[Mailman-Users] Accessing sub-letter search lists
[Using Mailman 2.1.14 on a hosted service] I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the “Find” string disappears in the search results and I’m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. -Conrad -- SILENCE Don’t tweet our secrets -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Accessing sub-letter search lists
On 04/13/2014 10:48 PM, Conrad G T Yoder wrote: I have a large list (7600 addresses), and when I search for a list of users of a popular domain (e.g. yahoo.com), I of course get a large result set back - sometimes more than 50 beginning with a particular letter. On those addresses with more than 50 starting with a common letter, they are of course split up, but when I click on another of the sub-letter lists, the “Find” string disappears in the search results and I’m back to a subset of the whole list, not the searched list. Is there any way around this? Thanks much. This is a bug. Thanks for the report. I'll fix it. See https://bugs.launchpad.net/mailman/+bug/1307454. In the mean time, the only work around is to set admin_member_chunksize on the General Options page large enough to include all members of the largest sublist so it isn't chunked. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
It finally occurred to me that this affects routine forwarding too. Even if you implement SRS on the envelope, the header From is left alone, as per RFC 5322. It also affects a message from any of our users who authenticates with our user and password but prefers to send with a yahoo.com From line. To sum it up, any message with a yahoo.com header From is poison unless you can deliver it locally to your own systems. This simplifies matters, since it means a milter should check for any outgoing message with /yahoo.com/ in the From. The simplest action to implement would be to bounce. I'm still pondering implementation. That some other domain might implement the same approach as yahoo is a good point. It is best to generalize a problem.* *unless you're selling updates to virus signatures! Joseph Brennan Manager, Email and Systems Applications Columbia University Information Technology -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On 04/14/2014 06:46 AM, Joseph Brennan wrote: It finally occurred to me that this affects routine forwarding too. Even if you implement SRS on the envelope, the header From is left alone, as per RFC 5322. Not necessarily. If the message is actually from Yahoo, it will be DKIM signed with d=yahoo.com, and if the forward doesn't break that sig, the message will pass DMARC. It also affects a message from any of our users who authenticates with our user and password but prefers to send with a yahoo.com From line. Yes, This is exactly what DMARC is trying to prevent. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On 04/13/2014 06:03 PM, Jim Popovitch wrote: On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan bren...@columbia.edu wrote: Jim Popovitch jim...@gmail.com wrote: DMARC works off of SPF as well. Not really. DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. Nooo...If either one passes, DMARC passes. SPF does not check the From: header line, and that's where the troubles begin with DMARC. SPF checks sending IPs (of which your IPs won't match Yahoo's, thus breaking DMARC) Either an SPF failure or a DKIM failure will cause a DMARC rejection if p=reject. Even if that were the case, which it is not, SPF should pass - since typically the list is the envelope sender. -- Joe Sniderman joseph.snider...@thoroquel.org -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, Apr 14, 2014 at 2:33 PM, Joe Sniderman joseph.snider...@thoroquel.org wrote: On 04/13/2014 06:03 PM, Jim Popovitch wrote: On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan bren...@columbia.edu wrote: Jim Popovitch jim...@gmail.com wrote: DMARC works off of SPF as well. Not really. DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. Nooo...If either one passes, DMARC passes. SPF does not check the From: header line, and that's where the troubles begin with DMARC. SPF checks sending IPs (of which your IPs won't match Yahoo's, thus breaking DMARC) Either an SPF failure or a DKIM failure will cause a DMARC rejection if p=reject. Even if that were the case, which it is not, SPF should pass - since typically the list is the envelope sender. Yes! (maybe start reading threads from the bottom up?) :-) -Jim P. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, 2014-04-14 at 14:41 -0400, Jim Popovitch wrote: SPF does not check the From: header line, and that's where the troubles begin with DMARC. SPF checks sending IPs (of which your IPs won't match Yahoo's, thus breaking DMARC) Either an SPF failure or a DKIM failure will cause a DMARC rejection if p=reject. Even if that were the case, which it is not, SPF should pass - since typically the list is the envelope sender. Yes! (maybe start reading threads from the bottom up?) :-) This is confusing. I have a list using the DN autoharp.org. the envelope sender is a VERP address with the recipient address embedded, but the DN is autoharp.org, which passes SPF based on the A record for it. The From header address is, of course, that of the author as per RFC. But we lost perhaps 10% of subscribers to the list based on DMARC rejection. So what is being said here? -- Lindsay Haisley | Everything works if you let it FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com| -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley fmo...