Is there an identifiable attack vector which can be based on using the (forward confirmed) HELO name for SPF pass?
If not, why change? On Mon, Dec 7, 2020, 6:09 AM Dotzero <dotz...@gmail.com> wrote: > > > On Mon, Dec 7, 2020 at 2:13 AM Murray S. Kucherawy <superu...@gmail.com> > wrote: > >> On Tue, Dec 1, 2020 at 2:17 PM John R Levine <jo...@taugh.com> wrote: >> >>> We would like to close this ticket by Dec 15, two weeks from now, so >>> short >>> trenchant comments are welcome. >>> >>> Ticket #1 is about SPF alignment. We need to replace references to 4408 >>> with 7408, ando clarify what if anything we do with SPF HELO checks if >>> the MAIL FROM is null. One possibility is to say only MAIL FROM SPF >>> counts, if you want to align your bounces, sign them. The other is to >>> explicitly say that HELO alignment is OK on bounces. >>> >> >> I have a slight preference for the first option. HELO is too arbitrary >> in the protocol for me to put much value in using it in any of these >> systems. >> >> -MSK >> > > +1 > > Michael Hammer > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc