spf-discuss
[Top] [All Lists]

Re: Possible SPF machine-domain loophole???

2004-02-25 10:55:25
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Matt Sergeant writes:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 24 Feb 2004 21:44, Theo Schlossnagle wrote:
On Tue, 2004-02-24 at 16:03, Seth Goodman wrote:
Maybe we should stop putting HELO information in the received headers
and just stick with the IP and rDNS result?  Does that violate any RFC's
or is this just current practice?

I like that idea.  I don't know of any RFC that dictates the EHLO
argument MUST appear in the Received headers.  In fact, from a pedantic
point of view, it is _much_ better to put the results of an rDNS query
in the headers and that is "what really happened".  And the Received
path is supposed to be a truthful audit trail.

Then it is really up to you and an MTA admin whether you want to be
stricter than the RFC dictates when processing EHLO statements from
remote clients.

One advantage is for spam filter development. After storing the email to disk 
there's no other way of getting the original HELO/EHLO than parsing the 
Received headers.

Another advantage is that, if I receive mail via 1 or more relays (think:
ISP's MX, workplace MX, .forward, cpan.org forwarder, etc.), I will
have no access to the original HELO/EHLO otherwise.

This data is very useful for filtering.

- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS

iD8DBQFAPOGMQTcbUG5Y7woRAtaDAKCWzwvixiulKDWjZID70x8JcPA9ugCeKBgg
0gYWZmviB+Qo2X+annn8XKk=
=2Inm
-----END PGP SIGNATURE-----