spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] NEUTRAL vs NONE for HELO

2006-06-21 18:23:40
from [Alex van den Bogaerdt] [Permanent Link] 
On Wed, Jun 21, 2006 at 08:55:37PM -0400, Scott Kitterman wrote:


For HELO/EHLO, I think rejecting anything that is not PASS or NONE is an 
entirely reasonable receiver policy from a standards perspective.  I can't 
think of a reasonable scenario where a single standards compliant host should 
not be able to positively identify themselves with a PASS if the sender 
chooses to publish an SPF record for that hostname.


I think I just gave such an example.  Do you think that scenario is
unreasonable? (n.b.: I was *not* discussing a single user host!)

As long as host names are not used as primary mail domains, no problem
should occur, I agree with you on that.  But as soon as a host name is
the same as a mail domain and when this mail domain should not result
in a PASS, the host name can also not result in a PASS.

This is a slight disadvantage SPF has; HELO and MAIL FROM share the
same space.  This won't matter in many cases, but many is not all.


You write:
"... if the sender chooses to publish an SPF record for that hostname."

They don't.  They choose to publish an SPF record for that email domain.
It just happens to be the same as the host's name.  Some people will
not even know about their HELO, others will analyse the situation and
consider it to be all right because they can live with NEUTRAL being
returned.

If HELO should always return {PASS, FAIL or NONE}, then this should be in
the spec. Currently it is OK to return NEUTRAL, people publishing such
a record rely on receivers to follow the spec.

Anyone can do anything with their mail.  I (we?) just want to avoid
seeing calls from people following the spec yet find their mail rejected
because someone (Stuart, or anyone else) uses an SPF record for something
it was not designed for.

I think there's not a big difference between rejecting HELO and rejecting
MAIL FROM in these situations.  In both cases the receiver does something
the domain owner did not intend.

Alex

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] NEUTRAL vs NONE for HELO, Scott Kitterman
Next by Date:  Re: [spf-discuss] NEUTRAL vs NONE for HELO, wayne
Previous by Thread:  Re: [spf-discuss] NEUTRAL vs NONE for HELO, Scott Kitterman
Next by Thread:  Re: [spf-discuss] NEUTRAL vs NONE for HELO, wayne
Indexes:  [Date] [Thread] [Top] [All Lists]