Re: Yahoo DMARC breakage

On Fri, Apr 25, 2014 at 12:12 PM, Jim Popovitch wrote: > On Fri, Apr 25, 2014 at 12:00 PM, Jim Popovitch wrote: >> Just a heads up to interested parties... Google seems to now be >> bouncing where From: is another gmail account. But it seems to be >> inconsistent. If you are reading this on a g

Re: Yahoo DMARC breakage

On Fri, Apr 25, 2014 at 12:00 PM, Jim Popovitch wrote: > Just a heads up to interested parties... Google seems to now be > bouncing where From: is another gmail account. But it seems to be > inconsistent. If you are reading this on a gmail account please let > me know. > > -Jim P. A few people

Re: Yahoo DMARC breakage

On Apr 20, 2014, at 4:07 PM, Scott Howard wrote: > On Sun, Apr 20, 2014 at 3:01 PM, Franck Martin wrote: > why does this list break DKIM when forwarding? > > From the Gmail headers your email : > > Authentication-Results: mx.google.com; >spf=neutral (google.com: nanog-bounces+scott=e

Re: Yahoo DMARC breakage

On 4/9/2014 8:00 PM, Andrew Sullivan wrote: On Wed, Apr 09, 2014 at 12:27:55PM -0500, Dave Crocker wrote: >But it's the result of an informed >corporate choice rather than software or operations error. Why do you think (it seems to me you've said it more than once) that this was "informed" cho

Re: Yahoo DMARC breakage

Sure as long as I make sure my post is plain text which you know is not anymore a standard on many email clients. So if this lists stop to strip the HTML mime part it will pass DMARC regardless of the email client defaults. Toute connaissance est une réponse à une question. On Apr 20, 2014, at

Re: Yahoo DMARC breakage

On Sun, Apr 20, 2014 at 3:01 PM, Franck Martin wrote: > why does this list break DKIM when forwarding? > >From the Gmail headers your email : Authentication-Results: mx.google.com; spf=neutral (google.com: nanog-bounces+scott=example.com@nanog.orgdoes not designate permitted sender host

Re: Yahoo DMARC breakage

On Apr 20, 2014, at 3:08 PM, Barney Wolff wrote: > On Sun, Apr 20, 2014 at 10:01:38PM +, Franck Martin wrote: >> So I believe, if this list was not stripping the HTML part of the emails, as >> it does not add a subject tag nor a footer, then DKIM would survive the list >> and all would be

Re: Yahoo DMARC breakage

On 4/20/2014 18:08, Barney Wolff wrote: > On Sun, Apr 20, 2014 at 10:01:38PM +, Franck Martin wrote: >> So I believe, if this list was not stripping the HTML part of the emails, as >> it does not add a subject tag nor a footer, then DKIM would survive the list >> and all would be fine? >> >>

Re: Yahoo DMARC breakage

On Sun, Apr 20, 2014 at 10:01:38PM +, Franck Martin wrote: > So I believe, if this list was not stripping the HTML part of the emails, as > it does not add a subject tag nor a footer, then DKIM would survive the list > and all would be fine? > > why does this list break DKIM when forwarding?

Re: Yahoo DMARC breakage

So I believe, if this list was not stripping the HTML part of the emails, as it does not add a subject tag nor a footer, then DKIM would survive the list and all would be fine… why does this list break DKIM when forwarding? signature.asc Description: Message signed with OpenPGP using GPGMail

Re: Yahoo DMARC breakage

On 4/10/14 4:29 AM, Rich Kulawiec wrote: > An aside: > > On Wed, Apr 09, 2014 at 05:15:59PM -0400, William Herrin wrote: >> Maybe this is a good thing - we can stop getting all the "sorry I'm >> out of the office" emails when posting to a list. > > I entirely support that goal, but my preferred s

Re: Yahoo DMARC breakage

On Thu, Apr 10, 2014 at 03:22:24PM -0400, Kee Hinckley wrote: > I suspect they looked at the amount of spam they could stop [...] Which is, to a very good first approximation, zero. Nearly all (at least 99% and likely quite a bit more) of the spam [as observed by my numerous spamtraps] that purpo

Re: ID10T out of office responders (was Re: Yahoo DMARC breakage)

