-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Julian Mehnle wrote:
I'm sure there's an RFC implying that greylisting or tar-pitting is
forbidden, too. But since there is no protocol police, we do what's
best for security. If that means rejecting dubious HELO identities and
ignoring the relevant parts of RFCs 1123 and 2821 in the process, so be
it. You are of course free to honor the RFCs and never reject on a bad
HELO.
Oh, and of course, in the case of SPF, it is always the domain owner (here:
of the HELO domain) who has opted in to the stricter requirements of SPF
(RFC 4408) by publishing an SPF record for the domain, so if you reject on
a HELO domain that fails an SPF check, you can be confident that it is
with the consent of the domain owner.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFnW7mwL7PKlBZWjsRAjYhAKC7BQZXLehV88odmoi9/xeS/zCAnwCffdzv
XYsQKgjpUy1RC4AiSpx6NXY=
=RNOJ
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735