[Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

Peter Shute pshute at nuw.org.au
Mon May 5 10:24:59 CEST 2014

> On 5 May 2014, at 4:59 pm, "Stephen J. Turnbull" <stephen at xemacs.org> wrote:
> Peter Shute writes:
>> How does Yahoo's DMARC policy reduce the benefit of Paypal's?
>> Because servers can't follow the reject recommendation without
> No, it's because users get used to ignoring warnings about DMARC
> issues.  If it was *only* your bank, you'd learn to pay attention to
> them.  But when you (FVO "you" susceptible to phishing in the first
> place, of course!) see a pile of DMARC workarounds every day for 70%
> of your correspondents, how do you respond to this?

Sorry, what does FVO stand for?

>    All of our mail to you have come back to us due to DMARC rejects,
>    so we need to use this unusual address.
>    Please confirm your blah-blah-blah by clicking <here> and logging
>    in to our secure site.
> 2% of AOL customers will respond by clicking, at last report. :-(

They get a warning? I thought it just bounced, and the intended recipient never knew.
>> And does the emergence of legitimate p=reject policies mean it's
>> now less likely Yahoo and AOL will back down?
> What makes you think the banks didn't start doing this ages ago?
> Apparently they merely haven't made an explicit announcement.
I wondered about that. Anyone know?

Peter Shute

More information about the Mailman-Users mailing list