On Sep 13, 2004, at 8:39 PM, wayne wrote:
I again ask that the "v=spf1 " magic number be interpreted as
"spf2.0/mailfrom,helo" in the SenderID spec.
Since "v=spf1" has always been experimental, and changing over time,
and hence there is no normative reference for it, I do not think that
the next round of drafts should include any official endorsement of
what to do with such records.
That said, I don't see anything wrong with implementations deciding to
support these records as well. However, I would caution that it seems
the opinion of many on this list (myself included), that "v=spf1" be
treated as valid for only the "mailfrom" scope. I.e.: as
"spf2.0/mailfrom".
I note that there is no "helo" scope defined (nor will I support one
now -- I leave this question for later when we all tackle CSV.)
Furthermore, the use of the HELO domain in the classic SPF check does
not constitute a check on the HELO scope: It is not ascertaining the
authorization of the use of the domain name in HELO. The use of the
HELO domain to construct a MAIl FROM identity when the reverse-path is
null ("<>") is still checking the authorized use of the domain name as
a MAIL FROM name. It does not constitute a blanket assertion about
domain use in HELO.
- Mark
Mark Lentczner
http://www.ozonehouse.com/mark/
markl(_at_)glyphic(_dot_)com