spf-discuss
[Top] [All Lists]

Re: SPF HELO checking

2004-12-13 08:08:47
Hi !!

I wouldn't mind hearing from the SPF experts as to why extending SPF and
making the algorithm more complicated buys us anything over a simple A
record check?

acouple of things about it:

a) rfc says what everybody must use in the helo, maybe it will be better
   to just enforce it.

b) why complicate spf with helo checking when all this checking could be
   avoided by viruses/spam just using the correct ip literal in the helo

c) helo checks in spf do not exist, altough someone may argue against
   it, spf classic only uses (not checks) the helo to construct a
   sender address when no sender address is available. So people
   is publishing spf records without thinking that the rest of the world
   will use them to check his helo's, so it's not good to use spf to
   check the helo when the spf record publishers has not published it
   for this purpose

d) also if you want to protect your helo using spf you will have to
   do more than one workaround, in some cases you will not be able
   to do it without restrictions, and in most cases you will have to
   publish more complicated spf records that will require more than
   one dns lookup.

In the meantime and as helo checks are now (but only now) useful, why
not separate it from spf, make a simple and fast spf like variation
for them and use it until everybody has a strictly rfc compliant helo ?

--
Best regards ...

It's a fine line between fishing & standing still

----------------------------------------------------------------
   David Saez Padros                http://www.ols.es
   On-Line Services 2000 S.L.       e-mail  david(_at_)ols(_dot_)es
   Pintor Vayreda 1                 telf    +34 902 50 29 75
   08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------



<Prev in Thread] Current Thread [Next in Thread>