Yahoo confirmed culprit in Windows Phone data usage overages

Last week, I tore apart Windows Phone feedback packets to determine the feature’s role in the Windows Phone 7 data usage saga. I didn’t find anything of significant worry there, so I moved onto the next suspected culprit in the list: Yahoo.

Sniffing out IMAP packets to and from a Windows Phone isn’t as straight forward as it sounds. Microsoft’s IMAP4 implementation is very aware of the STARTTLS extension emitted by IMAP servers and switches to encrypted communication as soon as its detected, kinking the sniffing operation. (Worse, there’s no official UI for forcing clear-text communication.) To workaround this, I wrote a quick nodejs script to strip IMAP connections of the STARTTLS bit and passed them on to their destination.

What I discovered was shocking, although not surprising. Yahoo’s IMAP server (winmo.imap.mail.yahoo.com) does not respond to FETCH requests correctly. For example, one of the FETCH commands issued after tapping the refresh button looks like this:

FETCH 1:10 (UID FLAGS BODY.PEEK[HEADER.FIELDS (MESSAGE-ID)])

In plain English, this command reads: “Please fetch me the UID, flags, and message-id for messages 1-10 inclusive.” A typical response (AIM in this case) would look something like this:

* 1 FETCH (UID 258 BODY[HEADER.FIELDS (MESSAGE-ID)] {81} 
Message-Id: [contoso194089-0-1475496219-3-11262342655328369@CONTOSO.COM] 
FLAGS (XAOL-RECEIVED XAOL-GOOD XAOL-GOODCHECK-DONE XAOL-CERTIFIED-MAIL XAOL-BILLPAY-MAIL $hasEmbedded))
...
OK FETCH completed

Yahoo, with their imapgate (0.7.65_12.286037) software, however, responds with:

X-YMAIL-UMID: 1_1231_AH9SAiosajdifsLGYp8 
Delivered-To: rafael@withinwindows.com 
Received: by 0.0.0.0 with SMTP id b14cs36932vcd; 
        Wed, 24 Nov 2010 09:48:20 -0800 (PST) 
[snipped] 
Received-SPF: pass (google.com: domain of bxp60spbgycisj582h2kt@contoso.com designates 0.0.0.0 as permitted sender) client-ip=0.0.0.0; 
DomainKey-Status: good (test mode) 
Authentication-Results: mx.contoso.com; spf=pass (contoso.com: domain of bxp60spbgycisj582h2kt@contoso.com designates 0.0.0.0 as permitted sender) smtp.mail=bxp60spbgycisj582h2kt5hjwxuss6f@contoso.com; domainkeys=pass (test mode) header.From=dummy@contoso.com 
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; 
  s=200505; d=email.contoso.com; 
  b=[snipped]+CKirfbuapQiU=; 
h=Date:Message-ID:List-Unsubscribe:From:To:Subject:MIME-Version:Reply-To:Content-type; 
Date: Wed, 24 Nov 2010 17:48:39 -0000 
Message-ID: [bxp60spbgychw1axh2kt.7412145937.3427@MTA915.CONTOSO.COM] 
List-Unsubscribe: [mailto:rm-0bxp60spbgychw1axh2kt@EMAIL.CONTOSO.COM] 
From: "Contoso" [dummy@EMAIL.CONTOSO.COM] 
To: rafael@withinwindows.com 
Subject: This is a test message 
MIME-Version: 1.0 
Reply-To: "Contoso" [dummy@EMAIL.CONTOSO.COM] 
Content-type: multipart/alternative; boundary="=bxp60spbgychw1axh2kt5hjwxuss6f"
...
OK FETCH completed

Now, that may not look like much but sandwich the extra bytes with encryption and multiply the size of each chunk by the number of emails in your inbox (or folder)... yeah. Scary. Yahoo is sending ~25 times as much data as it needs to. (This can also be read as: Your phone is downloading ~25 times as much data as it normally would, had you sided with another email provider.)

To workaround this, I strongly recommend Yahoo mail users reconfigure the phone to not transmit data via a cellular connection (Settings –> Cellular –> Data roaming options). As an alternative, you can set your Yahoo account to only Download new content only on manual trigger (Yahoo Mail –> Settings –> Sync Settings).

Disclaimer: There is the possibility that other services and apps in Windows Phone are also causing unreported data usage overages. I’ll keep an eye out.

Update (1/31): Microsoft has confirmed this issue (and noted another), just a few hours later.