ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DMARC and yahoo

2014-04-15 20:22:44
from [Theodore Ts'o] [Permanent Link] 
On Tue, Apr 15, 2014 at 06:34:03PM -0600, Doug Royer wrote:

Yahoo does not seem to require DMARK. Simply use one of the other two
options. I use SPF for my domains, and it makes it through their systems
just fine.


You seem to be confused about what the problem is.  It's not that
Yahoo is requiring DMARK.  The problem is that Yahoo is requesting
that *other* mailers reject mail if the From field is not aligned with
the Sender, and the From field is from yahoo.com.

This means that if a bob(_at_)yahoo(_dot_)com sends a message to a list which
includes alice(_at_)hotmail(_dot_)com, and the mailing list server keeps the 
from
field as "bob(_at_)yahoo(_dot_)com", and sends the message to all of the mailing
list recipients, which includes alice(_at_)hotmail(_dot_)com, the following 
things will happen:

a) hotmail.com will compare the sender address (authenticated with
   SPF) with the from address (authenticated by DKIM), see that they
   are different, and since yahoo.com has a DEMARK p=reject,
   hotmail.com will bounce the mail.

b) this means alice(_at_)hotmail(_dot_)com will never see 
bob(_at_)yahoo(_dot_)com's mail

c) since the mailing list server receives a bounce from hotmail.com,
   if there are enough attempts from yahoo.com users to send mail to
   the mailing list, the number of bounces will cause the mailing list
   server to suspend or remove alice(_at_)hotmail(_dot_)com from the mailing
   list.

If we munge the from field from bob(_at_)yahoo(_dot_)com to
bob(_at_)yahoo(_dot_)com.INVALID, then hotmail.com will not bounce the mailing
list mail.  This means Alice will see Bob's message, and Alice will
not be in danger of getting suspended or dropped from the mailing list.

Alternatively, the mailing list server could determine the Bob is
sending his mail from a domain that has a DEMARK p=reject policy, and
simply bounce the mail back to Bob right away, instead of sending it
to the mailing list recipients.  That way, Bob's can get pursuaded to
use another mail provider, and Alice doesn't have to worry about
getting suspended from the mailing list.


Do you have another suggestion about what the mailing list server is
supposed to do?

                                                - Ted
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DMARC and yahoo, Doug Royer
Next by Date:  Re: DMARC: perspectives from a listadmin of large open-source lists, John Levine
Previous by Thread:  Re: DMARC and yahoo, Doug Royer
Next by Thread:  Re: DMARC and yahoo, Doug Royer
Indexes:  [Date] [Thread] [Top] [All Lists]