On Thursday 07 December 2006 08:30, Steve Yates wrote: > Koen Martens <mailto:[EMAIL PROTECTED]> wrote on Thursday, December 07, 2006
> > Btw, about the HELO check, i think traditionally it was only done on > > bounces (empty mail-from), but correct me if i am wrong! > > Hmm, don't know. The RFC says: > > "It is RECOMMENDED that SPF clients not only check the "MAIL FROM" > identity, but also separately check the "HELO" identity..." > "When the reverse-path is null, this document defines the "MAIL FROM" > identity to be the mailbox composed of the localpart "postmaster" and > the "HELO" identity..." > "At least the "MAIL FROM" identity MUST be checked, but it is > RECOMMENDED that the "HELO" identity also be checked beforehand." Koen's recollection is correct. The pre-RFC drafts were that way until very late in the game. The theory being if HELO checking is needed for Mail From <>, then it's needed and you may as well check it. While most fielded implementations still do it the old way, the examples should, I think, follow the RFC. Scott K ------- To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?list_id=1996
