spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Re: How does one distinguish between authorizing MAIL FROM and HELO

2007-01-29 08:35:07
from [John A. Martin] [Permanent Link] 
"Scott" == Scott Kitterman
"Re: Re: How does one distinguish between authorizing MAIL FROM and HELO"
 Sun, 28 Jan 2007 16:47:19 -0500


    Scott> On Sunday 28 January 2007 15:56, John A. Martin wrote:
    >> >>>>> "Scott2" == Scott Kitterman "Re: Re: How does one
    >> >>>>> distinguish between authorizing MAIL FROM and HELO" Sun,
    >> >>>>> 28 Jan 2007 15:10:41 -0500
    >>
    Scott2> I guess I don't understand why you say "which will not
    Scott2> alone reject messages spoofing either of those HELO
    Scott2> identities"?  If it doesn't come from
    Scott2> 192.168.0.1 (in your example) reject it and be done with
    Scott2> it.
    >>
    >> I can do that but who else can, using SPF, if the MAIL FROM is
    >> not FAIL?
    >>
    Scott> If HELO gives a Fail result, one can certainly reject the
    Scott> message.  I'm not sure what's missing?

I'm afraid again I was unclear or confused.  The question is for a
setup where the MAIL FROM uses a collective domain as in
<local-part(_at_)example(_dot_)com> and the outgoing SMTP relays use their FQDNs
in their HELO commands.  To simplify, assume a single outbound relay
and

    >>         example.com.        TXT "v=spf1 ip4:192.168.0.1 -all"
    >>         host1.example.com.  TXT "v=spf1 ip4:192.168.0.1 -all"

A receiver checking an authentic MAIL FROM @example.com against an
authentic 'HELO host1.example.com', as I believe has been suggested
recently, will see a SPF FAIL on HELO.  Also a receiver doing a SPF
check on a given HELO itself (like is done for the null sender) will
see a SPF FAIL only when the HELO parameter specifies a host with a
"v=spf1 -all" or similar.

If I have misunderstood the suggestion, 'always check the HELO
identity', and other suggestions involving the HELO identity, my
question may be moot.

        jam

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

Attachment: pgprUXW4BTT9d.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] SPF basics commentary, Stuart D. Gathman
Next by Date:  RE: [spf-discuss] SPF basics commentary, Stuart D. Gathman
Previous by Thread:  Re: [spf-discuss] Re: How does one distinguish between authorizing MAIL FROM and HELO, Scott Kitterman
Next by Thread:  Re: [spf-discuss] Re: How does one distinguish between authorizing MAIL FROM and HELO, Alex van den Bogaerdt
Indexes:  [Date] [Thread] [Top] [All Lists]