@fmp.com wrote: So what is being said here? When a yahoo poster sends an email to your list, that email is reflected to the rest of the other subscribers. Those other subscribers may or may not check yahoo's dmarc policy before accepting your list email. If they do reject your list message, then that equals 1 mailman bounce. After a few posts from yahoo members, the bounce scores increase and the other subscribers are unsubscribed. -Jim P. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Apr 14, 2014, at 5:51 PM, Jim Popovitch jim...@gmail.com wrote: On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley fmo...@fmp.com wrote: So what is being said here? When a yahoo poster sends an email to your list, that email is reflected to the rest of the other subscribers. Those other subscribers may or may not check yahoo's dmarc policy before accepting your list email. If they do reject your list message, then that equals 1 mailman bounce. After a few posts from yahoo members, the bounce scores increase and the other subscribers are unsubscribed. I think most of us are clear on that point. Where I’m confused (and I’m thinking that’s what Lindsay is asking about) is where you said Yes! (maybe start reading threads from the bottom up?) :-) in response to On Mon, Apr 14, 2014 at 2:33 PM, Joe Sniderman joseph.snider...@thoroquel.org wrote: On 04/13/2014 06:03 PM, Jim Popovitch wrote: On Sun, Apr 13, 2014 at 4:54 PM, Joseph Brennan bren...@columbia.edu wrote: Jim Popovitch jim...@gmail.com wrote: DMARC works off of SPF as well. Not really. DMARC checks alignment of *both* DKIM and SPF, if either is broken DMARC fails. Nooo...If either one passes, DMARC passes. SPF does not check the From: header line, and that's where the troubles begin with DMARC. SPF checks sending IPs (of which your IPs won't match Yahoo's, thus breaking DMARC) Either an SPF failure or a DKIM failure will cause a DMARC rejection if p=reject. Even if that were the case, which it is not, SPF should pass - since typically the list is the envelope sender. To what are you saying “Yes”? With what are you agreeing? — Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, Apr 14, 2014 at 7:28 PM, Larry Stone lston...@stonejongleux.com wrote: On Apr 14, 2014, at 5:51 PM, Jim Popovitch jim...@gmail.com wrote: On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley fmo...@fmp.com wrote: So what is being said here? When a yahoo poster sends an email to your list, that email is reflected to the rest of the other subscribers. Those other subscribers may or may not check yahoo's dmarc policy before accepting your list email. If they do reject your list message, then that equals 1 mailman bounce. After a few posts from yahoo members, the bounce scores increase and the other subscribers are unsubscribed. I think most of us are clear on that point. Where I’m confused (and I’m thinking that’s what Lindsay is asking about) is where you said Yes! (maybe start reading threads from the bottom up?) :-) Ahh, my Yes! post to Joe was because earlier in the day I had stated one thing about dmarc, and then Mark corrected me, and at that time I acknowledged Mark's correction. And then along comes Joe the next day, and he replied to my incorrect statement before he read my later post. In threaded message format, the bottom post would generally be the latest post, thus my comment. Back to DMARC, one thing that wasn't clearly stated earlier, wrt DKIM+SPF, Mailman breaking the DKIM because of header+body modifications. Whether or not a remote dmarc validation checks the SPF record (of the From: address) is dependent on the posters dmarc aspf setting (which *may* tell receivers to honor the poster's DKIM *and* SPF record). So even passing the DKIM signed portion, unfettered, may still fail dmarc checks at a receiver, resulting in bounces (and of interest to privacy advocates, the failed dmarc check will most likely send a copy of the post onward to various other organizations listed in the dmarc rua and ruf records). The only true ways to handle dmarc messages (imho) are to reject posts where the poster's domain clearly says to not forward (i.e. p=reject)... OR... totally wrap the poster's email as an attachment and change the From: to something under control of the mailinglist that is sending the email. -Jim P. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch jim...