But not for « sub »domains (like mine, but I tried some others).
dig soa tierce.nohost.me +short
Yahoo®’s error message:
host mta6.am0.yahoodns.net[126.96.36.199] said:
554 Message permanently deferred due to unresolvable RFC.5321 from domain;
see https://postmaster.yahooinc.com/error-codes (in reply to end of DATA
Unresolvable RFC.5321 from domain
These errors indicate that the domain used to the right of the @ in the MAIL FROM does not appear to be a real domain.
We determine if the domain name exists by using an SOA query; therefore, if multiple subdomains are used in MAIL FROM commands, then besides setting up a DNS A or MX record (perhaps using a wildcard), then SOA records must be set up as well.
This error can be returned as either a timeout/servfail (451) or a permfail (554)
what the fuck, who decided that -_- I can imagine plenty of example where the sub-domain doesn’t have an SOA, such that having a mastodon.domain.tld instance and sending mail firstname.lastname@example.org and this should be perfectly legit, I’ve never heard of any requirement to have an SOA, and I don’t understand what would be whatever security benefit in doing so …
I consider this as an attack angainst self-hosting even if it’s close to madness −which is realy sad− to self-host an e-mail server in 2023 in comparison with mutualized services or Gafam clouds. And even more sad when using « free / libre » (sub)domains as those generously proposed by Yunohost because it, in someways, push us to register a domain if we still hope to self-host our own emails.
Whatever the assumed reality to finish in the spam folder when using an Internet Cube with fixed ipv4 and v6 as proposed by different members of the FFDN members, being just rejected with a falacious « argument » as Yahoo® does, is one step further to exclusion.
Faced with an abuse of a dominant position of this kind, do we have any room for manoeuvre?
If you refer to Yahoo’s new “SOA” requirement, you can find a thread on Mastodon with experts on DNS / Email complaining about how batshit stupid this is, so clearly, this is not a bug on our side, it’s Yahoo being absolutely dumb and randomly imposing crazy shit on half of the internet.
Additionally, for technical reason it’s apparently not allowed by bind9 (the software we use) to define SOA records on non-root domains. (Which may in fact be why Yahoo decided to implement this stupid rule as an implicit check that the domain is or not a root domain…)
So TL;DR : even if we wanted to, it would be hella complicated to so without changing our entire software stack, and at some point we should just stop complaining to random crazy batshit policies from GAFAM. YunoHost is supposed to be about a free internet, not submitting to arbitrary policies decided by monopolies which is the opposite of free internet.
If bind9 don’t permit to create SOA records anywhere in the DNS tree (and it seems to be coded like it since a long time) and if Yahoo® use it to consider unwelcome emails sent by a domain without SOA records, I suppose we won’t be able to change Yahoo’s mind nor Bind9.
Good. We don’t have to change our entire software stack
Not good. We also have to tell that the free domains won’t work to send emails.
And now, I have to reconsider the threshold of self-hosting if I still hope to host my own mail server.
buy a domain name
find some not so badly reputed ipv4 and v6
rely on the good work of Yunohost about the mails and DNS configuration suggestions
keep telling the rest of the world to stop using those f*** bastards who breaks Internet but whatever, they will continue.