----- Original Message -----
From: "Lloyd Zusman" <ljz(_at_)asfast(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Wednesday, December 22, 2004 1:02 PM
Subject: [spf-discuss] Re: SPF HELO checking
I'm not sure if this is really worthwhile. Perhaps it's best to just
allow badly formatted HELO strings and be done with it.
Opinions?
Never mind opinions. Talk about the realistic possibilities:
1) Compliant Client Software
2) Malicious, willful spoofer
3) MUA with dynamic IP client using NETBIOS computer name
4) Client Software using first A record in multiple A record machine
5) NAT, Firewall, Bad Setups.
6) Legacy clients with fixed client domain names.
any more? I'm sure I missed a few.
In our case, we reject invalid HELO formatted domains or domain literals. No
complaints, except in a few cases in #5 and #6.
Sincerely,
Hector Santos, CTO
Santronics Software, Inc.
http://www.santronics.com
305-431-2846 Cell
305-248-3204 Office