----- Original Message -----
From: <domainkeys-feedbackbase02(_at_)yahoo(_dot_)com>
In a related note regarding yahoo.com, it needs to also
address its hosted domains too, such as geocities.com with
DK headers and DNS records.
How so? Absence of a policy record is perfectly acceptable
and within spec. Absence of signed email is also perfectly acceptable.
The very process of mixing and matching signed and unsigned,
policy and no-policy provides a much richer learning
experience than having everything set the same way.
Oh, I learned. I learned. That's why I brought it up. :-)
We use a CBV on our system. In yesterday's log, I noticed atleast 18-20
sessions with bad user yahoo.com (return paths) and 1 geocites.com return
path. On the callback, the yahoo.com return paths were all rejected at
yahoo as bad users..
The geocities.com CBV check passed at yahoo.com. What I didn't know was
that yahoo.com was hosting this domain.
It was a spanish phishing message. Only god knows why someone is sending me
spanish messages! Must be my surname. Maybe I'll get Polish messages if I
change my surname to Santosniack.
Anyway, I wasn't aware geocites.com accounts are managed or hosted by
yahoo.com. Something odd about one way protection logic. I can't fully
explain it without getting in trouble. Sorta like "I vouch for this hosted
user, but I don't know what garbage he is sending to you." I mean, if this
is yahoo hosted domain, is there some expectation that hosted domains will
be DK ready?
As we've always stated, these are early days and we're trying to
learn as much as possible.
The bad user yahoo.com return paths were rejected at the SMTP level, so no
content was captured to tell you if these were DK ready messages.
Might be worth exploring to see if DK was exploited yet (or emulated to make
the appearance of a good message on a non-DK ready system) or it was just
plain old bad return paths which only a CBV will catch at a legitimate
domain, like yahoo.com.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com