-----Original Message-----
From: ietf-bounces(_at_)ietf(_dot_)org
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of Scott Kitterman
Sent: Friday, March 02, 2012 9:19 AM
To: ietf(_at_)ietf(_dot_)org
Subject: Re: Last Call: <draft-ietf-marf-spf-reporting-08.txt> (SPF
Authentication Failure Reporting using the Abuse Report Format) to
Proposed Standard
"The HELO/EHLO command SHOULD also be selected so that it
will pass [SPF] HELO checks."
I could not understand what to do about the above recommendation.
FWIW, the command is specified in RFC 5321. That specification is
not referenced by this draft.
Yes, that needs to be clarified, the reference added, and the typo in
the section title needs correction.
I agree I should add the reference to 5321. Is informative sufficient
(I don't think any detailed understand of Mail From or EHLO/HELO is
necessary to implement this spec).
I can see the construction is awkward, but I'm not sure how to make it better.
I'd appreciate suggestions.
I suggest:
OLD:
In addition to the advice in security considerations of
[I-D.IETF-MARF-AS] the additional consderations apply to [SPF] auth
failure reports. If the MAIL FROM command is not the NULL return
address, i.e., "MAIL FROM:<>", then the selected MAIL FROM address
MUST pass [SPF] MAIL FROM checks on receipt. The HELO/EHLO command
SHOULD also be selected so that it will pass [SPF] HELO checks.
NEW:
In addition to the advice in the Security Considerations section of
[I-D.IETF-MARF-AS], these additional considerations apply to
generation of [SPF] authentication failure reports:
o If the return address to be used will not be the NULL return
address, i.e., "MAIL FROM:<>", then the selected return address
MUST be selected such that it will pass [SPF] MAIL FROM checks
upon initial receipt.
o If the report is passed to the Mail Submission Agent (MSA)
using [SMTP], the HELO/EHLO command parameter SHOULD also be
selected so that it will pass [SPF] HELO checks.
If needed, MSA is defined in RFC5598, so maybe this is another argument for
adding it as an informative reference and changing to use ADMD as discussed in
the other thread.
-MSK
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf