On Sat, 19 Jun 2004 23:35:05 -0400, Meng Weng Wong wrote:
Folks who prefer picture to go along with their text may
like to see this slideshow:
http://spf.pobox.com/slides/unified%20spf/
I like the picture, makes the words easier to digest, plenty of
scope for an alternate food analogy
Anyway, it raised a few questions as I went through it.
0040-alwayscheckhelo
http://spf.pobox.com/slides/unified%20spf/0040.html
This slide implies (very strongly) that in SPF Classic,
checking the HELO is a MUST, but the latest posted RFC proposal
(200405), section 2.2.1 says
"SMTP+SPF receivers MAY check the HELO argument"
My opinion is that it should be a MUST, but I am concerned
about potential issues with potentially matching .local domains
at both ends of the transaction.
0429-linuxbroadband
http://spf.pobox.com/slides/unified%20spf/0429.html
This was a big surprise, since it seems an ISP can not publish
(effective) policy stating that their IP address space is not
to be used to send emails from directly. Even DHCP Dialup can
not have an enforced no direct email policy.
I sympathize with the "poor linux user" on a consumer grade
broadband connection, after all I fit that description, though
my MTA is actually on a Windoze server, since I like my Win32
MTA.
If an ISP has a "no direct mail" or a "no server policy", then
they should expect a published policy for these IP addresses to
be honoured. Ideally I would hope that users allowed to send
mail directly could switch off this record, if enabled by
default on new connections.
Though since many admins use DHCP/Dialup DBLs (or maintain
their own like AOL) to block these IP addresses (to which some
ISPs submit their DHCP IP's for addition), so allowing it to
pass may be in vain.
Regards
Karl Prince
______________________________________________________________
Email via Mailtraq4Free from Enstar (www.mailtraqdirect.co.uk)