On Sat, 27 Jan 2007, David MacQuigg wrote:
SPF could expand its scope to include a robust check of the HELO name, but
until that happens, SPF authorized senders can simply publish "helo=spf" at
_auth.<domain>, and anyone using our Registry take that as permission to
REJECT any use of their name that doesn't pass the HELO check.
There is already an op=helo draft standard. Other standard options
in the draft are:
op=pra "it is ok to use this SPF record for PRA checking"
op=nohelo "do not check HELO for this SPF record"
op=helo "reject this domain in HELO unless SPF gets PASS"
op=auth "We've taken steps to prevent cross customer forgery
for SPF PASS"
Combine the options with dot, eg.
v=spf1 op=helo.auth a -all
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735