ietf-mailsig
[Top] [All Lists]

RE: Web pages for MASS effort

2005-01-09 15:26:32

On Sun, 9 Jan 2005 21:24:02 +0000, Tony Finch wrote:
  SPF isn't good enough for HELO verification, because it doesn't have a way
  of distinguishing between a HELO name that is invalid for legacy reasons
  and a HELO name that is invalid for malicious reasons. CSA will have a
  mechanism to do this.

  This kind of mechanism is less necessary for mail domains (SPF's main
  target) than for HELO names, because a mail domain MUST have a valid MX,
  A, or AAAA record in the DNS, whereas historical practice allows HELO
  names to be completely bogus. About a third of sites rely on this loop


Yes.

More generally, we need to be careful not to conflate statements about 
authorship with statements about operations.  The From/Sender/MailFrom domains 
involve folks directly involved in the content.  HELO involves an agency that 
is providing transport, pretty much independent of content. 


d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker  a t ...
WE'VE MOVED to:  www.bbiw.net


<Prev in Thread] Current Thread [Next in Thread>