Re: [Exim] AOL - SPF - and EXIM

On Thu, 17 Jun 2004, Valentin Nechayev wrote:

> > 7.7 says
>
> 7.7 of RFC 2821?

Yes...

> I treat its text as less important because RFC1123
> is standard (STD3), but RFC2821 isn't. Having standard which explicitly
> prohibits comparation of IP address and $sender_helo_name, and RFC
> (even "proposed standard"), which allows any policy, I prefer standard.

Fair comment. But don't lose sight of the fact that RFC1123 limits
its discussion basically to the technical requirements, rather than to
policy; it deals only in passing with issues of abuse control, and the
requirements for that have escalated in the time since 1123 was
formulated.

If (and I stress *if*) subsequent developments had made it necessary
to violate some detail provision of an earlier STD, no matter how
authoritative, in the interests of maintaining a viable email system,
then I'm afraid I'd have to say let's not wait another few years until
we get a new version of STD3. But in this instance we don't have to
violate STD3, we just have to interpret it creatively.

Nevertheless, it appears that we can reach much the same conclusion
in practical terms, even if our interpretation of the detail may not
be identical...

> > Even if I'm told not to reject mail solely on the basis of the
> > HELO/EHLO domain failing to verify, I'm sure I can find some other
> > justifiable reason for rejecting such mail, and I reckon 7.7 confirms
> > my right to do that, even within the scope of the RFC itself.
>
> Of course.

all the best