An SPF library implements the check_host() function. It's up to the client to call it multiple times. Is that client DMARC-aware? As you may have guessed, my question is intended to understand how does a DMARC implementation actually ascertain whether an "spf=pass helo=smtp.example.com" is enough to validate "From: [email protected]".
I use the opendmarc library and libspf2. For the SPF check, I give it the IP address, the HELO, and the MAIL FROM, and it gives me a result. I then pass that result to the DMARC library along with the DKIM results. Looking at the code, I see I tell it whether SPF checked HELO or MAIL FROM by simply checking whether MAIL FROM was null, but I don't know what the DMARC libary does with that. Maybe Murray remembers.
There is some commented out code to not pass a HELO result to DMARC, don't remember why I turned it off.
Again, I believe this is typical of what DMARC validators do. It's existing practice and I see no reason to change it. Can we stop now?
Regards, John Levine, [email protected], Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
