>> >> It seems to be a glaring omission that you can't use libspf2 in the HELO >> ACL. It seems like this is an Exim deficiency or am I missing something? >> Can the experimental SPF Exim spec be enlarged to include maybe something >> like an 'spf-helo' check which would be usable in the HELO ACL? >> >> Comments? > >The SPF project currently can't make up its mind whether to recommend >checking of the HELO independently of the MAIL FROM. When the Exim >implementation was written (before RFC4408), the recommendation was to >check HELO only in the case of null senders - which you don't know >until the MAIL ACL of course. The Exim implementation will follow this >recommendation (at least, that's how I read the code). > >4408's wording is a bit unclear, and the project is debating what >should be done about it. > >In the meantime, the Exim implementation doesn't provide fine-grained >access to the libspf2 library in order to check HELO independently of >MAIL FROM. So using it at HELO time is moot. >
It seems like it would only take a couple little "tweaks" of the code to implement a 'spf_helo' [I found out '-' doesn't work :( ] check that could work in the HELO ACL (I think I have something workable). This would at least give people the option. From what I'm seeing on the SPF discussion lists, it seems like checking at HELO is becoming more popular. >I was wondering if I had time to look at using perl calls to the new >Mail::SPF module to have a bit more of a play...... > I started with the perl Mail:SPF modules and had everything working, HELO included, but I was getting occasional problems connecting to the spfd. I know that I'm running on a very tiny machine and that might be the problem. That's why I started looking into the integrated libspf2 solution. >Peter > >-- >Peter Bowyer >Email: [EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
