» Yahoo confirmed culprit in Windows Phone data usage overages Within Windows

Jan 2011

19 Comments

Yahoo confirmed culprit in Windows Phone data usage overages

Last week, I tore apart Windows Phone feedback packets to determine the feature’s role in the Windows Phone 7 data usage saga. I didn’t find anything of significant worry there, so I moved onto the next suspected culprit in the list: Yahoo.

Sniffing out IMAP packets to and from a Windows Phone isn’t as straight forward as it sounds. Microsoft’s IMAP4 implementation is very aware of the STARTTLS extension emitted by IMAP servers and switches to encrypted communication as soon as its detected, kinking the sniffing operation. (Worse, there’s no official UI for forcing clear-text communication.) To workaround this, I wrote a quick nodejs script to strip IMAP connections of the STARTTLS bit and passed them on to their destination.

What I discovered was shocking, although not surprising. Yahoo’s IMAP server (winmo.imap.mail.yahoo.com) does not respond to FETCH requests correctly. For example, one of the FETCH commands issued after tapping the refresh button looks like this:

FETCH 1:10 (UID FLAGS BODY.PEEK[HEADER.FIELDS (MESSAGE-ID)])

In plain English, this command reads: “Please fetch me the UID, flags, and message-id for messages 1-10 inclusive.” A typical response (AIM in this case) would look something like this:

* 1 FETCH (UID 258 BODY[HEADER.FIELDS (MESSAGE-ID)] {81}
Message-Id: [contoso194089-0-1475496219-3-11262342655328369@CONTOSO.COM]
FLAGS (XAOL-RECEIVED XAOL-GOOD XAOL-GOODCHECK-DONE XAOL-CERTIFIED-MAIL XAOL-BILLPAY-MAIL $hasEmbedded))
...
OK FETCH completed

Yahoo, with their imapgate (0.7.65_12.286037) software, however, responds with:

X-YMAIL-UMID: 1_1231_AH9SAiosajdifsLGYp8
Delivered-To: rafael@withinwindows.com
Received: by 0.0.0.0 with SMTP id b14cs36932vcd;
        Wed, 24 Nov 2010 09:48:20 -0800 (PST)
[snipped]
Received-SPF: pass (google.com: domain of bxp60spbgycisj582h2kt@contoso.com designates 0.0.0.0 as permitted sender) client-ip=0.0.0.0;
DomainKey-Status: good (test mode)
Authentication-Results: mx.contoso.com; spf=pass (contoso.com: domain of bxp60spbgycisj582h2kt@contoso.com designates 0.0.0.0 as permitted sender) smtp.mail=bxp60spbgycisj582h2kt5hjwxuss6f@contoso.com; domainkeys=pass (test mode) header.From=dummy@contoso.com
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=200505; d=email.contoso.com;
  b=[snipped]+CKirfbuapQiU=;
h=Date:Message-ID:List-Unsubscribe:From:To:Subject:MIME-Version:Reply-To:Content-type;
Date: Wed, 24 Nov 2010 17:48:39 -0000
Message-ID: [bxp60spbgychw1axh2kt.7412145937.3427@MTA915.CONTOSO.COM]
List-Unsubscribe: [mailto:rm-0bxp60spbgychw1axh2kt@EMAIL.CONTOSO.COM]
From: "Contoso" [dummy@EMAIL.CONTOSO.COM]
To: rafael@withinwindows.com
Subject: This is a test message
MIME-Version: 1.0
Reply-To: "Contoso" [dummy@EMAIL.CONTOSO.COM]
Content-type: multipart/alternative; boundary="=bxp60spbgychw1axh2kt5hjwxuss6f"
...
OK FETCH completed

Now, that may not look like much but sandwich the extra bytes with encryption and multiply the size of each chunk by the number of emails in your inbox (or folder)... yeah. Scary. Yahoo is sending ~25 times as much data as it needs to. (This can also be read as: Your phone is downloading ~25 times as much data as it normally would, had you sided with another email provider.)

To workaround this, I strongly recommend Yahoo mail users reconfigure the phone to not transmit data via a cellular connection (Settings –> Cellular –> Data roaming options). As an alternative, you can set your Yahoo account to only Download new content only on manual trigger (Yahoo Mail –> Settings –> Sync Settings).

