Meng Weng Wong wrote:
<snip>
Now that we have a good understanding of scopes, could
someone who actually plans to use scoping please describe
your use case?
Ok, so I've got an Exchange 5.5 server which is a DC & MX host.
It's DNS host name is "mail.mydomain.com", but it's computer name
name is "mailsvr.internet.local". This is the name that it uses
in the HELO command and there doesn't seem to be a way to change
this without changing the machine name - a total non-started for a DC!
(I didn't write AD or Exchange so don't blame me).
It is authoratative for the domain "mydomain.com", so an SPF policy
such as:
"v=spf1 mx -all scope=helo exists:%{h}.%{ir}.daftmx.mydomain.com -all"
would enable me to say that mail from
"(_dot_)(_dot_)(_dot_)(_at_)mydomain(_dot_)com" was only valid if
you are talking to the MX server in DNS and checking MAIL FROM, but if you
want to test the HELO domain it must exist in my "daftmx" sub-domain.
Obviously the same IP address is valid, but when the domain in the HELO
command is different from that in the MAIL FROM command, there is a
transient problem that needs to be handled.
I'm not suggesting that this be the only reason for having the scope
modifier, but it is a real life scenario that exists in many MS Exchange
setups.
-Gary