-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Radu
Hociung
Sent: Thursday, May 05, 2005 3:53 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Re: HELO versus MAILFROM results
Stuart D. Gathman wrote:
On Wed, 4 May 2005, Radu Hociung wrote:
Ok, the entity "mail.com Inc." owns some 100 (maybe more) domain names
that it offers free forwarding accounts at. A brief sampling is below:
Gotcha.
So tell me, what SPF records go where and why, and what information can
the recipient assert based on the SPF records?
No useful SPF records are possible for gardener.com unless they
also offer SMTP AUTH service for sending mail.
I think what you intend is the following:
gardener.com = v=spf1 +all
... Because mail.com has no idea where the various clients send from.
Exactly.
Mail.com needs to provide SMTP AUTH service before SPF is useful for its
domains.
Check!
As a free service, the gardener.com domain does not provide relay
priviledges through mail.com's servers.
The question still is ... what should the out45.us4.outblaze.com TXT
record read?
Keep in mind that that same outgoing server may also serve lawyer.com,
which is a paid service, and does provide SMTP AUTH service, and may
publish an SPF record.
So the case is simple: the same outgoing MTA is used both for a free
service (for which no SPF record is possible), and for a paid service
(which may publish an SPF record).
The question remains.... what should out45.us4.outblaze.com publish as a
TXT record, and how will this work when the user at comcast gets mail
from Rose and from the Lawyer?
That TXT record will be fetched when comcast checks the HELO with SPF.
Radu.
First, out45.us4.outblaze.com would have to actually exist. Assuming it
existed with an A record, then the SPF record should be:
"v=spf1 a -all"
This SPF record should work for virtually all mail servers to cover
HELO/EHLO.
Scott Kitterman