A HELO is supposed to be a FQDN, and therefore must have at least one "dot".
SPF doesn't have to check that for us. We can do that ourselves. ;->
Same goes for HELO of "-978387423678", which I see thousands of every week.
Any HELO that can't resolve a fwd DNS should be considered to fail.
I use "no-dot" on my mail server and it's the best anti-spam filter
I have. Almost never a false positive.
-dgl-
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dan_Mitton(_at_)notes(_dot_)ymp(_dot_)gov wrote:
Yes, I agree. But if the HELO is something like:
HELO xyzzy
doesn't SPF return 'unknown'? There is nothing for it to lookup.
In that case it returns "none". Please have a look at the description of
the SPF result codes in the SPF specification:
http://www.openspf.org/RFC_4408#op-result
So this would "pass" the HELO test
No, not for any useful definition of "pass the HELO test" in the context of
SPF. It wouldn't fail the HELO SPF check, but it wouldn't pass it either.
The check would rather be inconclusive.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFnaKawL7PKlBZWjsRAlBPAKDGtvtSbIeBL2lFqsui43b3wNa6jgCgrRJn
+wo2BdNQXXo95C8IqIBZEG8=
=fghd
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735