On Fri, 11 Apr 2014, Tei wrote: > Suppose I configure my email to send a "Thanks, we have received your > email, we will reply shortly in office hours.". Whats the Holy Headers > so even poorly configured servers don't cause a AutoReply Storm? > Googling, I found "Precedence", "X-Auto-Response-Sup

Re: ID10T out of office responders (was Re: Yahoo DMARC breakage)

So Suppose I configure my email to send a "Thanks, we have received your email, we will reply shortly in office hours.". Whats the Holy Headers so even poorly configured servers don't cause a AutoReply Storm? Googling, I found "Precedence", "X-Auto-Response-Suppress",..? For something like

ID10T out of office responders (was Re: Yahoo DMARC breakage)

On 4/10/2014 6:29 AM, Rich Kulawiec wrote: On Wed, Apr 09, 2014 at 05:15:59PM -0400, William Herrin wrote: Maybe this is a good thing - we can stop getting all the "sorry I'm out of the office" emails when posting to a list. I entirely support that goal, but my preferred solution is the comple

Re: Yahoo DMARC breakage

Andrew Sullivan writes: > I think DMARC is mostly useful when used correctly. There is no BCP > yet... There is, however, BCP167/RFC6377 covering DKIM and mailing lists. Some relevant sections are 4.1 and 5.3: 4.1: ... site administrators wishing to employ ADSP with a "discardable" setti

Re: Yahoo DMARC breakage

On 10 Apr 2014, at 9:49, Dave Crocker wrote: Unfortunately, that has no relationship to do with the current situation. Again: Yahoo was fully aware of the implications of its choice. I suspect they looked at the amount of spam they could stop, the number of Yahoo email users, and the number

Re: Yahoo DMARC breakage

On 04/09/2014 06:04 PM, Miles Fidelman wrote: Especially after reading some of the discussions on the DMARC mailing list where it's clear that issues of breaking mailing lists were explicitly ignored and dismissed. There's been 10 years of ostrichism about policy and mailing lists, especial

Re: Yahoo DMARC breakage

On Thu, 10 Apr 2014 07:56:16 -0700, Michael Thomas said: > but I can't see what the point is in defending the idiocy as being some > sort of sacred right. I'm sure Randy Bush would defend his competitor's right to run their networks that way. :) pgpPc4rzVLYWF.pgp Description: PGP signature

Re: Yahoo DMARC breakage

On 04/09/2014 09:54 PM, Jimmy Hess wrote: Basic functionality is seriously and utterly broken --- that DMARC doesn't have a good answer for such situations, is a major indicator of its immaturity, in the sense that it is "Too specific" a solution and cannot apply to e-mail in general. DMARC i

Re: Yahoo DMARC breakage

On 4/10/2014 5:13 AM, Miles Fidelman wrote: If I point a gun at you, and pull the trigger, but maybe shouldn't have done that, the gun is not broken. It occurs to me that, if you point a gun at me, aim at me, pull the trigger, and hit someone standing 10 feet to my left - the gun IS broken (or

Re: Yahoo DMARC breakage

On 4/10/2014 5:05 AM, Tei wrote: Your post advocates a (*) technical ( ) legislative ( ) market-based ( ) vigilante Since the nanog list isn't devoted to anti-spam work, folk might not know that you were calling upon the stellar web page developed by Cory Doctorow: http://craphound.c

Re: Yahoo DMARC breakage

On 4/9/2014 11:54 PM, Jimmy Hess wrote: Basic functionality is seriously and utterly broken --- that DMARC doesn't have a good answer for such situations, is a major indicator of its immaturity, in the sense that it is "Too specific" a solution and cannot apply to e-mail in general. If it were

Re: Yahoo DMARC breakage

I agree to a large extent with your comments/observations, but I'd like to focus on one point in particular: On Wed, Apr 09, 2014 at 11:00:57PM -0400, Andrew Sullivan wrote: > So, I'm trying to imagine the presentation slide on which appears the > advice to implement the controversial adopted poli

Re: Yahoo DMARC breakage

An aside: On Wed, Apr 09, 2014 at 05:15:59PM -0400, William Herrin wrote: > Maybe this is a good thing - we can stop getting all the "sorry I'm > out of the office" emails when posting to a list. I entirely support that goal, but my preferred solution is the complete eradication of the software (

