[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Lloyd
Zusman
Well, I have done this kind of checking in the past, and the
complaints often come in cases where the sender is just a
not-too-tech-savvy user whose mailer or ISP doesn't handle
HELO properly. In these cases, I've found it difficult to
get this corrected. I then have to maintain a "valid senders
with invalid HELO strings" whitelist.
I'm not sure if this is really worthwhile. Perhaps it's best
to just allow badly formatted HELO strings and be done with it.
Lets look at the types of fail:
HELO mail.example.com
<does not match the spf record for mail.example.com>
Seems unlikely that this happens by accident.
FAIL & SHUT CONNECTION
HELO mail.example.com
But there is no SPF record, well can't say anything
INDETERMINATE
HELO example/com
Oops finger trouble!
Looks to me like we are in the same situation, can't say anything
INDETERMINATE
I don't see many cases where someone would in good faith get this wrong in a
way that collides with an existing SPF record.
If you get a match then you can pull accreditation data from wherever and
you are done.