~~Disclaimer: There is the possibility that other services and apps in Windows Phone are also causing unreported data usage overages. I’ll keep an eye out.~~

Update (1/31): Microsoft has confirmed this issue (and noted another), just a few hours later.

Leon Zandman

Great find!
Derek

Excellent work there Rafael. I’m just soaking in all of this kind of data until I get one of these phones to Japan.
beholder

Well, but not all people who report the problem use Yahoo mail.
Andrew

beholder: You could read the post until the end:

“Disclaimer: There is the possibility that other services and apps in Windows Phone are also causing unreported data usage overages. I’ll keep an eye out.”
Srikanth

need to check gmail and hotmail also.. since i did not had yahoo mail on my WP7 but still i noticed 50MB and 10MB usage … so could you please check the results on hotmail and gmail??? great work…
beholder

@Andrew:

That’s right. I missed the fine print. But I still think the headline is misleading. Because nothing is confirmed yet except some problem on Yahoos end but which would affect all IMAP clients on all platforms not just WP7.

At the same time people who never used Yahoo mail report elsewhere to see the issue when using WP7 (and not when using Android or iOS).

I don’t know how many WP7 users use Yahoo mail. But I think it is doubtful that the main culprit for the problem is confirmed now.
brent

First, nice work.

Second, beholder has a point. Even with MS now confirming this, is it really just a Yahoo issue or Yahoo+MS’s client? Because if it’s Yahoo only, then it would seem that all mobile OSs that support Yahoo would see the same problem.

Rafael

I was thinking about this today, too. Given the buggy IMAP server implementation, I suspect this issue is across the board (but haven’t had a chance to verify).

Leon Zandman

My source claims iPhone has the exact same problem. But it isn’t as visible on that phone, because they only process max. 50 messages, whereas Windows Phone does 200.
Mike

@Everyone who states all Yahoo users should have this issue. You should have read this line winmo.imap.mail.yahoo.com. Notice the WINMO. part? There is most likely a Win Mobile 7 dedicated server farm at Yahoo. This would also make sense due to M$ now contracted to also provide all search engine results for Yahoo. So therefore M$ prolly thought they would get smart and have a dedicated service for their Windows Mobile as they could theoretically also add Win Mobile only benefits to this at a later time as well. So therefore that is why your issue is only on phones. I would be interested to see if the phones client can be made to use the regular IMAP imap.yahoo.com as this is what other clients use and they have not had the issue. I use Androisd 2.1.5 on a Motorola Cliq XT and I have a rooted phone that I watch closely and I can certify no data “leakage” at this time [Tmobile +Droid 2.1.5 + Motorola Cliq XT +K-9 E-Mail Client]. Hope that helps let me know

Leon Zandman

@Mike: The fact that a Windows Phone apparently defaults to using ‘winmo.imap.mail.yahoo.com’ for its Yahoo IMAP connections doesn’t say anything. When I ping it, it says the server is called ‘imap.mail.eu.am0.yahoodns.net’ (no Windows Mobile reference here). They probably chose using this naming scheme to more easily distinguish traffic. Also it doesn’t make much sense to run different versions of IMAP server software. IMAP is IMAP and doesn’t need to be tuned for a specific mobile platform, IMHO.

BTW, you can manually configure an IMAP account on Windows Phone, so you can easily use that ‘normal’ IMAP server you mentioned.

SoN][c

See this thread here on Howard Forums (specifcally post #27) where my network capture from back in November last year showed that there was certainly an issue with Yahoo IMAP:

http://www.howardforums.com/showthread.php/1686776-Excessive-Data-Usage-WP7?p=14148809#post14148809

Rafael

Yeah, I linked to your findings in the second sentence. Good stuff. :)

SoN][c

Rafael,

Indeed you did. Thank you! And great work on this.

Cheers :)

Ivan

Thanks for the find. I’m not a huge Yahoo user, but it’s nice to see that someone has actual proof of what’s going on with the data. Thanks again.
http://thenonhacker.deviantart.com thenonhacker

Microsoft should hire you! ;)
Shawn

This is a good find. Makes me glad I had already set up my yahoo mail to forward to google.
nullexception

As a fellow programmer, I salute you o/
jim g

If forwarding yahoo email to gmail, would the original “inflated” data go with it? This is related to the afore mentioned programming problem with yahoo.