spf-discuss
[Top] [All Lists]

Re: Re: HELO versus MAILFROM results

2005-05-06 11:13:52
On Fri, May 06, 2005 at 04:30:20PM +0000, Mark wrote:
On vrijdag 6 mei 2005 7:04, Radu Hociung wrote:

The only check that might be remotely valid is to check the A
record to ensure it matches the IP address.

Which would not be 'remotely valid', but 100% safe (barring DNS hacks,
of course).

Could we have an optional "match" key for the Received-SPF line that
could be used when the result is "None" and set to "yes" or "no"?

Then if a domain doesn't have an spf record, but the client IP matches
an A or AAAA record of the domain, the Received-SPF line could contain a
"match=yes", (or "match=no" if the IP doesn't match.)

(It would be nice if "match" could instead be an allowed result, but
it's probably too late for that now.  :-) )

-- 
Mark Shewmaker
mark(_at_)primefactor(_dot_)com