@gmail.com wrote: The only true ways to handle dmarc messages (imho) are to reject posts where the poster's domain clearly says to not forward (i.e. p=reject)... OR... totally wrap the poster's email as an attachment and change the From: to something under control of the mailinglist that is sending the email. Well, my non-mail expert opinion for whatever it might be worth. While the process of revising the RFC should have been followed, it does seem that they are trying to solve a real problem. Mail should come from who it says it comes from, not make it trivial to pretend to be someone one isn't. So why not adopt a standard where the *sender* is always the list? The obvious downside is that reply to poster stops working, but do these security tools care if the reply-to is different from sender? if the list default is reply to poster set the reply to as the original sender, but correctly identify the message as coming from the mail server automation ... not the original sender. Other than noncompliance to the existing RFC(s), what am I missing? Keith Bierman khb...@gmail.com kbiermank AIM 303 997 2749 -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, Apr 14, 2014 at 8:55 PM, Keith Bierman khb...@gmail.com wrote: While the process of revising the RFC should have been followed, it does seem that they are trying to solve a real problem. Bingo! The dmarc folks (many of who are IETF participants) ignored and performed an end-run around the standards process. Mail should come from who it says it comes from, not make it trivial to pretend to be someone one isn't. It is. I am sending you this email via the list. It contains my words, and no way conveys the responsibility, nor does it delegate the ownership, to the list. So why not adopt a standard where the *sender* is always the list? The obvious downside is that reply to poster stops working, but do these security tools care if the reply-to is different from sender? if the list default is reply to poster set the reply to as the original sender, but correctly identify the message as coming from the mail server automation ... not the original sender. Reply-to is more of a client initiated setting. Mailman works off of Return-Path, and then there is also a formal RFC defined Sender header. Dmarc designers choose to ignore these well defined RFC email headers and, independently of any standards process, choose to focus solely on the From header. After all, RFC 5322 is only 8 years old, not the decades that the dmarc folks would like people to think. -Jim P. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On 04/14/2014 12:16 PM, Lindsay Haisley wrote: This is confusing. I have a list using the DN autoharp.org. the envelope sender is a VERP address with the recipient address embedded, but the DN is autoharp.org, which passes SPF based on the A record for it. The From header address is, of course, that of the author as per RFC. But we lost perhaps 10% of subscribers to the list based on DMARC rejection. Yes, your SPF is valid, but the domain of the envelope sender (autoharp.org) which is what the SPF deals with does not 'align with' (DMARC standard words) the domain of the From: (yahoo.com). Thus your SPF says your server is allowed to send mail with envelope from autoharp.org, not yahoo.com, so it doesn't count for DMARC validation of mail From: yahoo.com. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On 4/14/14, 8:55 PM, Keith Bierman wrote: On Mon, Apr 14, 2014 at 5:54 PM, Jim Popovitch jim...@gmail.com wrote: The only true ways to handle dmarc messages (imho) are to reject posts where the poster's domain clearly says to not forward (i.e. p=reject)... OR... totally wrap the poster's email as an attachment and change the From: to something under control of the mailinglist that is sending the email. Well, my non-mail expert opinion for whatever it might be worth. While the process of revising the RFC should have been followed, it does seem that they are trying to solve a real problem. Mail should come from who it says it comes from, not make it trivial to pretend to be someone one isn't. So why not adopt a standard where the *sender* is always the list? The obvious downside is that reply to poster stops working, but do these security tools care if the reply-to is different from sender? if the list default is reply to poster set the reply to as the original sender, but correctly identify the message as coming from the mail server automation ... not the original sender. Other than noncompliance to the existing RFC(s), what am I missing? Keith Bierman khb...