Mark Lentczner wrote:
check_host() returning "Fail" with a reason of "Domain Does Not
Exist" need not map to rejection if you so wish. Do whatever you
like with that result. It can be distinguished from "Fail" with
reason "Not Permitted", which is the domain advised forgery case.
This is the reason the reason codes exist. (Though I admit that
this point may not be as clear in the draft as it could be.)
What are "reason codes"? When I think codes, I think of regular, or enhanced
SMTP reply codes. In all your examples, only 550 is used:
550 SPF Mail From check failed: Malformed Domain
550 SPF Mail From check failed: Domain Does Not Exist
550-SPF Mail From check failed: Not Permitted
550-The domain example.com said:
550 Please see http://www.example.com/mailpolicy.html
"Do whatever you like with that result" is not a statement I fully
understand; a 550 return code can, imho, only lead to one result: REJECT.
Now, in case of NXDOMAIN, is it really always true what it says under "2.4.3
Fail"?
If the checking software chooses to reject the mail during the SMTP
transaction, then it MUST use a 550 reply code
Because it appears to me, that, in case of NXDOMAIN, a 501 ("Syntax error in
parameters or arguments") error should occur, the way sendmail does, for
instance; it returns an extended code "501 5.1.8", where RFC 1893 defines
X.1.8 as follows:
X.1.8 Bad sender's system address
The sender's system specified in the address does not exist
or is incapable of accepting return mail.
That would be our case where neither A nor MX record exists for a domain.
Earlier I said that the point is probably moot, as most MTAs will already
REJECT such an NXDOMAIN at the gate. Now, in the case of MAIL FROM: <>,
where HELO is used to form a postmaster(_at_)HELO address, 550 is in order, as
the supplied "<>" address itself is not a "Bad sender's system address". But
in case the NXDOMAIN appears in MAIL FROM, should not an SPF implementation
respond in kind? With "501 5.1.8", that is.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx