Return-Path: X-Original-To: apmail-infrastructure-dev-archive@minotaur.apache.org Delivered-To: apmail-infrastructure-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CF70610D78 for ; Sun, 1 Jun 2014 23:18:00 +0000 (UTC) Received: (qmail 72321 invoked by uid 500); 1 Jun 2014 23:18:00 -0000 Delivered-To: apmail-infrastructure-dev-archive@apache.org Received: (qmail 72177 invoked by uid 500); 1 Jun 2014 23:18:00 -0000 Mailing-List: contact infrastructure-dev-help@apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: infrastructure-dev@apache.org Delivered-To: mailing list infrastructure-dev@apache.org Received: (qmail 72167 invoked by uid 99); 1 Jun 2014 23:18:00 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Jun 2014 23:18:00 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=10 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of sebbaz@gmail.com designates 209.85.212.182 as permitted sender) Received: from [209.85.212.182] (HELO mail-wi0-f182.google.com) (209.85.212.182) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Jun 2014 23:17:55 +0000 Received: by mail-wi0-f182.google.com with SMTP id r20so3693055wiv.9 for ; Sun, 01 Jun 2014 16:17:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=GkJ6QQEiVNVKsZ7g55uBBw8X6qJa6J6x22uarVJH1iU=; b=j7IcHOA80RAPWOW142WIXUVwx7tCnnMNszxouRc9A7F7y8nDcmRxFVK2Z6Jr7eGfDz QYlLDnsy8gzXF5tJRCpFvXExmoZfj5U5mUVQlIyrewLSC3Xx2UC7bdM1U8zpWma65Kt5 ydi0loMSaiYbrvzcYE94lMBIWkVKZzhXcaR/zxIwHHbLa+SZNjQe1v89UropmQW2xptU 7+n+tci/r1cmdi+wWg1BErmmMuzZ6FkVkhVj8/38dLrePQOpQQ/+icI6CGX//A6z7IN0 c4ZbCzEtpJTdsnF9CqmW2tduTjYtftLr34LNsWeSwcUYoFqwNoXXCmHZh/3fl+yqhijG 4CHA== MIME-Version: 1.0 X-Received: by 10.180.38.107 with SMTP id f11mr16841056wik.59.1401664654088; Sun, 01 Jun 2014 16:17:34 -0700 (PDT) Received: by 10.194.237.9 with HTTP; Sun, 1 Jun 2014 16:17:34 -0700 (PDT) In-Reply-To: <1401663850.81707.YahooMailNeo@web121802.mail.ne1.yahoo.com> References: <1401639844.51793.YahooMailNeo@web121806.mail.ne1.yahoo.com> <1401658062.64852.YahooMailNeo@web121802.mail.ne1.yahoo.com> <1401663157.3548.YahooMailNeo@web121801.mail.ne1.yahoo.com> <1401663850.81707.YahooMailNeo@web121802.mail.ne1.yahoo.com> Date: Mon, 2 Jun 2014 00:17:34 +0100 Message-ID: Subject: Re: [DISCUSS] Y! DMARC solution preferences From: sebb To: Joe Schaefer Cc: "infrastructure-dev@apache.org" Content-Type: text/plain; charset=UTF-8 X-Virus-Checked: Checked by ClamAV on apache.org On 2 June 2014 00:04, Joe Schaefer wrote: > board@, members@, infrastructure@, dev@httpd are fine as-is. > About half of them need no changes, but many of those > that do are public, like this list. > I cannot say I have noticed a difference between infra and infra-dev. What are that infra-dev feature(s) that would need to be dropped? > > > On Sunday, June 1, 2014 7:01 PM, sebb wrote: > > > > On 1 June 2014 23:52, Joe Schaefer wrote: >> Talking to a few people about this privately, it seems that >> there is a perception that munging Y! From headers is the >> least invasive option of the two. >> >> But this is a brand-spanking new issue and it's hard to gauge >> how service providers will react. Y! could step back, or others >> could step on board. The only real future-proof option is to >> change list configs to no longer alter content or headers, but >> I want to let the community weigh in on their preferences before >> taking action. >> > > Are there examples of lists that don't change headers/content that we > can look at? > > >> >> >> On Sunday, June 1, 2014 5:28 PM, Joe Schaefer >> wrote: >> >> >>> >>> >>>If there are any questions or comments about this issue, >>>let's place them on this thread. >>> >>>The underlying issue is that in about mid-April Yahoo! (and now AOL) >>>changed their DNS-advertised DMARC policy for their domain to REJECT >>> messages that fail the DMARC tests (revolving around SPF and DKIM). SPF is >>>a non-issue for us currently, but DKIM is because it's a signed hash of >>> various headers and the message body itself- things which some of our lists >>> are configured to alter by choice. >>> >>>What the POLL offers is a choice of redress plan: either we can munge Y! >> >From addresses to avoid their DMARC policy check, or we can reconfigure >>>our lists not to alter the message in any way. It looks like Y! is >>> committed >>>to this policy change so the onus is on us, if we still want to ensure Y! >>> users' >>>messages are deliverable to us, to change how we operate roughly 50% of >>>our available lists. >>> >>> >>> >>> >>>On Sunday, June 1, 2014 12:24 PM, Joe Schaefer >>> wrote: >>> >>> >>>> >>>> >>>> >>>> >>>>Everyone is welcome to participate in this poll as >>>>it affects a wide cross-section of the org. Please >>>>cast your vote on one of the following 2 choices: >>>> >>>>[ ] - enable Y! "From" and "DKIM-Signature" header munging, >>>> impacting only Y! mailing list authors in a minimal way >>>> (see THIS MESSAGE's headers for actual details of the changes) >>>> >>>>[ ] - change configurations to "-FXT", disabling all message munging >>>> for everyone equally >>>> >>>>See corresponding discussion on infrastructure@ >>>>for details of affected lists and more information >>>>on the choices available. Thx. >>>> >>>> >>> >>> > >