On Sat, 3 Sep 2005, Alex van den Bogaerdt wrote:
On Thu, Sep 01, 2005 at 01:37:37PM -0400, Stuart D. Gathman wrote:
Since simply conforming to RFC HELO requirements (FQDN that resolves to
connect IP) is a reasonable authentication.
Sorry, must have missed an RFC. Which RFC dictates that the parameter
to HELO (or EHLO) resolves to the connecting IP ?
RFC 2821
para 3.2:
Once the server has sent the welcoming message and the client has
received it, the client normally sends the EHLO command to the
server, indicating the client's identity.
para 3.6:
The domain name given in the EHLO command MUST BE either a primary
host name (a domain name that resolves to an A RR) or, if the host
has no name, an address literal as described in section 4.1.1.1.
para 4.1.1.1:
The [HELO,EHLO] commands are used to identify the SMTP client to the SMTP
server. The argument field contains the fully-qualified domain name
_of_the_SMTP_client_ if one is available. In situations in which the
SMTP client system does not have a meaningful domain name (e.g., when
its address is dynamically allocated and no reverse mapping record is
available), the client SHOULD send an address literal (see section
4.1.3), optionally followed by information that will help to identify
the client system.
(emphasis mine)
Under no interpretation is "JUPITER" a valid EHLO (or even HELO by 4.1.1.1)
argument.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com