DMARC -> CERT?
scott at doc.net.au
Mon Apr 14 20:10:50 UTC 2014
On Mon, Apr 14, 2014 at 11:24 AM, Jim Popovitch <jimpop at gmail.com> wrote:
> DMARC hasn't cut down on yahoo spam so far. Yahoo's spam problem was
> (is?) centered on account hijacks.
I just checked my spam folder for the past month.
Out of about 80 messages "from" Yahoo, I can see about 3 that went via
Yahoo's mail servers. ie, >90% were/would have been blocked using DMARC.
Of course, I'm sure the spammers will simply start changing yahoo.com to
somethingelse.com once they realize - but from Yahoo's perspective, that's
obviously a positive.
Whilst I don't agree with the way that Yahoo has done this (particularly
around communication), I think the end result is only going to be positive.
At a high level it's no different than when people started rejecting mail
from hosts without PTR records, or when ISPs started blocking outbound port
25 - they both caused things to break, and both caused people to have to
take action to fix the brokenness, but in the long run they were both
More information about the NANOG