spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [spf-discuss] Re: SPF adoption statistics

2005-11-22 08:32:46
from [Dick St.Peters] [Permanent Link] 
Stuart D. Gathman writes:

When it says "HELO bmsi.com", and it ain't one of my bmsi.com servers,
I'm going to reject it.  No matter what cockamany RFC ignorant
(must be a resolvable FQDN - I believe it must resolve to client, but
others disagree) HELO they came up with, they certainly aren't allowed
to use "bmsi.com".  Ditto for any other domains I manage.


You are 100% correct that the HELO name must resolve to the client.
Who are the others who disagree?

RFC2821 is very explicit in section 3.6:

   -  The domain name given in the EHLO command MUST BE either a primary
      host name (a domain name that resolves to an A RR) or, if the host
      has no name, an address literal as described in section 4.1.1.1.

I.e., the EHLO/HELO name "MUST BE" the (primary) *host* name (or an
address literal).  That a host name resolves to an A RR is so
fundamental that it's included as part of the definition of host name.

It's actually the address literal part of that paragraph that is its
purpose.  Section 3.6 begins by saying

    Only resolvable, fully-qualified, domain names (FQDNs) are
    permitted when domain names are used in SMTP.
    
It then goes on to allow only two exceptions, address literals in EHLO
names and "postmaster" recipients with no domain name at all.

As in most RFCs, "domain name" means "name within a domain", not "name
of a domain", which is made evident in section 2.3.5:

    The domain name, as described in this document and in [22], is the
    entire, fully-qualified name (often referred to as an "FQDN").

("[22]" is STD 13 - RFCs 1034/1035, the DNS standard.)

That makes this worth quoting again:

    Only resolvable, fully-qualified, domain names (FQDNs) are
    permitted when domain names are used in SMTP.

Any domain-based name used in SMTP must be (forward) resolvable.

A client EHLO/HELO name that's the name of a domain - especially any
well-known domain - is itself a high-probability spam indicator,
unless the domain is hotmail.com.  Hotmail uses the name of their
domain as the EHLO name, in violation of RFC2821 (and earlier RFCs).

--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com 

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: SPF adoption statistics, Hector Santos
Next by Date:  Re: [spf-discuss] Re: SPF adoption statistics, Alex van den Bogaerdt
Previous by Thread:  Re: [spf-discuss] Re: SPF adoption statistics, Hector Santos
Next by Thread:  Re: [spf-discuss] Re: SPF adoption statistics, Alex van den Bogaerdt
Indexes:  [Date] [Thread] [Top] [All Lists]