On Apr 21, 2014, at 4:00 AM, Christian Huitema <huitema@xxxxxxxxxxxxx> wrote: >> The issue with @yahoo.com and DMARC is not the @yahoo.com users' ability >> to receive mail, it's their ability to send mail to the list with From: >> *@yahoo.com and have it be received by list subscribers who implement >> strict DMARC policies which honor Yahoo!'s p=reject. >> >> It's not clear how setting the @yahoo.com users to digest mode helps >> this situation at all. > > It probably does not. Trying analyze the various positions with a cool head, the obvious conclusion is that hard problems don't have easy answers. > > The current mailing list practice has the mailing list as sender, and the original message composer described in the From field. The receiver sees something like: > > Sender: ietf <ietf-bounces@xxxxxxxx> > From: Christian Huitema <huitema@xxxxxxxxxxxxx> > … > > Of course, that particular construct could easily be abused. A phishing message does not differ much from a mailing list message: > > Sender: postmaster <postmaster@xxxxxxxxxxxxxxxxxxx> > From: Christian Huitema <huitema@xxxxxxxxxxxxx> > … Right. As a mailing list provider, we have a way to make our lists work: From: IETF mailing list on behalf of Christian Huitema <ietf@xxxxxxxx> ... The downside is that clicking “Reply” sends a message to the list rather than to Christian, which seems OK, but is a change of behavior. In fact it gives no natural way to reply directly (and off-list) to Christian, unless the original sender is added in CC: or Reply-To: fields. Yoav