Hi !!
a) rfc says what everybody must use in the helo, maybe it will be better
to just enforce it.
RFC2821 also says that you can't enforce it.
no, rfc 2821 says i cannot reject the helo command because i don't like it,
but it doses not say i cannot reject the message because i don't like
the helo.
b) why complicate spf with helo checking when all this checking could be
avoided by viruses/spam just using the correct ip literal in the helo
Many mail admins reject on IP literals.
but they are required by rfc.
Please stop claiming things that are obviously wrong. SPF HELO checks
have existed in limited forms for +18 months and as an option for all
cases for 6+ months. This can be verified by simply checking the SPF
specs and the many SPF implementations.
current spf classic spec just uses the helo in the case of the null
envelope sender, other specifications may try to check the helo, but
in any case you will not convince me that this is good, correct or
an standard.
This is not true if people either 1) read the SPF specs, or 2) use the
SPF wizard at spf.pobox.com.
ok, let's see, what happens if i publish a record that does not allow
postmaster to send mail from any host ... will a spf check on my helo
reject the helo ?
nekodojo.org. IN TXT "v=spf1 mx ptr redirect=%{l}._spf.nekodojo.org"
postmaster._spf.nekodojo.org. IN TXT "v=spf1 -all"
this will also make some implemenations (not spf cassic compliant)
that check the helo to reject legitimate uses of the helo.
--
Best regards ...
It's a fine line between fishing & standing still
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------