Julian Mehnle wrote:
Receivers may have legitimate reasons for checking only the HELO.
Not only "may", it's a sound scenario. HELO checks aren't affected
by forwarding considerations, they work everywhere, not only at the
border. Of course only for HELO identities with a sender policy :-)
It is perfectly possible that HELO fails and MAIL FROM passes.
MAIL FROM should get priority in that case.
Maybe, maybe not. It's a matter of perspective.
Considering MAIL FROM after a HELO FAIL is likely a waste of time:
The SMTP client should fix its HELO-policy a.s.a.p., otherwise it
could not send bounces and auto-replies with an empty reverse path
(i.e. not to MTAs checking MAIL FROM).
Of course receivers are free to accept mail even after a HELO FAIL,
but clearly they can also decide that they don't like this.
The "MUST" about MAIL FROM in the spec. is about receivers wishing
to check SPF MAIL FROM, which can ultimately result in a reject or
a Received-SPF: header field.
They can always decide to abort the evaluation - for any reasons -
phase of the moon, too many mx:-mechanisms, strange exists:-macros,
whatever. BUT then they MUST NOT claim to have followed the spec.
in their SMTP reject reply or in an Received-SPF header field.
Actually they MUST NOT generate a Received-SPF header field at all
if they didn't follow the spec. to its bitter end, because anything
they could say after aborting the evaluation could be misleading...
...okay, maybe only "SHOULD NOT" if they manage to produce a clear
Received-SPF: result without lying after their "receiver policy"
decision to abort the evaluation in a way not covered by the spec.
But they can't say NONE or NEUTRAL if what they did was in fact
"I don't like %l macros" or similar "receiver policy" decisions.
Frank
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735