It appears that David Bürgin <dbuergin(_at_)gluet(_dot_)ch> said:
1)
Authentication-Results: mail.example.org; spf=pass smtp.mailfrom=example.com
Authentication-Results: mail.example.org; spf=pass smtp.helo=mail.example.com
That is wrong. One A-R per pass through the MTA, please.
Authentication-Results: mail.example.org;
spf=pass smtp.helo=mail.example.com;
spf=pass smtp.mailfrom=example.com
You can do that if you want.
A subsequent component could then use these results as input to some
spam score, for example.
You could, although in practice the HELO check doesn't tell you anything useful
except when it's used as a fallback due to a null MAIL FROM. The useful HELO
check is to see if it exists at all, with a nonexistent one being a close to
100%
accurate spam signal. But if it doesn't exist, there is no SPF record so SPF
tells you nothing.
R's,
John
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp