Re: SPF HELO checking

I wrote:

Is is sufficient to have following:

example.com.          IN TXT "v=spf1 ip4:192.168.1.1 -all"
mxsender.example.com. IN TXT "v=spf1 ip4:192.168.1.1 -all"

And configure your MTA at 192.168.1.1 to say "HELO mxsender.example.com"
instead of "HELO example.com". Mail not from 192.168.1.1 is forged anyway,
whether is says "HELO example.com" or not.


David answered:

this does not prevent anyone to use HELO example.com


That is true. But if someone (a forger) uses "HELO example.com", then the
SPF result will be "Fail" (because the mail did not come from 192.168.1.1)
and the mail will be rejected.

Roger

<Prev in Thread]	Current Thread	[Next in Thread>
Re: SPF HELO checking, (continued) Re: SPF HELO checking, Roger Moser Re: SPF HELO checking, Frank Ellermann Re: Re: SPF HELO checking, Tony Finch Re: SPF HELO checking, Greg Connor Re: SPF HELO checking, william(at)elan.net Re: SPF HELO checking, David Re: SPF HELO checking, Commerco WebMaster Re: SPF HELO checking, Roger Moser Re: SPF HELO checking, Commerco WebMaster Re: SPF HELO checking, David Re: SPF HELO checking, Roger Moser <= Re: SPF HELO checking, David Re: SPF HELO checking, Roger Moser Re: SPF HELO checking, David Re: SPF HELO checking, Greg Connor Message not available Re: SPF HELO checking, Commerco WebMaster Re: SPF HELO checking, David Re: SPF HELO checking, Stuart D. Gathman Re: SPF HELO checking, David Re: SPF HELO checking, Mark Shewmaker Re: SPF HELO checking, Roger Moser

Previous by Date:	Re: SPF HELO checking, David
Next by Date:	Re: SPF HELO checking, David
Previous by Thread:	Re: SPF HELO checking, David
Next by Thread:	Re: SPF HELO checking, David
Indexes:	[Date] [Thread] [Top] [All Lists]