At 18:00 13/01/2010 Wednesday, Stuart D. Gathman wrote:
Here is a little nit that wasn't addressed in RFC4408. If HELO SPF says
to reject, but SPF for MAIL FROM says Pass, which takes precedence? For
On Wed, 13 Jan 2010, alan wrote:
add manditory /scope
v=spf3/helo rest of record...
or
v=spf3/mfrom rest of record...
... additional useful discussion that misses the original issue
Your proposal doesn't change the fact that HELO and MFROM may give
opposing results. The scope might be a good idea, but HELO != MFROM
domain in most cases anyway, so it is not an issue for this thread.
MacQuig suggests making HELO mandatory with precedence. (MUST check HELO,
if result is anything other than Pass, overall SPF result is Fail.)
My suggestion was to make HELO optional with MFROM having precedence.
Here is one possible matrix:
MFROM
HELO None Neutral Softfail Fail PermErr TempErr
None None Neutral Softfail Fail PermErr TempErr
Neutral Fail Fail Fail Fail PermErr TempErr
SoftFail Fail Fail Fail Fail PermErr TempErr
Fail Fail Fail Fail Fail PermErr TempErr
PermErr PermErr PermErr Softfail Fail PermErr TempErr
TempErr TempErr TempErr Softfail Fail PermErr TempErr
Pass Neutral Neutral Softfail Fail PermErr TempErr
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com