Re: Yahoo breaks every mailing list in the world including the IETF's
S Moonesamy <sm+ietf@elandsys.com> Tue, 08 April 2014 06:35 UTC
Return-Path: <sm@elandsys.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E6A81A00E6 for <ietf@ietfa.amsl.com>; Mon, 7 Apr 2014 23:35:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.8
X-Spam-Level:
X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AAHlaRuXKxsQ for <ietf@ietfa.amsl.com>; Mon, 7 Apr 2014 23:35:23 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id DE8361A0032 for <ietf@ietf.org>; Mon, 7 Apr 2014 23:35:23 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.147.234]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s386Z5Yq017829 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 7 Apr 2014 23:35:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1396938917; bh=GgkulmGwPhYQ6osUcFHBMXMaaXfskMLo1LfV2zRm3Qg=; h=Date:To:From:Subject:In-Reply-To:References; b=Fa/h21qH+mB8JOTufN5ySqLMcXH1BO83gRfU8Bp7/9thZ1eVxjUg4Kg9h8g7NhyIc bRBI7H8E+DpS4kfYAKNI+ugstY7NTL3gwwFRnUVFDEoLT2iPQ/WuGkxGTciyLJXh4T vMzwXwnqBsj/7k2voO3jbwfpsTL7pNKfCSm41swQ=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1396938917; i=@elandsys.com; bh=GgkulmGwPhYQ6osUcFHBMXMaaXfskMLo1LfV2zRm3Qg=; h=Date:To:From:Subject:In-Reply-To:References; b=U6VwXBWtspJINicoHGrpMCB5Ve/Z36onCurvefiV6j1XPG4wbOFC7r30ganIqDXS+ B6+xEvMfcnEf7MiZ2Li+Q0XCDfcyiov54DmKYhpbitks5GVxnKURyvXWDWvEkhfC+M R66PEbd6NkefDZgtXESJOwyqHyWzyW4RHe2UBc24=
Message-Id: <6.2.5.6.2.20140407214815.079d3670@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 07 Apr 2014 23:19:44 -0700
To: John Levine <johnl@taugh.com>, ietf@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
Subject: Re: Yahoo breaks every mailing list in the world including the IETF's
In-Reply-To: <20140407201104.42050.qmail@joyce.lan>
References: <20140407201104.42050.qmail@joyce.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/K4ZIp5110ppdeHccAWkCnAD2dC8
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Apr 2014 06:35:28 -0000
Hi John, At 13:11 07-04-2014, John Levine wrote: >DMARC is what one might call an emerging e-mail security scheme. >There's a draft on it at draft-kucherawy-dmarc-base-04, intended for >the independent stream. It's emerging pretty fast, since many of the >largest mail systems in the world have already implemented it, >including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo. [snip] >Mailing lists are a particular weak spot for DMARC. Lists invarably >use their own bounce address in their own domain, so the SPF doesn't >match. Lists generally modify messages via subject tags, body footers, >attachment stripping, and other useful features that break the DKIM >signature. So on even the most legitimate list mail like, say, the >IETF's, most of the mail fails the DMARC assertions, not due to the >lists doing anything "wrong". From BCP 167: "In an idealized world, if an Author knows that the MLM to which a message is being sent is a non-participating resending MLM, the Author needs to be cautious when deciding whether or not to send a signed message to the list." It will be interesting to see the results when other domains implement the specification. Regards, S. Moonesamy
- Re: Yahoo breaks every mailing list in the world … Sabahattin Gucukoglu
- Yahoo breaks every mailing list in the world incl… John Levine
- Re: Yahoo breaks every mailing list in the world … Brian E Carpenter
- Re: Yahoo breaks every mailing list in the world … S Moonesamy
- Re: Yahoo breaks every mailing list in the world … Eric Dynamic
- Re: Yahoo breaks every mailing list in the world … Phillip Hallam-Baker
- Re: Yahoo breaks every mailing list in the world … S Moonesamy
- Re: Yahoo breaks every mailing list in the world … Phillip Hallam-Baker
- Re: Yahoo breaks every mailing list in the world … S Moonesamy
- Re: Yahoo breaks every mailing list in the world … Eric Dynamic
- Re: Yahoo breaks every mailing list in the world … Yoav Nir
- Re: Yahoo breaks every mailing list in the world … Phillip Hallam-Baker
- Re: Yahoo breaks every mailing list in the world … Avri Doria
- Re: Yahoo breaks every mailing list in the world … Dave Crocker
- Re: Yahoo breaks every mailing list in the world … Randy Bush
- Re: Yahoo breaks every mailing list in the world … Dave Crocker
- Re: Yahoo breaks every mailing list in the world … Douglas Otis
- Re: Yahoo breaks every mailing list in the world … Phillip Hallam-Baker
- Re: Yahoo breaks every mailing list in the world … Fred Baker (fred)
- Re: Yahoo breaks every mailing list in the world … Phillip Hallam-Baker
- Re: Yahoo breaks every mailing list in the world … Douglas Otis
- Re: Yahoo breaks every mailing list in the world … Doug Ewell
- Re: Yahoo breaks every mailing list in the world … Douglas Otis
- Re: Yahoo breaks every mailing list in the world … Ted Lemon
- Re: Yahoo breaks every mailing list in the world … Eric Dynamic
- Re: Yahoo breaks every mailing list in the world … Scott Kitterman
- Re: Yahoo breaks every mailing list in the world … Douglas Otis
- Re: Yahoo breaks every mailing list in the world … Hector Santos