What exactly is a X-YMailISG header?

Question

Finally ... our emails are being seen by Yahoo! not as junk anymore. Hurray!

However I notice that the Yahoo! receiving MTA adds in a X-YMailISG header. It's very large ... 2**10 bits?

Now that I've invested too large a chunk of my waking life in crafting our email headers I'm curious to know what an X-YMailISG header is. Can anybody tell me? Does it pose any security / authenticity issues? There's very little intelligible from Google results.

Background:

After many days tweaking TXT records in our domain's DNS zone file for SPF and DKIM, I have at last succeeded in generating email from our Drupal site that Yahoo! no longer marks as
X-YahooFilteredBulk and the excellent service check-auth@verifier.port25.com returns results that show the emails passing SPF, DKIM and Sender-ID checks and appearing to SpamAssassin as ham. Yahoo! even adds a Received-SPF: pass header.

Useful links:
http://www.goldfisch.at/knowwiki/howtos/dkim-filter
http://old.openspf.org/wizard.html

Looks like it is a compressed name for "Yahoo Mail Incoming Signature" — Jaime Hablutzel, Jan 02 '15 at 01:55

score 4 · Accepted Answer · edited Jan 11 '23 at 19:35

To break it Down,

X = Custom header

YMAIL = Yahoo Mail

OSG = Outbound Spam Guard

ISG = Inbound Spam Guard

Spam Guard is a PineApp product for ISP's, yahoo (indirectly) whitelabels this solution, it protects from internal and externally generated emails differently and relies on these headers to be included in feedback loops to process abuse automatically.

Additional Info at Yahoo's Antispam Page

score 2 · Answer 2 · answered Nov 23 '11 at 09:37

In general X-headers can refer to any non-standard header added during the sending of an email. X-headers can be added at any stage. Some examples of X-headers are:

X-Mailer:

X-Spam-Reason:

X-DomainKeys:

One of the names Yahoo uses for its own mail system is "YMail", so YMailISG is probably going to be something they add to email passing through their system, most like a message ID of some kind. Beyond that, if Yahoo don't document it anywhere public, anything else from here on in is just going to be guesswork.

score 2 · Answer 3 · answered Mar 10 '12 at 22:27

2

X-YMailISG is added by Yahoo to all incoming messages. On the flip side, X-YMailOSG is added by Yahoo to all outgoing messages.

I believe (but am not 100% sure) that ISG and OSG stand for Inbound Spam Guard and Outbound Spam Guard, respectively.

answered Mar 10 '12 at 22:27

Joe Sniderman

2,809
1
22
26

score 0 · Answer 4 · answered Sep 16 '11 at 20:18

0

I don't think it poses any security "issues", but it seems to be something unique to Yahoo. It seems to be a long way around of putting a unique "serial number" on a message. You'd have to ask them for more information.

answered Sep 16 '11 at 20:18

Aaron

2,968
1
23
36

What exactly is a X-YMailISG header?

Background:

4 Answers4