Daryl C. W. O'Shea wrote: > [EMAIL PROTECTED] wrote: >> SPF has NOTHING to do with the HELO/EHLO info. > > Actually it does. > > http://www.ietf.org/internet-drafts/draft-schlitt-spf-classic-02.txt
Oops, I'm wrong. But not entirely. Selected quotations from the above draft: SPF clients MUST check the "MAIL FROM" identity It is RECOMMENDED that SPF clients check not only the "MAIL FROM" identity, but also separately check the "HELO" identity by applying the check_host() function (Section 4) to the "HELO" identity as the <sender>. Note that requirements for the domain presented in the EHLO or HELO command are not always clear to the sending party, and SPF clients must be prepared for the "HELO" identity to be malformed or an IP address literal. At the time of this writing, many legitimate e-mails are delivered with invalid HELO domains. -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer
