spf-discuss
[Top] [All Lists]

Re: [spf-discuss] SPF queries by a newbie

2006-11-13 19:41:31
On Tue, 14 Nov 2006, Jon Grant wrote:

have no way to force the ISP to publish or delegate a proper PTR.  Domain
owners can always use a proper HELO name, and this is clear and sufficient
proof that the MTA is managed by the domain owner.

can't a spammer just put mail.gmail.com in the HELO field though then?
Maybe I didn't understand your message. I do see the problem for people
who cant setup reverse DNS. I do think the IP should have something
though, even if it is dsl-1-2-3-5.host.com

Sure, but the spammer doesn't control the DNS for mail.gmail.com, so the
IP address(es) will not match the zombie sending the spam.  If the 
HELO name resolves to the connect IP, then this is a positive confirmation
of the identity of the sending MTA.  Ideally, everyone should reject
mail that doesn't have a HELO like this (RFC also allow numeric HELO
like HELO [1.2.3.4]), but too many MTAs have clueless admins that put
garbage for HELO name.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735