In <BDC23797(_dot_)E46D%cdhutzler(_at_)aol(_dot_)com> Carl Hutzler
On 11/18/04 10:44 AM, "wayne" <wayne(_at_)midwestcs(_dot_)com> wrote:
Now, the folks involved with CSV (Dave C, John L, Doug O, etc.) claim
that checking the HELO domain against SPF records isn't as good as
doing CSV checks. Despite having listened to them explain this, and
read their specs several times, for the life of me, I can't see why
SPF checks against the HELO domain isn't just as good.
Can you explain the difference to me?
Is this difference significant enough to justify having all your
whitelisted domains implement two very similar systems?
I believe they are thinking that an email address domain (right side of the
@ sign) is a different animal than a HELO domain. I tend to agree but also
am hoping that in some cases it may be the same thing for most MTAs.
Thanks for your reply Carl.
I would like to apologize both to Carl and to this list. My question
was offlist in order to prevent yet-another-discussion of SPF HELO
checking vs CSV from filling the list. However, I failed to remove
the Reply-To: header in my message to Carl, so his reply came here.
If someone can explain the differences to me, I would be happy, but
the discussions on the MARID list and during the Jabber sessions lead
me to believe that, for whatever reason, I'm just not getting it.
Repeating those same explanations will probably not help me.