Jim Popovitch writes:
> On Tue, Apr 15, 2014 at 12:13 AM, Stephen J. Turnbull
> wrote:
> > Jim Popovitch writes:
> >
> > > Bingo! The dmarc folks (many of who are IETF participants) ignored
> > > and performed an end-run around the standards process.
> >
> > Not really. The basic proto
On Tue, Apr 15, 2014 at 12:13 AM, Stephen J. Turnbull
wrote:
> Jim Popovitch writes:
>
> > Bingo! The dmarc folks (many of who are IETF participants) ignored
> > and performed an end-run around the standards process.
>
> Not really. The basic protocols (SPF and DKIM) are RFCs, and that's
> rea
On Mon, 2014-04-14 at 18:51 -0400, Jim Popovitch wrote:
> On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote:
> > So what is being said here?
>
> When a yahoo poster sends an email to your list, that email is
> reflected to the rest of the other subscribers. Those other
> subscribers may or
Jim Popovitch writes:
> Bingo! The dmarc folks (many of who are IETF participants) ignored
> and performed an end-run around the standards process.
Not really. The basic protocols (SPF and DKIM) are RFCs, and that's
really what the IETF process is for. What people (including bloated
corporat
On Tue, 2014-04-15 at 12:33 +0900, Stephen J. Turnbull wrote:
> Note that Yahoo! has initiated a denial of service attack on millions
> of innocent list subscribers. *This is not a one-time problem.* This
> will happen again every time a new domain changes its policy to
> reject, because even if
Keith Bierman writes:
> While the process of revising the RFC should have been followed,
No revision of the RFC was made, and Yahoo! followed the RFC in
updating its own DMARC policy. That's where DMARC sucks[tm].
> it does seem that they are trying to solve a real problem.
Perhaps.
> Mail
On 4/14/14, 8:55 PM, Keith Bierman wrote:
> On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch wrote:
>
>> The only true ways to handle dmarc messages (imho) are to reject posts
>> where the poster's domain clearly says to not forward (i.e.
>> p=reject)... OR... totally wrap the poster's email as an a
On 04/14/2014 12:16 PM, Lindsay Haisley wrote:
> This is confusing. I have a list using the DN autoharp.org. the
> envelope sender is a VERP address with the recipient address embedded,
> but the DN is autoharp.org, which passes SPF based on the A record for
> it. The From header address is, of
On Mon, Apr 14, 2014 at 8:55 PM, Keith Bierman wrote:
> While the process of revising the RFC should have been followed, it does
> seem that they are trying to solve a real problem.
Bingo! The dmarc folks (many of who are IETF participants) ignored
and performed an end-run around the standards p
On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch wrote:
> The only true ways to handle dmarc messages (imho) are to reject posts
> where the poster's domain clearly says to not forward (i.e.
> p=reject)... OR... totally wrap the poster's email as an attachment
> and change the From: to something un
On Mon, Apr 14, 2014 at 7:28 PM, Larry Stone wrote:
>
> On Apr 14, 2014, at 5:51 PM, Jim Popovitch wrote:
>
>> On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote:
>>> So what is being said here?
>>
>> When a yahoo poster sends an email to your list, that email is
>> reflected to the rest of
On Apr 14, 2014, at 5:51 PM, Jim Popovitch wrote:
> On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote:
>> So what is being said here?
>
> When a yahoo poster sends an email to your list, that email is
> reflected to the rest of the other subscribers. Those other
> subscribers may or may
On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley wrote:
> So what is being said here?
When a yahoo poster sends an email to your list, that email is
reflected to the rest of the other subscribers. Those other
subscribers may or may not check yahoo's dmarc policy before accepting
your list email.
On Mon, 2014-04-14 at 14:41 -0400, Jim Popovitch wrote:
> >>> SPF does not check the "From:" header line, and that's where the
> >>> troubles begin with DMARC.
> >>
> >> SPF checks sending IPs (of which your IPs won't match Yahoo's, thus
> >> breaking DMARC)
> >>
> >> Either an SPF failure or a DKI
On Mon, Apr 14, 2014 at 2:33 PM, Joe Sniderman
wrote:
> On 04/13/2014 06:03 PM, Jim Popovitch wrote:
>> On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan
>> wrote:
>>>
>>> Jim Popovitch wrote:
>>>
DMARC works off of SPF as well.
>>>
>>>
>>> Not really.
>>
>> DMARC checks alignment of *both* D
On 04/13/2014 06:03 PM, Jim Popovitch wrote:
> On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan
> wrote:
>>
>> Jim Popovitch wrote:
>>
>>> DMARC works off of SPF as well.
>>
>>
>> Not really.
>
> DMARC checks alignment of *both* DKIM and SPF, if either is broken
> DMARC fails.
Nooo...
On 04/14/2014 06:46 AM, Joseph Brennan wrote:
>
> It finally occurred to me that this affects routine forwarding too. Even
> if you implement SRS on the envelope, the header From is left alone, as
> per RFC 5322.
Not necessarily. If the message is actually from Yahoo, it will be DKIM
signed with
It finally occurred to me that this affects routine forwarding too. Even if
you implement SRS on the envelope, the header From is left alone, as per
RFC 5322.
It also affects a message from any of our users who authenticates with our
user and password but prefers to send with a yahoo.com Fro
On 04/13/2014 10:48 PM, Conrad G T Yoder wrote:
>
> I have a large list (7600 addresses), and when I search for a list of users
> of a popular domain (e.g. yahoo.com), I of course get a large result set back
> - sometimes more than 50 beginning with a particular letter. On those
> addresses wi
[Using Mailman 2.1.14 on a hosted service]
I have a large list (7600 addresses), and when I search for a list of users of
a popular domain (e.g. yahoo.com), I of course get a large result set back -
sometimes more than 50 beginning with a particular letter. On those addresses
with more than 50
20 matches
Mail list logo
