On Mon, Apr 14, 2014 at 6:21 PM, Scott Howard <scott@doc.net.au> wrote:
On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch <jimpop@gmail.com> wrote:
7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the last full week before the US tax filing deadline.
The change was made on the previous Friday, so that date is largely irrelevant.
7-April: OpenSSL's *public* advisory (after a full week of private notifications, of which yahoo surely was one tech company in on the early notifications)
Given that many of their main services were vulnerable at the time of public disclosure, I think that's a very large assumption to make...
If nothing else, I suspect the odds of it being known by the same people that made the DMARC decision/changes is low.
I think you are right on that, but that doesn't change the fact that the sum of those things overburdened a lot of mailinglist operators. It is what it is, and the press has covered it and mailinglists are blocking/unsub'ing yahoo accounts in order to cope. -Jim P.