Besides the backscatter AOL is creating and should stop, seems you should move your domain to p=reject to avoid that these spoofed emails get delivered to aol users and others...
Printed on recycled paper! > On May 11, 2014, at 19:34, "Scott Kitterman via dmarc-discuss" > <dmarc-discuss@dmarc.org> wrote: > > Over the last few days I've gotten a number of bounces like this, all from > AOL: > > Return-Path: <> > Received: from imb-d04.mx.aol.com (imb-d04.mx.aol.com [205.188.128.65]) > by qs3710.pair.com (Postfix) with ESMTPS id 51A76125427 > for <i...@kitterman.com>; Sun, 11 May 2014 13:05:39 -0400 (EDT) > Received: from mtaig-mca02.mx.aol.com (mtaig-mca02.mx.aol.com [172.26.221.66]) > (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) > (No client certificate requested) > by imb-d04.mx.aol.com (AOL Mail Bouncer) with ESMTPS id 12B0E38000AA > for <i...@kitterman.com>; Sun, 11 May 2014 13:05:39 -0400 (EDT) > Received: by mtaig-mca02.mx.aol.com (Internet Inbound) > id 0400770000087; Sun, 11 May 2014 13:05:39 -0400 (EDT) > Date: Sun, 11 May 2014 13:05:39 -0400 (EDT) > From: mailer-dae...@aol.com (Mail Delivery System) > Subject: Successful Mail Delivery Report > To: i...@kitterman.com > Auto-Submitted: auto-replied > MIME-Version: 1.0 > Content-Type: multipart/report; report-type=delivery-status; > boundary="8C34370000094.1399827939/mtaig-mca02.mx.aol.com" > Message-Id: <20140511170539.0400770000...@mtaig-mca02.mx.aol.com> > > This is a MIME-encapsulated message. > > --8C34370000094.1399827939/mtaig-mca02.mx.aol.com > Content-Description: Notification > Content-Type: text/plain; charset=us-ascii > > Your message was successfully delivered to the destination(s) > listed below. If the message was delivered to mailbox you will > receive no further notifications. Otherwise you may still receive > notifications of mail delivery errors from other systems. > > Please direct further questions regarding this message to your e-mail > administrator. > > --AOL Postmaster > > > <erica.bbr...@aim.com>: alias expanded > > --8C34370000094.1399827939/mtaig-mca02.mx.aol.com > Content-Description: Delivery report > Content-Type: message/delivery-status > > Reporting-MTA: dns; mtaig-mca02.mx.aol.com > X-Internet-Inbound-Queue-ID: 8C34370000094 > X-Internet-Inbound-Sender: rfc822; i...@kitterman.com > Arrival-Date: Sun, 11 May 2014 13:05:38 -0400 (EDT) > > Final-Recipient: rfc822; erica.bbr...@aim.com > Original-Recipient: rfc822;erica.bbr...@aim.com > Action: expanded > Status: 2.0.0 > Diagnostic-Code: X-Internet-Inbound; alias expanded > > --8C34370000094.1399827939/mtaig-mca02.mx.aol.com > Content-Description: Message Headers > Content-Type: text/rfc822-headers > > Return-Path: <i...@kitterman.com> > Received: from are-financed-errors.oilbrooklyn.com (safety-good- > sparkprovo.oilbrooklyn.com [199.175.55.32]) > by mtaig-mca02.mx.aol.com (Internet Inbound) with ESMTP id 8C34370000094 > for <erica.bbr...@aim.com>; Sun, 11 May 2014 13:05:38 -0400 (EDT) > Date: Sun, 11 May 2014 06:30:50 CDT > Mime-Version: 1.0 > X-MSGID:1 > Content-Type: text/html > From: Loan Department. <i...@kitterman.com> > To: erica.bbr...@aim.com > Subject: RE:Congratulations erica.bbrown $9500 Available For You! > x-aol-global-disposition: S > X-AOL-SCOLL-DMARC: mtaig-mca02.mx.aol.com ; domain : kitterman.com ; policy : > none ; result : F > Authentication-Results: mx.aol.com; > spf=fail (aol.com: the domain kitterman.com reports that 199.175.55.32 is > explicitly not authorized to send mail using it's domain name.) > smtp.mailfrom=kitterman.com; > dmarc=fail (aol.com: the domain kitterman.com reports that Neither SPF nor > DKIM align.) header.from=kitterman.com; > X-AOL-REROUTE: YES > x-aol-sid: 3039ac1add42536fade22f5e > X-AOL-IP: 199.175.55.32 > X-AOL-SPF: domain : kitterman.com SPF : fail > > --8C34370000094.1399827939/mtaig-mca02.mx.aol.com-- > > Dear AOL: please stop. This is brain dead. In case anyone is wondering, no > one from i...@kitterman.com sent erica.bbrown any mail telling here we had > $9500 available for her. > > I don't know for sure if this is related to DMARC or not, but the timing > seems > to be roughly in line with their rollout of DMARC p=reject. > > I have more if anyone wants to see them. > > Scott K > _______________________________________________ > dmarc-discuss mailing list > dmarc-discuss@dmarc.org > http://www.dmarc.org/mailman/listinfo/dmarc-discuss > > NOTE: Participating in this list means you agree to the DMARC Note Well terms > (http://www.dmarc.org/note_well.html) _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
