Skip navigation

Does anyone know what the hell NNFMP is?

I recently had some spam that included the header line:

Received: from [66.218.67.176] by n36.grp.scd.yahoo.com with NNFMP; 16 Nov 2003 20:11:57 -0000

but I can’t work out what NNFMP is. Google searches seem to show it’s only Yahoo that use it, but there’s no RFC for it… so what is it?

6 Comments

  1. Thanks for the info, Rob :)

    • Rob Szivek
    • Posted November 2, 2011 at 00:26
    • Permalink

    PNNFMP is an internal protocol not recognised by IANA or the RFC’s. Yahoo uses this protocol to internally route e-mail traffic across their network. The acronym stands for “Newman No-Frills Mail Protocol”. It’s a simple, high-performance protocol comparable to QMTP.

    • maria p. mccahill
    • Posted September 26, 2011 at 07:09
    • Permalink

    Hi,my question is how can i find out who has accessed my contacts from my yahoo account.Someone has sent messages to all and i have asked for help from yahoo,no response at all! Also how could someone without password get in? thank-you for any help,maria

    • D. Stussy
    • Posted December 19, 2009 at 00:10
    • Permalink

    According to the Yahoo postmaster, any message containing a “with NNFMP” clause is a FORGED message:

    ‘It appears that the sender of this message forged the header information to give the impression that it came from your email address. The sender seems to have used your email address in the “reply-to” and/or the “from” field of the message sent out and, as a result, misdirected email is being returned to you.’

    I received the same response when I told them that I noticed the clause on mail I actually did send (to myself at another site) via webmail:

    ‘WRONG. This is a rejection of a message I actually sent. Yahoo is inserting invalid header data into its “Received:” headers. NNFMP is not a valid protocol for use with “WITH” per the IANA.’

    Yahoo’s response indicating that it was still a forged message tells me that they do not know what they’re doing. Their servers DID generate such headers, yet they won’t recognize such.

    My answer came from:

    Austine Yahoo! Customer Care 66929704

    Re: Fw: failure notice (KMM101597777V72148L0KM)

    The message to myself contained this: Received: from [76.13.13.26] by n4.bullet.mail.ac4.yahoo.com with NNFMP; 16 Dec 2009 20:59:45 -0000 Received: from [68.142.237.87] by t3.bullet.mail.ac4.yahoo.com with NNFMP; 16 Dec 2009 20:59:45 -0000 Received: from [216.252.111.169] by t3.bullet.re3.yahoo.com with NNFMP; 16 Dec 2009 20:59:45 -0000 Received: from [127.0.0.1] by omp104.mail.re3.yahoo.com with NNFMP; 16 Dec 2009 20:59:45 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 693458.67241.bm@omp104.mail.re3.yahoo.com

    Received: (qmail 64166 invoked by uid 60001); 16 Dec 2009 20:59:45 -0000

    Since it appears to be Yahoo’s official position that “with NNFMP” is forged, I suggest that everyone BLOCK every message that contains such. Eventually, Yahoo’s mail users (myself included) won’t be able to send mail to anyone, and Yahoo will finally figure out that what they have done is non-standard and fix their broken mail service.

  2. I have two emails that I need confermation on. They are from the same person. I want to make sure that I am coming up with the correct result. Here are the full headers of both. When you trace an email and get the numbers on the end of the email like dram_heart777@75.110.246.14. YOu take this number and run it and it tell you where it was sent rom correct. This is the computer it was sent from? The two emails I have inclosed are diffrent fom the number in the email above. The emails are originating from diffrent places in North America, they are to be coming from Russia??? I know this is little more tech. than some of the rest but I know someone out there can help. Is there a way to retreave a computer that is using a dynamic IP??? Can we do this to computers in Russia as far as finding scammers?? Thanks for the help and explination.

    ACTUALLY, WHEN YOU CONFIGURE YOUR OUT LOOK EXPRESS THEN YOUR ALL SENT E-MAIL HAVE TO RE-DIRECTED IN NORMAL WAY BUT IN SOME CASES YAHOO USE SPECIAL PROTOCOL NAMED “NNFMP” TO DENOTE SENDER MAY BE IN SCAMMER LIST OR USING ANY SPECIAL SOFTWARE TO HIDE THEIR OWN IP ADDRESS AND DETAILS. IN THIS WAY, YOU GOT LAST LINE AT E-MAIL HEADER LIKE—

    Received: from unknown (HELO COMP-1) (dram_heart777@72.36.194.10 with plain) HERE IP ADDRESS SHOULD BE 72.36.194.10 BUT THIS IS NOT A RIGHT IP ADDRESS. IT IS A DYNAMIC AND CAN BE CHANGED.HERE COMPUTER TERMINAL CANN’T BE CHANGED, COM-1 OR 192.168.0.41 ETC DENOTE THIS E-MAIL SENT FROM A OFFICE NETWORK. PLAIN TYPE E-MAIL IS PROVIDED BY OUTLOOK AT TIME OF SENDING E-MAIL. FOR MORE YOU MAY JOIN MY MCA COMMUNITY AT http://WWW.ORKUT.COM , MY ORKUT ID IS alokrajmca , I AM FROM INDIA AND I ALWAYS RECEIVE MANY SCAMMER E-MAILS WITH NNFMP PROTOCOLS. IN SOME CASES SENDER [UNKNOWN]. AT SUBJECT LINE.

  3. I am looking for the same information. can anyone help?


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>