spf-discuss
[Top] [All Lists]

Re: SPF HELO checking

2004-12-13 10:55:40
Hi !!

a) rfc says what everybody must use in the helo, maybe it will be better
  to just enforce it.

And what do you think the RFC enforces?

it's very clear, the helo/ehlo must be the fqdn or the ip literal
of the smtp client, never a domain name (unless it has an A record)

Let me tell you in advance: The RFC does NOT enforce that the domain
name as given in HELO can be correlated to the connecting IP address.

Please see RFC 2821 section 4.1.1.1 and RFC 1123 section 5.2.5

b) why complicate spf with helo checking when all this checking could be
  avoided by viruses/spam just using the correct ip literal in the helo

Currently there is no way, apart from SPF and alike protocols, to see
what IP addresses are allowed to use a certain HELO.

please read carefully what i post

Huh?  Never mind.  HELO checks are, and have been, possible using SPF.
IIRC it is optional _for_the_receiver_ and mandatory _for_the_sender_.

ups ... helo checks are mandatory for the sender ? where did you read this ?

--
Best regards ...

It's a fine line between fishing & standing still

----------------------------------------------------------------
   David Saez Padros                http://www.ols.es
   On-Line Services 2000 S.L.       e-mail  david(_at_)ols(_dot_)es
   Pintor Vayreda 1                 telf    +34 902 50 29 75
   08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------



<Prev in Thread] Current Thread [Next in Thread>