Thanks! That's (in a way) good to know. Unfortunately I don't really have much in the way of contextual information since Google apps doesn't provide forensic failure reports for DMARC. On the other hand, if this is a genuine Paypal system in action, I can be confident that there's only one Paypal account under the symposion.co.uk account (mine), so that should probably help them track it down. I have just had a confirmation that a refund I made has been issued via eCheque to someone, so I wonder if it was something to do with that. Do the relevant Paypal folks read this list or should I contact them independently?
Cheers, Lucian -- Lucian Holland Sent with Sparrow (http://www.sparrowmailapp.com/?sig) On Wednesday, 27 February 2013 at 14:58, Tim Draegen wrote: > On Feb 27, 2013, at 3:43 AM, Lucian Holland <[email protected] > (mailto:[email protected])> wrote: > > So it looks like PayPal is trying to spoof me! Is this a known issue with > > some elements of Paypal's systems vs DMARC, a sign of something more > > sinister, or just me misunderstanding? > > > > Hi Lucian, your interpretation is correct. PayPal did have a few > applications/systems that spoofed customer domains in the From: header and > essentially broke DMARC. Rumor had it that PayPal had corrected all of those > applications/systems, but perhaps you've uncovered an as-of-yet-not upgraded > system. > > The apps/systems I've seen this happen on were billing/invoicing systems. > I'm positive that the PayPal folks act to correct this if any more contextual > info could be provided! > > HTH, > =- Tim >
_______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
