HELO anomaly
The mechanism "A:%{h}" could be useful to match when the HELO name
is valid (a FQDN that resolves to the connect IP). However, I believe
that an invalid HELO name (e.g. "JUPITER") must then cause a permerror.
I don't think that was intended, since it is an error in the SMTP client,
not in the SPF record. Using "A:%{h}._helo.example.com" and duplicating
all your MTA names would help, but I'm not sure it would remove all the
permerrors.
PTR wish
I find myself repeated wishing that the PTR mechanism would add the
HELO name to the list of names to validate against the connect IP.
Can anyone think of a way to use the hello macro to get the same effect
for a best_guess policy? For instance, a best_guess policy of
"a/24 a:%{h} mx/24 ptr" will pass if a valid helo name is given. However,
I want to pass only if the valid helo name also ends in the mailfrom (i.e.
as if %{h} were added to the PTR RRs).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com