Only reason we are testing the SPF record against the HELO is for a test. We
do not know one way or another if this is a good idea to implement on a
wider scale or not. It is usually better to have different DNS
statements/configs for different things and HELO is very different from an
email domain in the 822 or 821 mailfrom headers. So my engineering
background would say it is better to have separate ones.
But since no one is publishing CSV records yet (including me....bad me), we
have to start somewhere.
On 11/11/04 4:42 PM, "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net> wrote:
Miles (and Carl),
On Thu, 11 Nov 2004 06:26:49 -0800, Miles Libbey wrote:
? I think this was briefly discussed at the FTC email auth forum.
? Carl Hutzler from AOL indicated that they would likely do HELO
? domain checks using SPF records. ?Perhaps this is not the most
? ideal implementation, sacrificing overhead, parsing complexity,
? and accreditation but since SPF records seem to be getting
? published and checked perhaps it's worth taking a less ideal
? implementation to get the major benefits that CSV provides.
? Are there reasonable algorithms to finding the layman's domain as
? opposed to the machine name) ?
I believe the consensus of the CLEAR design team is that we are not sure what,
precise semantics are possible, when using SPF records with CSV, but that the
goal of re-using existing records always sounds appealing.
We would, therefore, felt that we should ask Carl -- but now I'll say YOU and
Carl -- to specify exactly what the behavior will be and what flavor of SPF
encodings are to be innspected.
dcrocker ?a t ...
ietf-clear mailing list
Director, AntiSpam Operations
America Online Mail Operations