Seth Goodman wrote:
The alternative I suggested was to test for a locally maintained domain
list at the end of the HELO test, *iff* there is no HELO pass. This is
only a slight variation to your method.
Sounds like a good idea, like the very old op=trusted (formerly op=meng)
plan, but with the trust on the right (= receiver) side of the equation
(and therefore without modifier).
It won't help immediately if they add new HELO identities with or without
SPF policy for new mailouts, the receiver still has to maintain a set of
trusted MTAs. At least I now understand an older thread about "sets of
MTAs" started by David some weeks ago. That's a point where we have to
admit that SPF HELO checks are fine, but CSV would be better.
Frank
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735