>> If you blindly followed Linkedin's p=reject advice, you'd find yourself >> bounced off this list. Paypal realized that and fixed it
> Paypal staff don't subscribe to mailing lists with paypal.com addresses. How did Paypal fix this? Did they tell their employees not to subscribe to mailing lists with @paypal.com addresses and then get 100% compliance? Or, did they give their employees a subdomain (e.g., email.paypal.com) and give their corporate employees that subdomain to subscribe as they see fit, and not publish a DMARC record for it (or p=none)? -- Terry -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of John Levine Sent: Wednesday, February 26, 2014 2:12 PM To: [email protected] Subject: Re: [dmarc-discuss] Disposition none on policy reject when DKIM and SPF fail >> If Paypal says to reject, I'm inclined to do it. If it's Linkedin, >> I'm not. > >Both LinkedIn and PayPal are doing incredible work to make email more >resilient to fraud, and they both encounter similar issues. To some degree, although I see plenty of spam from Linkedin and no spam whatsoever from Paypal. If you blindly followed Linkedin's p=reject advice, you'd find yourself bounced off this list. Paypal realized that and fixed it, Linkedin knows about if and chooses not to fix it. So nobody sensible trusts Linkedin's advice unless they have elaborate meta-advice about when DMARC advice is credible and when it isn't. R's, John _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
