spf-discuss
[Top] [All Lists]

RE: [spf-discuss] Re: SPF adoption statistics

2005-11-21 16:44:55
On Mon, 21 Nov 2005,  wrote:

Stuart D. Gathman wrote:
This would be after the vast majority have been rejected due to
obviously forged HELO.  Is that still useful?

Rejecting on HELO is RFC-questionable.

When it says "HELO bmsi.com", and it ain't one of my bmsi.com servers,
I'm going to reject it.  No matter what cockamany RFC ignorant
(must be a resolvable FQDN - I believe it must resolve to client, but
others disagree) HELO they came up with, they certainly aren't allowed
to use "bmsi.com".  Ditto for any other domains I manage.

Furthermore, if the HELO domain has an SPF record and gets anything
other than PASS, I reject it.  There is no reason to accept an SPF "neutral"
for HELO.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com