[obol] Re: IMPORTANT WORD from the Moderators, please do not ignore!
- From: "Tom Crabtree" <tc@xxxxxxxxxx>
- To: <deweysage@xxxxxxxxxxxx>, "'OBOL'" <obol@xxxxxxxxxxxxx>
- Date: Sun, 13 Apr 2014 13:29:17 -0800
Dave, this is a smart move on your part. Yahoo was the host of my office's
email server. When they changed things, our internal server crashed. It
took two weeks, over $6,000 in tech bills and a switch to GoDaddy.com before
we got up and running again. If you try to deal with it internally you are
going to create nothing but trouble.
Tom Crabtree, Bend
From: obol-bounce@xxxxxxxxxxxxx [mailto:obol-bounce@xxxxxxxxxxxxx] On Behalf
Of DJ Lauten and KACastelein
Sent: Sunday, April 13, 2014 11:30 AM
To: OBOL
Subject: [obol] IMPORTANT WORD from the Moderators, please do not ignore!
Hello folks,
We apologize for this notice and the potential outcomes, but we are doing
our best to deal with a difficult technical situation.
Along with all other listservs across the world, OBOL has been affected by a
recent change in security from Yahoo. OBOL moderators have been scrambling
to take care of members getting bounced and to come up with a fix.
A good explanation from slashdot.com is copied below, if you are interested
in reading more about what is going on. You can also google Yahoo DMARC.
Unfortunately, everything we have read and been told by experts is that this
security change within Yahoo is "breaking mailing lists all over the world"
and the only solution is to ban Yahoo users from joining the list, and to
ask them to sign up with another email address such as gmail.
If you notice that you suddenly stop receiving emails from OBOL or that your
posts are not appearing, please contact us right away.
If you are subscribed to OBOL using a Yahoo address, please contact us right
away.
In the next few days, we will be trying to contact all of our Yahoo users
and discuss options with them.
If your have a msn or comcast account, you may also have been effected BUT
it is not an msn and comcast problem so there should be no need to make any
changes if you use those services. The change is yahoo has caused problems
with these service providers also.
Please remember this is not something the moderators have control over, and
we are trying our best to find solutions. Please be patient with us!
Thanks
OBOL Moderators
On April 8, Yahoo implemented a new DMARC policy that essentially bars any
Yahoo user from accessing mailing lists hosted anywhere except on Yahoo and
Google. While Yahoo is the initiator, it also affects Comcast, AT&T, Rogers,
SBCGlobal, and several other ISPs.
Internet Engineering Council expert John R. Levine, a specialist in email
infrastructure and spam filtering, said, 'Yahoo breaks every mailing list in
the world including the IETF's
<http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html> ' on the
Internet Engineering Task Force (IETF) list.
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a
two-year-old proposed standard that is intended to curb email abuse,
including spoofing and phishing. Unfortunately, as implemented by Yahoo, it
claims most mailing list users as collateral damage. Messages posted to
mailing lists (including listserv, mailman, majordomo, etc) by Yahoo
subscribers are blocked when the list forwards them to other Yahoo (and
other participating ISPs) subscribers. List members not using Yahoo or its
partners are not affected and will receive posts from Yahoo users. Posts
from non-Yahoo users are delivered to Yahoo members. So essentially those
suffering the most are Yahoo's (and Comcast's, and AT&T's, etc) own
customers. Their best proposed solution is to ban Yahoo email users from
mailing lists and encourage them to switch to other ISPs."
"I noticed this because I got a blizzard of bounces from my church mailing
list, when a subscriber sent a message from her yahoo.com account, and the
list got a whole bunch of rejections from Gmail, Hotmail, Comcast, and Yahoo
itself. This is definitely a DMARC problem, the bounces say so," says
Levine.
This weakness in the mailing lists is not just restricted to only the Yahoo!
subscribers, in fact the subscribers at Gmail, Hotmail, Comcast etc are also
facing it. There are a number of different bounces that people are reporting
due to Yahoo publishing a DMARC record of p=reject.
"Since Yahoo mail provokes bounces from lots of other mail systems, innocent
subscribers at Gmail, Hotmail, etc. not only won't get Yahoo subscribers'
messages, but all those bounces are likely to bounce them off the lists,"
Levin says, adding, "A few years back we had a similar problem due to an
overstrict implementation of DKIM ADSP, but in this case, DMARC is doing
what Yahoo is telling it to do.
"HOW TO KEEP YOUR 'MAILING LIST' UP!
Levine offers three suggestions for people who run mailing lists or other
mail software that might legitimately pass on a yahoo.com message, to
improve the condition:
* Suspend posting permission of all yahoo.com addresses, to limit
damage
* Tell Yahoo users to get a new mail account somewhere else, pronto,
if they want to continue using mailing lists
* If you know people at Yahoo, ask if perhaps this wasn't such a good
idea.
It might sound like a perfectly reasonable security measure, Yahoo should
consider reversing the change.
Other related posts:
