spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SPF record for the HELO domain (for empty return-paths)

2004-08-22 03:52:00
from [Roger Moser] [Permanent Link] 
I forgot to publish an SPF record for my HELO domain. (I have now added it).
Probably others also forgot it. So please add it.

Just an example:

For delivery failure messages AOL's MTA says e.g.

  EHLO omr-m11.mx.aol.com
  MAIL FROM:<>

The SPF specification says that in this case the SPF record of the HELO
domain must be checked. But there is not SPF record for omr-m11.mx.aol.com.
So any spammer can say

  EHLO omr-m11.mx.aol.com
  MAIL FROM:<>

and the mail will not be filtered by SPF.

Therefore AOL should add following SPF records:

omr-m10.mx.aol.com. TXT "v=spf1 ip4:64.12.138.22 -all"
omr-m11.mx.aol.com. TXT "v=spf1 ip4:64.12.138.23 -all"
etc.

Roger
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Email forwarding w/o submission service, Koen Martens
Next by Date:  Can SPF identify wildcard domain forgery?, Roger Moser
Previous by Thread:  RE: "RE: Which address of this list shouldauto-responses go?", Guy
Next by Thread:  RE: SPF record for the HELO domain (for empty return-paths), Andriy G. Tereshchenko
Indexes:  [Date] [Thread] [Top] [All Lists]