David Woodhouse <dwmw2(_at_)infradead(_dot_)org> wrote:
On Fri, 2004-12-10 at 13:58 -0500, John Leslie wrote:
[Tony Finch wrote:]
that's different from the absence of a CSA record. I *think* you should
just throw away CSA records with weight=3.
Tony is basically correct. Unless you have some other method to
authenticate the matching of IP address to EHLO string, you must treat
the weight == 3 case as "unknown".
Note that checking the A)ddress RR won't work for authentication in
the weight==3 case. This is intended as a warning that the list of RRs
which would be returned is incomplete.
I believe a result of "unknown" in this case means that I should accept
the HELO command and move on, so am I not doing the right thing already?
Yes, assuming you can later distinguish that this was the "unknown"
case, not the "authenticated and authorized" case.
--
John Leslie <john(_at_)jlc(_dot_)net>