Jared Hall via users skrev den 2024-11-07 21:15:
1) Paypal's SPF is a little borked. Here's there first included SPF:
v=spf1 ip4:173.0.84.224/27 ip4:66.211.170.85/30 ip4:66.211.170.88/29
ip4:173.224.165.0/26 ip4:173.0.94.244/30 ip4:173.224.161.128/25
ip4:173.0.84.0/29 -all
its still not spf since the forged is not paypal domain in envelope
sender
Second entry looks funky with a .85/30 subnet. *Probably* should be
.84/30
if its valid its valid :)
overlapping ranges is another problem
2) The funky hostname you see in Return-Path is a result of the
Microsoft hacks we've all seen since Last November through June.
Obviously abusing Paypal; clever hackers.
Paypal should take responsibility and fix that also with Microsoft.
yes the selector in dkim should be disputed and public dns key should
not stay in dns, there is nothing more paypal can do about it
https://github.com/fastmail/mail-dkim/issues/35
Neither Microsoft or Paypal will do anything unless you advise them of
this - doubt PayPal even knows.
if the above perl module is fixed for this issue i belive thay will know
more
