[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Fri, Feb 17, 2017 at 07:39:31PM +0000, Alex Charrett via list wrote: > >however on a note relating to yahoo it has apparently been hacked again. > >So if no one is using yahoo or aol surely we can go back to the previous > >settings and encourage people to use alternative services for e-mail. > > The other side of the coin is that Yahoo! have been well involved in > driving both standards and adoption of sender authentication methods > over the years, and it's really not just them who have deployed > DMARC. This is true, but Yahoo and AOL have set a more strict DMARC policy than many other large senders. They basically tell any mail server: if you see an email that pretends to come from us (i.e. has a Yahoo or AOL email address in the From: header) and you can't verify the DKIM signature, then block it as spam. Mailing lists, by adding a footer and often modifying the header, break DKIM, that's why this is an issue. It all boils down to the fact that email was designed when the internet was so small, you could just trust that what it said in the From: header was correct. > Forwarding of emails by third parties (such as mailing lists and > people who sell domains and do email forwarding) is certainly a > challenge for sender authentication. It would be great if SRS was > more widley adopted, but that will rewrite the envelope too. > https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme I don't think this would help with these DMARC issues. SRS is more of an SPF thing. Martijn. -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq