Scott Kitterman wrote:
On Thu, 08 Jan 2009 13:46:54 +0100 Alessandro Vesely
<vesely(_at_)tana(_dot_)it> wrote:
Perhaps SPF on HELO would have been more effective if servers checked
the name resulting from rDNS.
SPF only does what it does and isn't a panacea.
Yup, it blocks senders, not hosts. Possibly, someone on this list
recalls how come RFC 4408 recommends checking the HELO identity as well...
Typically in cases like this [...] you can tell this is bogus before you
even check SPF or rDNS.
Yet, it's not quite sound to reject a message on that basis. The
ability to reject spurious senders right on the MAIL FROM command is
SPF's centerpiece. SPF on HELO can add or subtract a few points from a
spam score, and I'm not sure whether that deserves being highlighted
as a prominent feature for marketing purposes.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com