On Thu, 4 Jan 2007, Don Lee wrote:
What about RFC 1123 where it states:
5.2.5 HELO Command: RFC-821 Section 3.5
...
The HELO receiver MAY verify that the HELO parameter really
corresponds to the IP address of the sender. However, the
receiver MUST NOT refuse to accept a message, even if the
sender's HELO command fails verification.
If the SPF record fails for HELO, you are rejecting because of that,
*not* because of HELO by itself. An SPF record is an explicit policy
published by the sender domain. If the SPF result is FAIL (for HELO
or for MAILFROM), they have explicitly given you permission to reject
the email. (In the case of HELO, you could make a case that anything
except PASS should get rejected, but this is not as clear and explicit.)
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735