On Thursday 04 January 2007 13:35, Don Lee wrote:
SPF HELO is a very low cost check, but does not match as often as Mail
From (not everyone has published SPF records for HELO, but they should).
HELO checks are a VERY reliable way to reject messages. It is unlikely
to produce false positives.
Additionally, what will you check if you get mail from <>?
It is not clear on the web site, or in "common parlance" that
SPF is designed for, or to be used for, HELO. I am looking into
using it on HELO, and am getting pushback from admins that this
is an abuse of SPF, and not "supported".
Is there a definitive statement I can point to that declares that this
usage is OK?
If you look in the SPF RFC, RFC 4408, it is not only OK, it is recommended:
http://www.openspf.org/RFC_4408#helo-ident
HELO was not in the very early SPF proposals, but it was included as an
optional check for quite some time before the final RFC.
Corollary: is there instruction in the SPF setup "wizards" that gives
guidance to admins to make sure that SPF records support HELO
checking?
It does now:
http://www.openspf.org/FAQ/Common_mistakes
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735