Re: Yahoo DMARC breakage

Tei wrote: Your post advocates a (*) technical ( ) legislative ( ) market-based ( ) vigilante approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular (*) Sorry dude, but I don't think it would work. ( ) This is

Re: procmail, was autoresponding to Yahoo DMARC breakage

All this talk about procmail leads me to ask: - has anybody come up with a procmail recipe, or other mechanism to validate DKIM-signed mail and apply an Original-Authentication-Results header, at the MTA level? - if so, does it work with Yahoo mail directed to mailing lists? - if yes, can you

re: Yahoo DMARC breakage

at some point, Dave Crocker wrote: If I point a gun at you, and pull the trigger, but maybe shouldn't have done that, the gun is not broken. It occurs to me that, if you point a gun at me, aim at me, pull the trigger, and hit someone standing 10 feet to my left - the gun IS broken (or at lea

Re: Yahoo DMARC breakage

Your post advocates a (*) technical ( ) legislative ( ) market-based ( ) vigilante approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state bef

Re: procmail, was autoresponding to Yahoo DMARC breakage

On 4/9/2014 9:21 PM, George Michaelson wrote: Aside from a horrid config notation. the main problem for me has always been getting sysadmins to include the changes which expose envelope-sender and envelope-recipient to procmail. Thats not procmail, its the way procmail is typically called. Withou

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 8:04 PM, Miles Fidelman wrote: On 4/9/2014 7:25 PM, Miles Fidelman wrote: > Yahoo! is choosing to apply the technology for usage scenarios that have >> long been known to be problematic. Again, they've made an > > In fact... it is too generous to say "known to be problemati

Re: Yahoo DMARC breakage

Hi Dave, On Wed, Apr 09, 2014 at 12:27:55PM -0500, Dave Crocker wrote: > But it's the result of an informed > corporate choice rather than software or operations error. Why do you think (it seems to me you've said it more than once) that this was "informed" choice? If I go to http://dmarc.org/,

Re: procmail, was autoresponding to Yahoo DMARC breakage

Aside from a horrid config notation. the main problem for me has always been getting sysadmins to include the changes which expose envelope-sender and envelope-recipient to procmail. Thats not procmail, its the way procmail is typically called. Without it, some stuff simply cannot be done because y

Re: procmail, was autoresponding to Yahoo DMARC breakage

On 4/9/2014 5:45 PM, George Michaelson wrote: procmail is a rewrite of MMDF mailfilter. badly. Thanks, but I believe it slightly preceded MMDF's equivalent facility. On the average, Allman put comparable features into sendmail sooner than I did. Procmail's user interface, if you can call it

Re: autoresponding to Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 6:11 PM, wrote: and just how is an algorithm supposed to detect that is a single human and not a list? If the autoresponder is sane, it looks for: List-Id: North American Network Operators Group Yes, there are a lot of headers that give you a hint t

Re: Yahoo DMARC breakage

Dave Crocker wrote: On 4/9/2014 7:25 PM, Miles Fidelman wrote: Dave Crocker wrote: Everything they are doing is "legal". Your (possibly entirely valid) assessment that their action is ill-advised or unpleasant does not equal broken. Well, sort of - given that DMARC is still an Internet draft

Re: Yahoo DMARC breakage

On 4/9/2014 7:25 PM, Miles Fidelman wrote: Dave Crocker wrote: Everything they are doing is "legal". Your (possibly entirely valid) assessment that their action is ill-advised or unpleasant does not equal broken. Well, sort of - given that DMARC is still an Internet draft, not even an experim

Re: Yahoo DMARC breakage

Dave Crocker wrote: On 4/9/2014 3:05 PM, John Levine wrote: In article <5345831b.4030...@dcrocker.net> you write: Their implementation is not 'broken'. I'd say it's pretty badly broken if Yahoo intends for their web mail to continue to be a general purpose mail system for consumers. If they w

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 8:12 PM, William Herrin wrote: > On Wed, Apr 9, 2014 at 6:11 PM, wrote: >> and just how is an algorithm supposed to detect that >> is a single human and not a list? > > If the autoresponder is sane, it looks for: > > List-Id: North American Network Operato

