I just noted a few weeks ago that att.net email downloads started failing when configured in android mail clients. I had to whitelist api.login.yahoo.com to correct this issue.
Now I note that att.net webmail logins via currently.att.yahoo.com fail unless the following whitelists are implemented:
I’m not sure what renovation is underway at adamnet.works, but this is somewhat disruptive. I see that in the Subscriptions area of the dashboard a small number of email providers appear. Oddly, there is no group called Email under which these are clustered, making it hard to find them.
I strongly encourage some re-thinking behind how email provider filtering is handled. att.net is hardly a small provider, so it seems quite likely this is not the only casualty of whatever is going on.
I grant that currently.att.yahoo.com is not a family-friendly site in terms of linked articles, but then it should be easier to whitelist necessary access too even if it means exposing some less than ideal content.
Hey @kbulgrien thanks for sharing this. I believe what was happening here is that ATT/Yahoo was making changes on their web site where they started using domains that were not on your whitelist causing the need for new domains to be added.
I’ll check with the team about the Yahoo Mail verified whitelist that is current in the dashboard.
Hi @kbulgrien , thanks for the heads up.
The Yahoo Mail subscription was initially designed to only allow the mail service while omitting the rest. I renamed the subscription now to make that a bit more clear. You mentioned login.yahoo.com needed to be added, but since that was already part of the subscription, I assume you meant login.yahoo.net , which I too noticed was required along with guce.yahoo.com. The subscription has now been updated and includes a few others subdomains that seemed necessary for the mail service functionality. I did not add the att. subdomain as it may be unique to your carrier? My recommendation would be to add att.yahoo.com to an allowlist activated in your policy(s). If all of Yahoo needs to be allowlisted including the search engine and entertainment, here are a few domains observed from the domain log that could be added to an allowlist (one that includes subdomains) that should get you most of the way there.
Yahoo analyzes and stores all communications content, including
email content from incoming and outgoing mail.
This allows us to deliver, personalize and develop relevant
features, content, advertising and Services.
It is annoying when people hop on threads and hate on ISPs or whatever when it has nothing at all to do with the question. What if I want the original email address I had after getting off Compuserve, and what if that is more important to me than what you care about. Just stop wasting people’s time. If they are stupid in your eyes, probably they won’t listen to you anyway.
Yeah there are legit reasons for needing Yahoo unfortunately. From my experience Yahoo user accounts are compromised the most from all of the big email players (not even close), but there are ISPs that use them. Normally I do recommend people just forward their yahoo/ISP email to a better account somewhere else that they can keep if they move ISPs, etc.
But I agree @kbulgrien best to keep the discussion on topic. Often in IT we are forced to make stuff work that we don’t like
@atw Thank-you, yes. IDK how many times people try to tell me what to do, even when I have no control of the situation. That’s not necessarily the case here, but, @Douglas_C, “Send emails from a different address or alias” doesn’t help your case here. Being able to receive email from address that is decades old is sometimes really desirable and auto-forward doesn’t prevent them from snooping, so again, please cease and desist from hijacking threads and wasting people’s time. Furthermore, google is the king of nasty.
@Bill_Miller Thanks for looking into this. Part of it was a learning curve I imagine. I was EXTREMELY late to the party converting over from v3 to v4 and perhaps that has something to do with what I ran into.
Okay, I’ll admit my response last night was a little rude. And I don’t want a fight.
I just believe that forums are public places meant for gaining knowledge. If you didn’t find the information I provided helpful, I’m sorry, but you can “tl; dr” it. That being said, there are plenty of others who may, in searching this knowledge base, be unaware of the information I provided.
And I think, adam:one being a security-related product, it is at least worth mentioning the implications.
Again, I apologize for obviously offending you. I can assure you I’ll never butt into your threads again.
