On Fri, 10 Dec 2004, wayne wrote:
In
<Pine(_dot_)LNX(_dot_)4(_dot_)44(_dot_)0412091138090(_dot_)31092-100000(_at_)sokol(_dot_)elan(_dot_)net>
"william(at)elan.net" <william(_at_)elan(_dot_)net> writes:
[...] And also agree with statement he put and would request that it
be added to the SPF draft (right after where it says SPF v1 record
MUST be used ONLY for purposes of verifying envelope from or helo as
specified in the draft - although personally I'd rather SPF v1 records
be limited exclusively to envelope-from scope).
I'm working on updating updating the SPF I-D now, and I've seen you
mention a couple of times that you don't entirely support the SPF HELO
checking.
No, that is wrong interpretation of what I've been saying. I support
SPF HELO checking, but I do not support using current SPF v1 records
for that and believe it would be better that we do it as part of
unified spf with new scope. As part of UnifiedSPF, I'd like to
see separate document detailing use of SPF for HELO checking (not
part of main draft) and that it provide BCP-like recomendation on
limiting complexity of SPF records that are used for HELO checking.
One of my core goals with the new I-D is to having it remain as
compatible as possible with previous SPF specs. I don't believe
the SPF specs can't be improved upon, but I think it is long past time
to try and tweak them. The SPF spec has, for all practical purposes,
been frozen for 6+ months, and in many ways has been pretty slushy for
12+ months.
I agree but there very very few (anybody else other then Hector?) that
are using SPF for HELO checking (except special case when MAIL-FROM is
null) and it was not original intent of SPF either. I think if you're
putting together draft describing "Classic SPF" then HELO checking
should not be part of it.
Changing the SPF HELO checking would be a very large change and I need
to understand why this change is so important that it outweighs ~15
months of support in SPF.
I'd like to see more data confirming it is indeed supported by majority
of current SPF implementations. If that is not so, I do not believe it
should be part of the draft.
The idea of checking the HELO domain when the MAIL FROM was NULL was,
to the best of my knownledge, first suggested by Justin Mason on Sept
29, 2003. See:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200309/0044.html
That idea was brought up long ago about using SPF with HELO does not
entirely demonstrate that its part of the current use of SPF records.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net