@gmail.com kbiermank AIM 303 997 2749 Actually, if you look in the header to a message from the list, it does say that the sender is the list (that is the contents of the Sender: header). The Email RFC's define what the various headers are supposed to mean. From: is the person who ORIGINATED the message (that is not the list). Sender: is who put the email into the mail stream (which is the list). Yes, there is a fundamental problem in identity confirmation with the internet, which is especially a problem with email. One partial solution is users should be using email programs that show them things like the Sender field, and some of these can be more easily checked. Yes, the way things are setup, there is no way to say that a message isn't From a given person, as the system has no way built in to say that, but it can let you know that it was sent via some other 3rd party, and let you decide if it make sense. It makes sense for some companies (like banks) to say that all email from them will ALWAYS come via a specific set of paths. It doesn't make sense for a email provider for the public to say the same thing, especially AFTER the fact. It would be another thing if Yahoo, when it started, touted that it was offering an identity protection service where people could know your emails come from you, with the provision that you had to send all your email via their system and couldn't post to mailing list with that account. -- Richard Damon -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
Keith Bierman writes: While the process of revising the RFC should have been followed, No revision of the RFC was made, and Yahoo! followed the RFC in updating its own DMARC policy. That's where DMARC sucks[tm]. it does seem that they are trying to solve a real problem. Perhaps. Mail should come from who it says it comes from, not make it trivial to pretend to be someone one isn't. Well, maybe. But DMARC doesn't solve that problem. It's still trivial to pretend to be someone you aren't. Just get an address at Yahoo! I suppose what you mean is phishing, ie, pretending to be a specific other someone. Well, if you want to be sure of identity, insist that your correspondents digitally sign their mail. Effective checks must be done in the MUAs because it's still very easy to spoof somebody (use Chase Bank chase-b...@0xdeadbeef.my, for example) even with DKIM or SPF. What needs to be done to make this user-friendly is for the MUAs to provide a simple way to configure trusted partners such as your bank and your psychotherapist. The bank would probably be very easy (it uses DKIM so the MUA can check it). Web-based MUAs can do this for you (Google's Gold Key program). The personal relationship problem is harder, but basically you need a convenient way to distribute PGP public keys and add them to specific correspondent records. For licensed professionals, governments could maintain third-party authorization mechanisms a la OpenAuth. So why not adopt a standard where the *sender* is always the list? Because Internet mail makes a specific distinction between *sender* and *author*. we already *have* a way to identify the *sender*, and we already *do* identify the list as the sender IIRC (Resent-* headers), and in most cases we do make it clear that the list is a list (RFC 2369 headers). However, in their bottomless contempt for the average user, the DMARC authors chose to insist on authenticating the *author* with the *sender's* credentials because that's the best that can be done without cooperation from the recipient and her MUA. The obvious downside is that reply to poster stops working, but do these security tools care if the reply-to is different from sender? if the list default is reply to poster set the reply to as the original sender, but correctly identify the message as coming from the mail server automation ... not the original sender. Other than noncompliance to the existing RFC(s), what am I missing? Nonconformance to RFCs means that you break all conforming implementations. Reply-To Munging Considered Harmful is just the start. Internet governance is based on the RFC process. If you allow large companies to disregard RFCs for their convenience, they *will* break things badly. (Small companies will break things, too, but not so badly.) Note that Yahoo! has initiated a denial of service attack on millions of innocent list subscribers. *This is not a one-time problem.* This will happen again every time a new domain changes its policy to reject, because even if we break *future* Mailman to conform to Yahoo!'s Brave New World, *past* Mailman installations will continue to exist and many of them will have taken stopgap measures (eg, moderating all Yahoo! subscribers). We have to take a stand against this kind of behavior. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Tue, 2014-04-15 at 12:33 +0900, Stephen J. Turnbull wrote: Note that Yahoo! has initiated a denial of service attack on millions of innocent list subscribers. *This is not a one-time problem.* This will happen again every time a new domain changes its policy to reject, because even if we break *future* Mailman to conform to Yahoo!'s Brave New World, *past* Mailman installations will continue to exist and many of them will have taken stopgap measures (eg, moderating all Yahoo! subscribers). We have to take a stand against this kind of behavior. Well said, Stephen! Having a presence in a number of different worlds, including the entertainment business, I frequently have had the opportunity to address the question on FB and elsewhere, what is the Internet? My answer is always that the Internet, at a fundamental level, is a collection of agreements on how things are going to work (coupled with some absolutely brilliant and foresighted CS technology). This agreement spanned