Re: Yahoo breaks every mailing list in the world including the IETF's

Douglas Otis <> Mon, 19 May 2014 18:13 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id B1B681A00EA for <>; Mon, 19 May 2014 11:13:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ic2eRJJ9I_69 for <>; Mon, 19 May 2014 11:13:56 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400e:c01::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D954C1A00B1 for <>; Mon, 19 May 2014 11:13:56 -0700 (PDT)
Received: by with SMTP id rr13so6221652pbb.39 for <>; Mon, 19 May 2014 11:13:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=0tamypnUeLIUa7z4G6Y4Q6AHM7KLHtATpnG4bznkY+w=; b=nwadhvNe7UhJK2Uz8y1cUsASjhZ/4AAXpzsXm3JnOP4c6zLooV2VcwVxKNwpzJl3X0 9KPXyr5c0yyNMw2uxPjLix9otteusdPvXFY8TmkRfIGxgkFY5exxOFw4qQpG48eSeK9k /bXgRHTMbEPzNdTYH3pF2WZhAPvEk6MhM0K0mr+Q0OMq1sELq/joy6s53dVBbkqT7XDA QWAWUt7cvnpqLxjAxLi6A+WQozV9FUh496rH+Z+X+TNsMtGMkUb5iBlZiYPMvF/7YIei 6RFsenT5x/CPYopPqQIYtoLhMND58JGeiB6FzvA8YZLLWd5mVDBYZnVjktrwbZ+zeWWu T4WA==
X-Received: by with SMTP id aq4mr45172883pbc.150.1400523236656; Mon, 19 May 2014 11:13:56 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id bc4sm31271221pbb.2.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 19 May 2014 11:13:55 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
Subject: Re: Yahoo breaks every mailing list in the world including the IETF's
From: Douglas Otis <>
In-Reply-To: <>
Date: Mon, 19 May 2014 11:13:54 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <> <> <> <>
To: Randy Bush <>
X-Mailer: Apple Mail (2.1878.2)
Cc: Avri Doria <>, IETF Disgust <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 19 May 2014 18:13:58 -0000

On May 19, 2014, at 10:27 AM, Randy Bush <> wrote:

>>> but eliminating those will not solve the spam problem.
>> spam is a chronic disease for which there is no magic bullet.
>> like most chronic diseases, Internet or otherwise, it can be mitigated
>> and controlled but not cured.
>> As long as people are aiming at a cure, it will be easy to put forward
>> absurd solutions.  And solutions that break things.
> and if you think you are big enough, you can try to outsource the
> problem and dump it on the rest of the network

Dear Randy,

Well said.  They used DMARC which affords them feedback on their email delivery.  It was assumed DMARC domains would utilize this feedback to minimize any disruption.  DMARC even recommends monitoring be done prior to restricting messages.  The problem is DMARC does not permit the ~30K domain exceptions their feedback indicates is needed.

This affects informal third-party services often provided on a gratis basis to their users.  Only they have the necessary exception information needed to avoid disruption which can be conveyed in a single UDP transaction.  Some have insisted that such disruption is normal and that receivers are always expected to deal with such problems.  Clearly, this is unfairly outsourcing a created problem, since the solution is analogous to returning the address of a hostname.  Will they soon decide they need to restrict DNS for these other services as well?  Is a single UDP transaction too much to pay to offer their users services they desire?

Douglas Otis