Misinformation - Re: Interpreting "v=spf1" (was Work plan for Sender ID)

[Matthew Elvey <matthew@xxxxxxxxx>]

"v=spf1" MUST be valid for the "HELO" scope or the message/record is not 
compliant enough with the SPF specification to ensure a 'pass'.
Mark's statements to the contrary are incorrect. (Read the spec - the 
SPF I-D - http://spf.pobox.com/spf-draft-200406.txt , which says that 
the HELO check MAY be done on any message. 
Hey, Meng - it's way too hard to find the I-Ds on the site since the 
redesign! )

> From the spec:
  "An SMTP sending host MUST also resolve a "pass" for all the
  SPF-conformant domains which appear in the "HELO" or "EHLO" command."



Mark Lentczner wrote:

> On Sep 13, 2004, at 8:39 PM, wayne wrote:
>
> > I again ask that the "v=spf1 " magic number be interpreted as
> > "spf2.0/mailfrom,helo" in the SenderID spec.
>
> [T]he use of the HELO domain in the classic SPF check does not 
> constitute a check on the HELO scope:  

See spec.

> It is not ascertaining the authorization of the use of the domain name 
> in HELO.

See spec.

>   The use of the HELO domain to construct a MAIL FROM identity when 
> the reverse-path is null ("<>") is still checking the authorized use 
> of the domain name as a MAIL FROM name.

See spec.

> It does not constitute a blanket assertion about domain use in HELO.

See spec.