On Mon, Dec 13, 2004 at 04:08:47PM +0100, David wrote:
acouple of things about it:
a) rfc says what everybody must use in the helo, maybe it will be better
to just enforce it.
And what do you think the RFC enforces?
Let me tell you in advance: The RFC does NOT enforce that the domain
name as given in HELO can be correlated to the connecting IP address.
b) why complicate spf with helo checking when all this checking could be
avoided by viruses/spam just using the correct ip literal in the helo
Currently there is no way, apart from SPF and alike protocols, to see
what IP addresses are allowed to use a certain HELO.
c) helo checks in spf do not exist, altough someone may argue against
it, spf classic only uses (not checks) the helo to construct a
sender address when no sender address is available. So people
is publishing spf records without thinking that the rest of the world
will use them to check his helo's, so it's not good to use spf to
check the helo when the spf record publishers has not published it
for this purpose
Huh? Never mind. HELO checks are, and have been, possible using SPF.
IIRC it is optional _for_the_receiver_ and mandatory _for_the_sender_.
Alex
--
I ask you to respect any "Reply-To" and "Mail-Follow-Up" headers. If
you reply to me off-list, you'd better tell me you're doing so. If
you don't, and if I reply to the list, that's your problem, not mine.