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 8:02 PM, Jeff Kell wrote: >> Date: Wed, 9 Apr 2014 18:22:51 -0500 >> From: Larry Sheldon >> Organization: Maybe tomorrow >> User-Agent: Mozilla/5.0 (Windows NT 5.1; >> rv:24.0) Gecko/20100101 Thunderbird/24.4.0 >> To: >> Subject:

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 6:11 PM, wrote: > and just how is an algorithm supposed to detect that > is a single human and not a list? If the autoresponder is sane, it looks for: List-Id: North American Network Operators Group List-Unsubscribe:

Re: Yahoo DMARC breakage

ke your pick, but my point remains, it still retains: Date: Wed, 9 Apr 2014 18:22:51 -0500 From: Larry Sheldon Organization: Maybe tomorrow User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 To: Subject: Re: Yahoo DMARC breakage And I'm nowhere mentioned.

Re: Yahoo DMARC breakage

er mail clients can provide "list links" based on the List- headers, but few if any actually do. So take your pick, but my point remains, it still retains: > Date: Wed, 9 Apr 2014 18:22:51 -0500 > From: Larry Sheldon > Organization: Maybe tomorrow > User-Agent: Mozilla/5.0 (Window

Re: autoresponding to Yahoo DMARC breakage

On 4/9/2014 5:45 PM, George Michaelson wrote: procmail is a rewrite of MMDF mailfilter. badly. Thanks, but I believe it slightly preceded MMDF's equivalent facility. On the average, Allman put comparable features into sendmail sooner than I did. Of course, my design's were sooo much bett

Re: Yahoo DMARC breakage

On 4/9/2014 5:11 PM, bmann...@vacation.karoshi.com wrote: On Wed, Apr 09, 2014 at 05:49:27PM -0400, Jeff Kell wrote: The most "sane" out-of-mind response should only be sent *if* the out-of-mind person is named explicitly as a recipient in the RFC822 header. Anything To: somelist@somehost does

Re: autoresponding to Yahoo DMARC breakage

This highly effective trick was in the procmail example vacation script in 1991, and doubtless goes back much farther than that. It's a little dismaying to hear that there are still people writing autoresponders who don't know about it. what is procmail? The scriptable mail delivery agent tha

Re: autoresponding to Yahoo DMARC breakage

procmail is a rewrite of MMDF mailfilter. badly. On Thu, Apr 10, 2014 at 8:42 AM, Christopher Morrow wrote: > On Wed, Apr 9, 2014 at 6:27 PM, John R. Levine wrote: > >>> The most "sane" out-of-mind response should only be sent *if* the > >>> out-of-mind person is named explicitly as a recipien

Re: autoresponding to Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 6:27 PM, John R. Levine wrote: >>> The most "sane" out-of-mind response should only be sent *if* the >>> out-of-mind person is named explicitly as a recipient in the RFC822 >>> To: header. Anything To: somelist@somehost does not qualify :) > > > This highly effective trick

Re: hack #2 for Yahoo DMARC breakage

2: introduce an "Original Authentication Results" header to indicate you have performed the authentication and you are validating it This was someone's hack that doesn't work. The idea is that you make an RFC5451 Authentication-Results header for the incoming message, change the name to origi

Re: autoresponding to Yahoo DMARC breakage

The most "sane" out-of-mind response should only be sent *if* the out-of-mind person is named explicitly as a recipient in the RFC822 To: header. Anything To: somelist@somehost does not qualify :) This highly effective trick was in the procmail example vacation script in 1991, and doubtless go

Re: Yahoo DMARC breakage

On 4/9/2014 6:11 PM, bmann...@vacation.karoshi.com wrote: > On Wed, Apr 09, 2014 at 05:49:27PM -0400, Jeff Kell wrote: >> The most "sane" out-of-mind response should only be sent *if* the >> out-of-mind person is named explicitly as a recipient in the RFC822 >> header. Anything To: somelist@someho

Re: Yahoo DMARC breakage

On Wed, Apr 09, 2014 at 05:49:27PM -0400, Jeff Kell wrote: > > The most "sane" out-of-mind response should only be sent *if* the > out-of-mind person is named explicitly as a recipient in the RFC822 > header. Anything To: somelist@somehost does not qualify :) > > Jeff and just how is an

