No The receiver acted as the DMARC policy told him to.
Exceptions to the rule needs to be carefully understood and remain as exceptions. In that case PayPal CAN know and correct the problem so they should and not the receiver. Toute connaissance est une réponse à une question. On Feb 27, 2013, at 12:25 PM, "John Levine" <[email protected]> wrote: >>> This isn't a minor nit-picking about wording. Using a label that has the >>> semantic of >> abuse, for an action that is entirely legitimate, continues to confuse >> discussion about >> actual abuse. >> >> Considering the domain under discussion is using DMARC with a p=reject >> policy, we're left in >> a situation where the domain owner is clearly stating that unauthorized use >> of the domain is >> disallowed. Because PayPal is using the domain anyway, that puts them into >> the bucket of >> "abuser", their practice is "spoofing", and "actual abuse" is a subjective >> term. > > No, we're seeing a situation where the DMARC record makes an incorrect > and misleading assertion about the sender's actual policy. > > Paypal sent a real message about a genuine transaction authorized by a > real user with a real account that he went through considerable effort > to set up. There is nothing spoofed or abusive about it. Publishing > a TXT record that conflicts with that doesn't change the reality, it > just means that the TXT record is wrong. > > We had this same argument at great length with the SPF fanatics, who > insisted that any usage of SMTP that couldn't be described by SPF -all > was the fault of SMTP users rather than a limitation of SPF. Could we > please not have it again now? > > R's, > John > _______________________________________________ > dmarc-discuss mailing list > [email protected] > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well terms > (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
