nanog mailing list archives
Re: DMARC -> CERT?
From: Jim Popovitch <jimpop () gmail com>
Date: Thu, 17 Apr 2014 00:40:11 -0400
On Thu, Apr 17, 2014 at 12:19 AM, Private Sender <nobody () snovc com> wrote:
On 04/14/2014 03:47 PM, Jim Popovitch wrote:On Mon, Apr 14, 2014 at 6:21 PM, Scott Howard <scott () doc net au> wrote:On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch <jimpop () gmail com>wrote:7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the last full week before the US tax filing deadline.The change was made on the previous Friday, so that date is largely irrelevant.7-April: OpenSSL's *public* advisory (after a full week of private notifications, of which yahoo surely was one tech company in on the early notifications)Given that many of their main services were vulnerable at the time ofpublicdisclosure, I think that's a very large assumption to make... If nothing else, I suspect the odds of it being known by the same people that made the DMARC decision/changes is low.I think you are right on that, but that doesn't change the fact that the sum of those things overburdened a lot of mailinglist operators. It is what it is, and the press has covered it and mailinglists are blocking/unsub'ing yahoo accounts in order to cope. -Jim P.I'm sorry but is there a fundamental misunderstanding of dmarc going on in this thread? Yahoo doesn't want you to be able to send "@yahoo.com" email from anything other than THEIR servers which contain the private key that corresponds to their DKIM implementation, and conversely dmarc. "p=reject" tells the receiving domain to reject the message if it isn't signed by the private key that corresponds with the public key that is in the dkim txt record for "yahoo.com" Isn't this the whole point of dmarc? Stop spammers from sending email with "@yahoo.com" that doesn't originate from a valid yahoo email server.
Yes, but @yahoo.com is a bad example because it delivers user originated content.
Yahoo's implementation of dmarc is working as intended.
Are you also speaking for all yahoo uses when you declare that they should no longer be able to participate on mailinglists?
Stealing someones password, and logging into their yahoo mail account and spamming isn't going to matter to dmarc. The mail originated from yahoo, and it was an authenticated user; the mail will be signed with the DKIM key, it will be accepted by the receiving domain (unless the email address is blacklisted by the receiving domain).
But, but, but.... Yahoo implemented DMARC to supposedly stop Spam...(which ironically others have shown that a lot of spam originates from Yahoo servers, but I digress)
There is no need to flame a company because they implemented a policy to ensure QoS to their customers. Either push your mail through their servers, or Just find somewhere else you can push your mailing lists through.
LOL QoS, really? QoS to me, a yahoo account holder, would be less inbound spam. -Jim P.
Current thread:
- Re: DMARC -> CERT?, (continued)
- Re: DMARC -> CERT? Jim Popovitch (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Jim Popovitch (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? Scott Howard (Apr 14)
- Re: DMARC -> CERT? Jim Popovitch (Apr 14)
- Re: DMARC -> CERT? Scott Howard (Apr 14)
- Re: DMARC -> CERT? Scott Howard (Apr 14)
- Re: DMARC -> CERT? Jim Popovitch (Apr 14)
- Re: DMARC -> CERT? Private Sender (Apr 16)
- Re: DMARC -> CERT? Jim Popovitch (Apr 16)
- Re: DMARC -> CERT? Private Sender (Apr 17)
- Re: DMARC -> CERT? Michael Thomas (Apr 17)
- Re: DMARC -> CERT? Valdis . Kletnieks (Apr 17)
- Re: DMARC -> CERT? Michael Thomas (Apr 17)
- Re: DMARC -> CERT? Miles Fidelman (Apr 17)
- Message not available
- Re: DMARC -> CERT? Larry Sheldon (Apr 16)
- Re: DMARC -> CERT? Jim Popovitch (Apr 16)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? John Levine (Apr 14)
- Re: DMARC -> CERT? Rich Kulawiec (Apr 14)