Re: Yahoo DMARC breakage

On 4/9/2014 3:05 PM, John Levine wrote: In article <5345831b.4030...@dcrocker.net> you write: Their implementation is not 'broken'. I'd say it's pretty badly broken if Yahoo intends for their web mail to continue to be a general purpose mail system for consumers. If they want to make it somet

Re: Yahoo DMARC breakage

> The most "sane" out-of-mind response should only be sent *if* the > out-of-mind person is named explicitly as a recipient in the RFC822 > header. Anything To: somelist@somehost does not qualify :) Funny story: When I was at IBM I filed that as a bug with Lotus Notes. The Notes team rejected t

Re: Yahoo DMARC breakage

On 4/9/2014 5:24 PM, valdis.kletni...@vt.edu wrote: > On Wed, 09 Apr 2014 17:15:59 -0400, William Herrin said: > >> Meh. This just means list software will have to rewrite the From >> header to "From: John Levine " and rely on the >> Reply-To header for anybody who wants to send a message back to t

Re: Yahoo DMARC breakage

On Wed, 9 Apr 2014, valdis.kletni...@vt.edu wrote: On Wed, 09 Apr 2014 17:15:59 -0400, William Herrin said: Meh. This just means list software will have to rewrite the From header to "From: John Levine " and rely on the Reply-To header for anybody who wants to send a message back to the origin

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 5:15 PM, William Herrin wrote: > On Wed, Apr 9, 2014 at 4:05 PM, John Levine wrote: >> I'd say it's pretty badly broken if Yahoo intends for their web mail >> to continue to be a general purpose mail system for consumers. If >> they want to make it something else, that's c

Re: Yahoo DMARC breakage

On Wed, 09 Apr 2014 17:15:59 -0400, William Herrin said: > Meh. This just means list software will have to rewrite the From > header to "From: John Levine " and rely on the > Reply-To header for anybody who wants to send a message back to the > originator. > > Maybe this is a good thing - we can s

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 4:05 PM, John Levine wrote: > I'd say it's pretty badly broken if Yahoo intends for their web mail > to continue to be a general purpose mail system for consumers. If > they want to make it something else, that's certainly their right, but > it would have been nice if they'

Re: Yahoo DMARC breakage

In article <5345831b.4030...@dcrocker.net> you write: >On 4/9/2014 10:13 AM, Royce Williams wrote: >> Am I interpreting this correctly -- that Yahoo's implementation of >> DMARC is broken, such that anyone using a Yahoo address to participate >> in a mailing list is dead in the water? > > >Their im

Re: Yahoo DMARC breakage

> Confirmed across a variety of Mailman lists I administer. Mailman can be patched to reject/discard posts from members with p=reject. https://code.launchpad.net/~jimpop/mailman/dmarc-reject I'm sort of glad that Yahoo did what they did, people are now seeing the dark side of DMARC. WooHoo!! V

Re: Yahoo DMARC breakage

On 4/9/2014 10:13 AM, Royce Williams wrote: Am I interpreting this correctly -- that Yahoo's implementation of DMARC is broken, such that anyone using a Yahoo address to participate in a mailing list is dead in the water? Their implementation is not 'broken'. Rather, Yahoo has made a very con

Re: Yahoo DMARC breakage

On 04/09/14 07:13, Royce Williams wrote: > Am I interpreting this correctly -- that Yahoo's implementation of > DMARC is broken, such that anyone using a Yahoo address to participate > in a mailing list is dead in the water? > > http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html > htt

Re: Yahoo DMARC breakage

On Wed, Apr 09, 2014 at 07:13:47AM -0800, Royce Williams wrote: > Am I interpreting this correctly -- that Yahoo's implementation of > DMARC is broken, such that anyone using a Yahoo address to participate > in a mailing list is dead in the water? Yes. It seems that Yahoo wasn't content with just

Yahoo DMARC breakage

Am I interpreting this correctly -- that Yahoo's implementation of DMARC is broken, such that anyone using a Yahoo address to participate in a mailing list is dead in the water? http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html http://www.theregister.co.uk/2014/04/08/yahoo_breaks_eve