[Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

Lindsay Haisley fmouse at fmp.com
Sun May 4 22:34:40 CEST 2014

On Sun, 2014-05-04 at 16:14 -0400, Larry Finch wrote:
> On May 4, 2014, at 4:07 PM, Lindsay Haisley <fmouse at fmp.com> wrote:
> > $ dig +short -t txt _dmarc.paypal.com
> > "v=DMARC1\; p=reject\; rua=mailto:d at rua.agari.com\; ruf=mailto:dk at bounce.paypal.com,mailto:d at ruf.agari.com"
> > 
> > This probably is a problem of lesser magnitude than Yahoo! and AOL since
> > few list posts will come from PayPal, or be delivered to such an address
> > from a list.  It might, however, occur by accident, or by a future
> > change whereby PayPal account holders to use their DN, and although I
> > can't imagine PayPal doing this, nothing seems to be sacrosanct or
> > certain in the Wild, Wild West that is the Internet.  
> > 
> > It's more likely that a list might add a PayPal general customer
> > notifications address of some sort to a list, with nomail set, for the
> > benefit of other list subscribers.
> This is probably the first actual practical application of DMARC
> p=reject that I have seen. Unfortunately, Yahoo’s and AOL’s abuse of
> DMARC will tend to neutralize the benefit of DMARC to financial
> institutions who have a really serious spoofing problem.

Add also:


... just random hits checking on financial institutions.

Lindsay Haisley       | "Everything works if you let it"
FMP Computer Services |
512-259-1190          |          --- The Roadie
http://www.fmp.com    |

More information about the Mailman-Users mailing list