Problems with e-mail sending to yahoo.com recipients

mf_bpd

Hi guys,

I have configured my mail server (subd.main.tld) with Let’s encrypt and it’s working great.
Also configure subd.secondary.tld, when I try to access additional domain (subd.secondary.tld) it gives me SSL error stating it belongs to mail.main.tld
I have made a (subd=subdomain) A name record for both mail.main.tld and mail.secondary.tld to same IP address.
Also I added:
ADDITIONAL_SAN=subd.main.tld, subd.secondary.tld
My DNS is Cloudflare.
„main.tld” DNS settings

„secondary.tld” DNS settings

The undelivered mail reply:
This is the mail system at host ow.klaribo.eu.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

tesztfelhasznalo@yahoo.com: host mta6.am0.yahoodns.net[67.195.204.77] said:
553 5.7.2 [TSS09] All messages from 6.7.8.9 will be permanently
deferred; Retrying will NOT succeed. See
https://postmaster.yahooinc.com/error-codes (in reply to MAIL FROM command)

DKIM, DMARC all OK, SPF set.

Some ideas, because I’m stuck.
Thanks in advance.

DocFraggle

Did you read the docs about a second domain and the web UI?

https://docs.mailcow.email/post_installation/firststeps-ssl/#additional-domain-names

If you plan to use a server name that is not MAILCOW_HOSTNAME to access the mailcow UI (for example by adding mail.* to ADDITIONAL_SAN make sure to populate that name in mailcow.conf via ADDITIONAL_SERVER_NAMES.

The Yahoo website states:

A 553 or 554 SMTP error indicates an email could not be delivered due to a permanent problem. Message delivery can be permanently deferred because:
You’re trying to send a message to an invalid email address.
Your message failed authentication checks against your sending domain’s DMARC or DKIM policy.
The message contains characteristics that Yahoo won’t accept for policy reasons.
Other suspicious behavior which leads Yahoo to issue a permanent rejection for your SMTP connection.
Your IP is listed by Spamhaus. Please check with https://www.spamhaus.org.

guillaumeb98

🧵 Subject: Yahoo defer issue despite clean config – Mailcow self-hosted

Hi everyone,

I’m running into a frustrating issue with email delivery to Yahoo addresses using my self-hosted Mailcow server, and I’m hoping for some insight or shared experience from the community.

✅ Setup
Mailcow (dockerized) running on a VPS

Main public IP: xxx.xxx.xxx.239

rDNS (PTR): mail.mydomain.com

A record: mail.mydomain.com → xxx.xxx.xxx.239

SPF, DKIM, DMARC all configured and passing on header checks

Valid Let’s Encrypt SSL certificate

No open relay, no blacklists (checked via MXToolbox and others)

Light email usage (manual testing and some low-volume transactional)

❌ The Problem
Emails to Yahoo (@yahoo.com) are consistently deferred with the following message:

pgsql
Copier
421 4.7.0 [TSS04] Messages from xxx.xxx.xxx.239 temporarily deferred due to unexpected volume or user complaints - 4.16.55.1
Yet headers show:

SPF=pass

DKIM=pass

DMARC=pass (p=none)

TLS: working

Message content is clean/plain text or light HTML, no spammy structure

All other providers (Gmail, Outlook, etc.) are receiving without issue.

🔁 What I’ve Tried
Waited >24h without sending to Yahoo (cooldown)

Reduced frequency of sending

Verified clean headers via mail-tester and Gmail

Made sure I’m using a consistent hostname (mails.mydomain.com) everywhere

Valid SSL on SMTP (verified via OpenSSL)

💡 Questions
Is there any Mailcow-specific tweak or relay config that helps with Yahoo?

I have a second IP available on the server – is it worth migrating SMTP traffic to that IP to escape this defer status?

Has anyone else encountered persistent TSS04 errors from Yahoo recently with Mailcow?

Thanks in advance for your time and support — any input is appreciated!

Best,