBL helps networks enforce their acceptable use policy for dynamic and non-MTA (define) customer IP ranges.

    This list differs somewhat from the other two because it includes IP address ranges or groups of IP addresses as well as specific IPs. It’s possible that a legitimate IP address could be found within a banned range.

    • Most legitimate marketers probably won’t run afoul of any of these lists. If you do, most likely it will be the SBL, because it targets commercial e-mail senders whose address databases include spam traps — addresses set up specifically to attract unsolicited e-mail. Third-party services that tolerate spammers despite user complaints might also end up on the list. If that includes your provider, consider shopping for a new one.

      You can tell right away if you’re affected by Yahoo’s new anti-spam surge. Just watch your bounce logs for messages from Yahoo detailing the violations. You’ll see SMTP reply code that contains information on how to troubleshoot the block and report the problem.

      Will It Relieve the Spam Surge?

      Yahoo’s initiatives come in the wake of an FTC report that ISP filters keep most spam from reaching consumer inboxes.

      The FTC reports on a study in which it set up 150 e-mail addresses at three ISPs, two using filter networks and one using no filters, then plastered the addresses all over the Web — in chat forums, social-networking sites, and other locations. After five weeks, the unfiltered addresses received delivery of 3,045 spam messages, while the addresses behind ISP filters received 55 and 231 spam messages, respectively.

      Remember that when we talk about filters, we mean more than content filters. More ISPs, such as Hotmail and Yahoo, use a combination of filter techniques that use content, reputation, authentication, and blocklists, such as those Yahoo has begun employing through Spamhaus.

      ISPs also rely on a human factor. Hotmail has a consumer panel to help it compile what it calls the Windows Live Sender Reputation Data. This is actually a fascinating mix of human response and automation to create a more accurate spam definition.

      I’ll provide more detail on how this panel operates in the next column. Until then, keep on deliverin’!

      Want more e-mail marketing information? ClickZ E-Mail Reference is an archive of all our e-mail columns, organized by topic.

      Related reading

      Flat business devices communication with cloud services isolated on the light blue background.