Yahoo Mail Update

Rob Szarka szlists at
Sun Apr 13 10:27:03 UTC 2008

At 01:58 AM 4/13/2008, you wrote:
>Why should large companies participate here about mail issues? Last I
>checked this wasn't the mailing list for these issues:

True, though some aspects of mail service are inextricably tied to 
broader networking issues, and thus participation here might still 
benefit them. But sadly Yahoo doesn't even seem to participate in 
more relevant forums, such as the spam-l list.

>But lets just say for a second this is the place to discuss company
>xys's mail issue. What benefit do they have participating here? Likely
>they'll be hounded by people who have some disdain for their company
>and no matter what they do they will still be evil or wrong in some

I've never seen someone treated badly for trying to help resolve 
problems. I think we all know that it can be hard to get things done 
within a large company and that often the folks who participate on a 
list like this are taking on work that isn't strictly speaking "their 
job" when they try to help resolve mail issues. And when a large 
company that was a mess does a turnaround, they also get praised: 
just look at the many positive comments about AOL on this and other 
lists over the past few years.

>It is easy for someone who has 10,000 users to tell someone who has 50
>million users what to do when they don't have to work with such a
>large scale enterprise.

I wouldn't presume to tell them how to accomplish something within 
their particular configuration. But I will, without apology, tell 
them that they need to accomplish it. For example, I'm quite 
comfortable saying that Earthlink should follow the minimum timeouts 
in RFC 1123, though I wouldn't presume to guess whether they should 
accomplish that by having separate fast and slow queues on different 
servers, on the same server, or not at all. Likewise, a working abuse 
role account is a minimum requirement for participation in the 
Internet email system, and I'm comfortable saying that the email it 
receives should be read by a competent human.

>I find it funny when smaller companies always tell larger companies
>what they need to be doing.

When what the larger companies do enables criminal behavior that 
impacts the very viability of the smaller companies through de factor 
DoS attacks, it's not funny at all. Yahoo, for example, has chosen a 
business model (free email with little to no verification) that 
inevitably leads to spam being originated from their systems. Why 
should they be able to shift the cost of their business model to me, 
just because I run a much smaller business?

More information about the NANOG mailing list