Jim Popovitch writes: > Unless I am mistaking things, the sheer irony here is that Yahoo's > bastardized version of DMARC, which is necessary to stave off > collateral damage from their past security breach(es?), needs to be > further augmented with even less user security in order to be secure.
I don't see why the OAuth version of John's proposal would be less secure. If you want real irony, look no farther than Yahoo! Groups' From: header field. Yahoo! is using DMARC to get "yahoo.com" out of the From: field in list traffic, and Groups is putting it right back in. _______________________________________________ Mailman-Developers mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
