-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Shewmaker wrote:
If reciever policy says that a failing mailfrom should be considered a
PASS because the verified HELO is trusted, how is that documented in
received-spf?
There lies another somewhat fundamental misunderstanding in your question
(no offense). The "Received-SPF:" header is not supposed to document
receiver policy, but only the results of pre-performed SPF checks.
If a MUA reads "Received-SPF:" headers, it is not the MTA (who generated
these headers) that is the receiver, but the MUA itself. The MUA has to
apply its own receiver policy to the pre-determined SPF results.
It _may_ be useful to convey server-side receiver policy to client MUAs,
but it isn't really needed to make the "Received-SPF:" headers a complete
concept.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCpLJEwL7PKlBZWjsRAiuwAKClOKq1YEqHG9BmjLruKaUzL47I+wCgi+jA
M/2s8TtByG/fNH9A9HllSCg=
=aCfv
-----END PGP SIGNATURE-----