On Tue, Feb 24, 2004 at 09:50:53AM -0600, wayne wrote:
|
| I think it my be useful to do SPF checking on the HELO string, and
| reject the connection if the SPF check fails, but let it pass
| otherwise.
Yes, that will probably be helpful.
But if the goal is to prevent bad guys from using your name in any way,
it may not work: suppose I own domain.com.
HELO bogussubdomain.domain.com
HELO doma1n.com
HELO domain.com.INTERNET
will all pass the test (unless in the first case there's a *.domain.com
TXT record) and cause users to generate abuse reports to domain.com.