A Community Devoted to the Preservation and Practice of Celestial Navigation and Other Methods of Traditional Wayfinding
Date: 2014 Apr 9, 09:17 -0700
This message affects EMAIL RECIPIENTS of individual NavList messages ONLY. If you follow NavList messages via the message boards, or you receive a daily digest email, you are not affected. If this message DOES apply to you, please read it all.
A portion of NavList members receive copies of individual NavList messages by email. This is the traditional "mailing list" side of NavList messages. Unfortunately, traditional mailing lists are an archaic technology in the Internet world, and there is a rapidly changing standard in email delivery which will soon break some minor aspects of this capability. They're closing the biggest security hole in online communications: "spoofing" of email sender addresses. Here's an accessible article on a recent adoption of this by Yahoo's email servers:
http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html. You can also do an Internet search on "DMARC Yahoo" for more articles and some rants, too.
The problem for mailing lists is that they have always, from their origins over twenty years ago, functioned by "spoofing" sender email addresses. For example, if member "James X" posts a message to a mailing list, the software that reads incoming messages, known to the Ancients as a "listserve", performs various tasks on the messages, like validating posting privileges, reformatting, adding an identifying tag to the subject line, modifying attachments, and so on, and then that software re-sends the message to anyone who has subscribed for email delivery of messages. Traditionally the "From:" in the email is set to match the email address of the original sender, for example "JamesX9901...@yahoo.com". In effect, the software "pretends" to be the original email sender. This is called "spoofing". But within the past decade, this "spoofing" of the sending address has become an important tool of scam artists and criminals. It's not hard to see how this is done, and I am sure all of you have received an email apparently sent from a friend, but misleading in some way. Email services have put up with this spoofing, primarily to support the dying business of traditional mailing lists.
While it is very possible that email services will back off from this policy change, I don't think it's likely. I have already seen a couple of traditional mailing lists modifying their distribution systems in the past 24 hours under the assumption that this change is permanent (e.g. SeeSat-L). While Yahoo may temporarily relax its policies, this issue of email "spoofing" is one of the most significant problems with email security, and traditional mailing list users are too small a community to worry about. We're better off with the change than without it. Within a year I expect that most major email providers will adopt the same "DMARC reject" policies.
CHANGES FOR NAVLIST EMAILS:
There are various ways to handle this. I plan to modify the sending email addresses of outgoing individual email to something that originates with the actual Internet domain of NavList, namely "fer3.com". In order to support older email clients, the apparent sending email addresses will be formatted to include the original sender's name, for example "FrankReed.NoReply@fer3.com". This will not be an actual email address, and the "Reply-To:" address for NavList emails will remain the group address. The only real change is that you will see messages arriving from new email addresses from people whom you may have known for years under other email addresses. This also means that you will not be able to reply directly to email messages "off-list", as they used to say, except by digging up the actual email address of the sender, which you probably have in your stored email somewhere. You WILL be able to use the "Reply-to-Author" function on the message boards for private communications like this.
If you use Yahoo email, or your email is hosted indirectly by Yahoo, you have probably missed some messages in the past 36 hours. Please visit the NavList message boards at http://fer3.com/arc to see if there's anything of interest that did not reach you by email.
Finally, just a reminder that NavList is NOT a "mailing list". NavList is NOT a "list" at all. NavList is a group, a community, a service, an activity --you name it! ...which, like "Craigslist", retains an echo of its origins in its name. But this "service" has not been primarily delivered as a traditional "mailing list" for over five years. So please stop using expressions like "searched the list", "posted to the list", "discussed off-list", and so on. There are simple, real-world alternatives to all of these. Some examples would be "searched the message archives", "posted a message", and "discussed privately".
PS: When one NavList member asked me by email about this issue yesterday, I had two theories: 1) DMARC policy 2) spam filtering. I decided to answer that email with theory "2" because it's simpler to explain and it would have been "nice" if that's all it was, but this "DMARC policy" change has been looming for a couple of years, and it does not surprise me.
[Sent from the message boards by: FER.admin]
NavList message boards and member settings: www.fer3.com/NavList
Members may optionally receive posts by email.
To cancel email delivery, send a message to NoMail[at]fer3.com