For non-obvious reasons it would be easier to do it the other way.
Make corp come from a subdomain and change the policy there and
keep transactional as paypal.com.
Sure, so long as the domains are different, although I would suggest
that for branding reasons it probably would not be a good idea to tell
people that unsigned mail from subdomains of paypal.com is OK. Use
x.com or one of the hundred of other domains paypal has.
I just don't see how you can simultaneously say "throw away unsigned
mail" and "don't throw away unsigned mail if a list says it used to be
signed" unless you have some way to identify trustworthy lists. But
once you know that a list is trustworthy, why wouldn't you just accept
all its mail? I just don't see a plausible scenario where you you
know you trust the list but still want to accept or reject mail based
on assertions the list itself makes.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html