[Mailman-Users] Add PayPal to DNs publishing DMARC p=reject
Lindsay Haisley
fmouse at fmp.com
Sun May 4 22:34:40 CEST 2014
On Sun, 2014-05-04 at 16:14 -0400, Larry Finch wrote:
>
> On May 4, 2014, at 4:07 PM, Lindsay Haisley <fmouse at fmp.com> wrote:
>
> > $ dig +short -t txt _dmarc.paypal.com
> > "v=DMARC1\; p=reject\; rua=mailto:d at rua.agari.com\; ruf=mailto:dk at bounce.paypal.com,mailto:d at ruf.agari.com"
> >
> > This probably is a problem of lesser magnitude than Yahoo! and AOL since
> > few list posts will come from PayPal, or be delivered to such an address
> > from a list. It might, however, occur by accident, or by a future
> > change whereby PayPal account holders to use their DN, and although I
> > can't imagine PayPal doing this, nothing seems to be sacrosanct or
> > certain in the Wild, Wild West that is the Internet.
> >
> > It's more likely that a list might add a PayPal general customer
> > notifications address of some sort to a list, with nomail set, for the
> > benefit of other list subscribers.
>
> This is probably the first actual practical application of DMARC
> p=reject that I have seen. Unfortunately, Yahoo’s and AOL’s abuse of
> DMARC will tend to neutralize the benefit of DMARC to financial
> institutions who have a really serious spoofing problem.
Add also:
chasebank.com
bankone.com
jpmorgan.com
... just random hits checking on financial institutions.
--
Lindsay Haisley | "Everything works if you let it"
FMP Computer Services |
512-259-1190 | --- The Roadie
http://www.fmp.com |
More information about the Mailman-Users
mailing list