In <42961FE3(_dot_)2060303(_at_)ashtonwoodshomes(_dot_)com> Terry Fielder
<terry(_at_)ashtonwoodshomes(_dot_)com> writes:
wayne wrote:
In <20050526142311(_dot_)O9890(_at_)simone(_dot_)iecc(_dot_)com> "John L"
<johnl(_at_)iecc(_dot_)com> writes:
Could you show me the SPF records I would use to indicate that
mta.example,com is valid as an EHLO but not as a bounce address domain
while example.com is a valid bounce address domain but not an EHLO.
[example snipped]
I stand corrected, it can be done with SPFv1, hats off to Wayne (and I
am going to keep this one for myself to use :)
I first learned this trick from Greg Connor. I'm not sure if others
realized it could be done earlier or independantly.
BTW Ugly as sin is irrelevant, once setup only computers need to read
it, and it can be as ugly and cryptic as necessary, as long as *it
works*.
Yeah, but I still don't see the point. Configure your MTA to use the
right HELO domain, and configure your MTA to reject email claiming to
be from the MTA's host name, and you can just use normal SPF records.
Spammers can't abuse either name because they can't send email from
the right IP addresses.
-wayne