On 28/Jan/12 16:21, Scott Kitterman wrote: > On Saturday, January 28, 2012 01:09:40 PM Alessandro Vesely wrote: >>>>>> How does the domain owner receive reports of others >>>>>> trying to use the domain to send mail? If the domain >>>>>> owner has said via the SPF record that the domain doesn't >>>>>> send mail, I would be highly surprised if the domain >>>>>> owner has configured anything to accept mail at that >>>>>> domain. >>>>> >>>>> If he wants to get the reports, he'd better. >>>> >>>> Do we need to call out this (somewhat obvious) situation in the draft? >>> >>> I hope we don't need to say that if you ask for reports you aren't going >>> to get them unless you configure your system to accept them. >> >> Derek's concern seems legitimate to me. Although John's note may seem >> obvious, let me recall that SPF is rather weak at checking helo names >> because of a very similar reason. We are demanding too much diligence >> from domain admins, for a task they can achieve more easily by tracing >> an included exists mechanism. > > Why is SPF 'weak' at checking HELO names? I think I misunderstand something > about the premise of your statement.
I just notice that admins don't bother publishing a record for each and every host that mails out, although they publish one for the domain. > What diligence are we asking for that is too much? They should additionally publish an MX, for the sole purpose of collecting failure reports. We could as well ask to deliver them via pony express. _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