government, corporate (large and small) and educational entities, and everyone realized that the whole could be greater than the sum of its parts, and behaved accordingly. If history teaches us anything, it's that such social mindsets have a lifespan, and that the lifespan appears to be inversely proportional to the success of model in which it flourished. In the long run, I think Murphy's Law and its 1st corollary offer a note of wisdom. Law: If you play with anything long enough, it's gonna break. Corollary: True, but there's always still something you can do with it. -- Lindsay Haisley| The only unchanging Autoharpist, musical entertainer |certainty is the http://www.lindsayhaisley.com | certainty of change 512-259-1190 | Ancient wisdom - all cultures -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
Jim Popovitch writes: Bingo! The dmarc folks (many of who are IETF participants) ignored and performed an end-run around the standards process. Not really. The basic protocols (SPF and DKIM) are RFCs, and that's really what the IETF process is for. What people (including bloated corporate people) choose to do with those protocols is really outside of the RFC process, just as use of SMTP to spam (under your own From, spoofing does violate the RFC :-) is outside of the RFC process. That doesn't make what Yahoo! did right, but as much as I disagree with DMARC's basic philosophy, I don't really think DMARC is a subject for the RFC process. I just think it's a problem from the point of view of maintaining the integrity of the Internet. Dmarc designers choose to ignore these well defined RFC email headers and, independently of any standards process, choose to focus solely on the From header. They do have a point. Some users are extremely susceptible to fraud. Believe it or not, in Japan there's a species of fraud where criminals call more or less random phone numbers, identify themselves as the victim's child or spouse with It's me. It's me! and continue by requesting money to get themselves out of some kind of jam. The victim takes cash to the specified meeting place, only to find that the jam got worse and so a friend was sent to pick up the money. This actually works to the tune of 15,000 victims and $200 million in a bad year. That's the model that DMARC has of Internet users, so it's natural that they would focus on From. After all, RFC 5322 is only 8 years old, not the decades that the dmarc folks would like people to think. I haven't got that impression. I think they know what they're doing and have been quite forthright about it. They just are willing to hurt lots of people, break working mechanisms, and in the process undermine Internet governance, to reduce spam and phishing (which also hurt lots of people and break working mechanisms). I'm not sure what the top people at Yahoo! are thinking, though. Conspiracy theories may well be in order there. I suspect they're thinking the same kind of thoughts that caused Microsoft to think that breaking backward compatibility with Office '97 or so was a good idea. I hope they pay a similar price. Steve -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Mon, 2014-04-14 at 18:51 -0400, Jim Popovitch wrote: On Mon, Apr 14, 2014 at 3:16 PM, Lindsay Haisley fmo...@fmp.com wrote: So what is being said here? When a yahoo poster sends an email to your list, that email is reflected to the rest of the other subscribers. Those other subscribers may or may not check yahoo's dmarc policy before accepting your list email. If they do reject your list message, then that equals 1 mailman bounce. After a few posts from yahoo members, the bounce scores increase and the other subscribers are unsubscribed. FWIW, here's a list of the DNs of subscriber addresses that got unsubscribed last week from one of FMP's lists, ostensibly as a result of the DMARC issue: yahoo.com hotmail.com comcast.net bellsouth.net att.net cityofgastonia.com fronteirnet.net sbcglobal.net There were about 76 addresses, most of which were yahoo.com or comcast.net addresses, with bellsouth.net coming in 3rd. -- Lindsay Haisley | Everything works if you let it FMP Computer Services | 512-259-1190 | --- The Roadie http://www.fmp.com| -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Emails from yahoo members, are getting rejected by yahoo, Service Unavailable.
On Tue, Apr 15, 2014 at 12:13 AM, Stephen J. Turnbull step...@xemacs.org wrote: Jim Popovitch writes: Bingo! The dmarc folks (many of who are IETF participants) ignored and performed an end-run around the standards process. Not really. The basic protocols (SPF and DKIM) are RFCs, and that's really what the IETF process is for. Interoperatabiliy and functionality is what a standards body is for. DMARC is a system that allows 1st parties to announce to 3rd parties what to do with something delivered by a 2nd party, all without any standards or feedback/care for the 2nd party. It sits atop 2 standards that were never intended for the purpose (rfc5322.From blocking) they are being used for. -Jim P. -- Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
