Re: What to include...

On Sun, 3 Oct 2004, Mark Lentczner wrote:

1) HELO domain checking clause
------------------------------
The last SPF draft (draft-mengwong-spf-01) includes language that 
allows mail receivers to lookup SPF records for the HELO/EHLO domain 
and test for a non-Fail result.  This is a separate test, performed 
even in the normal case of a non-null MAIL FROM.  Note: the language 
doesn't specify what to use for a sender-mailbox during such a test, so 
it is incomplete at present.


Python Milter http://bmsi.com/python/milter.html does this.  

It is pretty clear for SPF1 that the HELO name of your mail servers should 
pass SPF - for the null sender if nothing else.  (And that implies that
'postmaster' should be the localpart used.  SES people - are you paying
attention?)  

What is not spelled out is how a receiver should make use of this information.
I don't think this spec should spell out how to make use of HELO either.  There
is wide latitude in how strictly a receiver enforces the requirement that HELO
passes SPF.  For a non-null sender, you could require that both HELO
and MAIL FROM pass.  You could require that either HELO or MAIL FROM pass
(which is what Python Milter does - especially useful with guessed SPF
records).  Or you could check HELO only for null sender.

I don't know how recently this language was added.  Do any 
implementation of SPF do this?  Do people consider this part of SPF 
Classic, or is this an add-in from the Unified SPF work?


This is definitely part of SPF classic.  Specifications for how to 
use HELO checking as part of a forwarding scheme could be in a later spec.

2) The Received-SPF Header
--------------------------
The SPF drafts have always had a section on the Received-SPF header.  I 
am presuming that this should be in the draft.  Does itm, as it appears 
in draft-mengwong-spf-01, reflect any implementation?


Yes, Received-SPF should be in the draft.  The Python Milter implementation
copies the recommendation in draft-mengwong-spf-01.

3) New DNS RR Type

...

understanding.  Do people agree?  Or should I remove it?


I agree, keep the mention of RR type.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

<Prev in Thread]	Current Thread	[Next in Thread>
What to include..., Mark Lentczner Re: What to include..., Frank Ellermann Re: What to include..., Jim Hill Re: What to include..., william(at)elan.net Re: What to include..., Hector Santos Re: What to include..., Stuart D. Gathman <= Re: What to include..., Stephane Bortzmeyer Re: Re: What to include..., Dale Ghent Re: Re: What to include..., Eric S. Raymond Re: Re: What to include..., David Brodbeck RE: Re: What to include..., terry Re: What to include..., Scott Kitterman Re: What to include..., administrator Re: What to include..., Meng Weng Wong Re: What to include..., Hector Santos Re: What to include..., Meng Weng Wong