[Mailman-Users] Add PayPal to DNs publishing DMARC p=reject

Joseph Brennan brennan at columbia.edu
Tue May 6 18:30:08 CEST 2014

"Stephen J. Turnbull" <stephen at xemacs.org> wrote:

> No, the point is that a phishing mail with
>     From: Chase Bank Customer Service <service at chase.com.invalid>
> will sail right past DMARC, as currently set up

It will sail past people using modern mail clients, too, by which I include 
web mail and Outlook, since those people will see some variation on this--

  From: Chase Bank Customer Service

--so that it hardly matters what address is in the From line. This rewrite--

  From: "Chase Bank Customer Service service at chase.com" 
<service at chase.com.invalid>

--would produce a more informative result, and just about honor RFC 5322 
where it says the mailbox of the author of the message should be in the 
"From:" field.

But this is the Mailman discussion list.

Joseph Brennan
Columbia University Information Technology

More information about the Mailman-Users mailing list