In <008401c4c32f$f8f7dfd0$6401a8c0(_at_)hdev1> "Hector Santos"
<winserver(_dot_)support(_at_)winserver(_dot_)com> writes:
* The "HELO" identity is explicitly defined
I'm torn here.
1) Its a bit ambigious as to WHEN one should perform a HELO evaluation.
Its actually quite simple.
The key is not to violate mixed policies that SPF1 currently allows.
[explanation deleted]
I'm pretty sure that this is allowed in my draft-schlitt-spf spec for
libspf2.
2) The second rule is that a SPF ready Mail From Must use a FQDN domain
name.
I'm not exactly sure what you mean by this.
Obviously, if you don't have a FQDN, you can't check to see if that
domain has an SPF record.
Under older SPF-classic specs (and my libspf2 spec), if there isn't a
FQDN, the result is None or Unknown. (The various specs are not
consistent here.)
Under the new SPF-classic spec (draft-lentczner-spf-00), if there
isn't a FQDN, the result if Fail.
I know of no SPF spec that says that if the MAIL FROM domain has an
SPF record, but the HELO domain is not a FQDN, then the this is a
violation of the spec. I see absolutely no problems with having a
receiver policy framework that requires this, but it hasn't ever been
in a sender policy framework.
Could you please explain?
Thanks
-wayne