[Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

[Larry Finch]

On May 4, 2014, at 4:07 PM, Lindsay Haisley <fmouse at fmp.com> wrote:

> $ dig +short -t txt _dmarc.paypal.com
> "v=DMARC1\; p=reject\; rua=mailto:d at rua.agari.com\; ruf=mailto:dk at bounce.paypal.com,mailto:d at ruf.agari.com"
> 
> This probably is a problem of lesser magnitude than Yahoo! and AOL since
> few list posts will come from PayPal, or be delivered to such an address
> from a list.  It might, however, occur by accident, or by a future
> change whereby PayPal account holders to use their DN, and although I
> can't imagine PayPal doing this, nothing seems to be sacrosanct or
> certain in the Wild, Wild West that is the Internet.  
> 
> It's more likely that a list might add a PayPal general customer
> notifications address of some sort to a list, with nomail set, for the
> benefit of other list subscribers.

This is probably the first actual practical application of DMARC p=reject that I have seen. Unfortunately, Yahoo’s and AOL’s abuse of DMARC will tend to neutralize the benefit of DMARC to financial institutions who have a really serious spoofing problem.

best regards,
Larry

--
Larry Finch
finches at portadmiral.org