ReturnPath on DMARC+Yahoo
Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.
Related Posts
Yahoo turns on images by default for RP certified IPs
- laura
- Mar 18, 2010
ReturnPath announced today that images and links from Return Path Certified senders are turned on by default in the Yahoo mail interface. This affects many of the other domains using Yahoo for mail hosting including Bellsouth, SBC, Rogers, BT Internet and Rocketmail.
Overall, I think this is something that Return Path can be proud of. Yahoo fiercely protects their users’ inboxes. They have even gone so far as to cancel contracts with certification companies when the level of certified clients was not to their standards. I have no doubt that this decision was made by looking at the quality of customers that Return Path are certifying and deciding that the certification is a meaningful and useful measure of the mail.
This speaks to the time and effort Return Path commits to both the initial certification process and the ongoing monitoring and compliance processes.
Fixing discussion lists to work with new Yahoo policy
- laura
- Apr 9, 2014
Al has some really good advice on how to fix discussion lists to work with the new Yahoo policy.
One thing I would add is the suggestion to actually check dmarc records before assuming policy. This will not only mean you’re not having to rewrite things that don’t need to be rewritten, but it will also mean you won’t be caught flat footed if (when?) other free mail providers start publishing p=reject.
A brief DMARC primer
- laura
- Apr 7, 2014
DMARC stands for Domain-based Message Authentication, Reporting and Conformance. What DMARC does is allow domain owners to publish policy statements in DNS telling receiver domains what to do with messages that do not authenticate. In addition, DMARC introduces the concept of “domain alignment.” What this means is that the authentication has to be from the same domain (or a sub-domain) as the address in the header-from: line. The idea behind DMARC is that organizational owners can use SPF and DKIM authentication to authenticate their actual domain in the header-from line. This moves authentication from a important but behind the scenes technology out to an end user visible technology.
Read More