On Tuesday, January 20, 2015 14:34:22 Laura Atkins wrote: > On Jan 20, 2015, at 2:14 PM, Franck Martin <fra...@peachymango.org> wrote: > >> But on the off-chance that it's not impossible to clarify > >> this now, and assuming that my growing suspicion that HELO is > > > >> ignored is correct, then I would propose: > > Your confusion on HELO is may be related to the fact that the HELO string > > is only used when the MAIL-FROM: is empty? > > > > There is some text here: > > http://trac.tools.ietf.org/html/rfc7208#section-10.1.3 > > > > The HELO string is not evaluated all the time, it is more like a fall > > back. > > 7208 actually recommends that the HELO string be evaluated every time. > http://trac.tools.ietf.org/html/rfc7208#section-2.3 > > "2.3. The "HELO" Identity > > > It is RECOMMENDED that SPF verifiers not only check the "MAIL FROM" > identity but also separately check the "HELO" identity by applying > the check_host() function (Section 4) to the "HELO" identity as the > <sender>. Checking "HELO" promotes consistency of results and can > reduce DNS resource usage." > > laura
Approximately the same text existed in RFC 4408 2.1: > It is RECOMMENDED that SPF clients not only check the "MAIL FROM" > identity, but also separately check the "HELO" identity by applying > the check_host() function (Section 4) to the "HELO" identity as the > <sender>. HELO results are unrelated to DMARC. Scott K _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc