spf-discuss
[Top] [All Lists]

Re: A HELO Question

2004-03-06 19:46:06
On Sat, Mar 06, 2004 at 04:23:27PM -0800, Greg Connor wrote:
| 
| Based on all that... I would expect SPF to return "unknown" for any domain 
| OR helo name that doesn't have SPF info published, INCLUDING domains that 
| clearly don't exist.  I think it's reasonable to block mail from domains 
| that don't exist, but I wouldn't depend on SPF to do this for you.. there 
| should be other policy built into the mailer to reject the mail if the 
| domain doesn't exist.  I would not recommend to use this type of checking 
| on the HELO name though.
| 

OK.  Evidently the spec and the library need changing.  How about this:

  if the return-path domain does not exist (NXDOMAIN), return FAIL
  if the helo domain does not exist, return UNKNOWN

or should they return UNKNOWN in both cases?

The "FAIL" special-case came from a time when we were only checking the
return-path, but it's probably not appropriate if we're assigning more
weight to the HELO.


<Prev in Thread] Current Thread [Next in Thread>