> Without having seen your patch, I am very reluctant to apply this to the
> official M:S:Q repository, because it is essentially a gross hack. Let's
> face it, M:S:Q does have some deficiencies that will never be resolved.
Indeed. I think we should leave it as it is and not even try to fix it. I
was just trying to picture what I was talking about.
> It not being able to do HELO and MAIL FROM checks separately is one of
> them.
Is it? As far as I'm concerned, it is able to do that. If you feed it a
sender address that meets its expectations of a sender address, it will
perform a MAIL FROM check and not a HELO check. On the other hand, if it
can't find a sender address, it will perform a HELO check. In both cases,
the same algorithm is used. This is documented too.
> Is it of much value for postfix-policyd-spf to work around this
> limitation in such an awkward way?
I don't consider it to be awkward, but that may be because I don't really
understand what it is that you find awkward. Basically, a HELO and MAIL
FROM check are essentially the same operation, just with different input
values (and the result will in many cases be treated different too). IMHO,
an SPF checker should not even need to know (or care) whether it is
performing a HELO or MAIL FROM check, this could be left to the calling
implementation as well (like postfix-policyd-spf in this case).
Personally, I would definitly prefer to have it that way, in order to be
able to decide whether I want to do either or both of these checks and act
differently on the results.
Arjen
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> iD8DBQFDlhUywL7PKlBZWjsRAnM0AJwNjTVGPXVCLtiAfuRU+AF+JRgykwCfZVds
> DAcpixUTHhuz8To6fQ6/nPo=
> =TvmC
> -----END PGP SIGNATURE-----
>
> -------
> To unsubscribe, change your address, or temporarily deactivate your
> subscription,
> please go to
> http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
>
>
--
Eindhoven - The Netherlands
Key fingerprint - 66 4E 03 2C 9D B5 CB 9B 7A FE 7E C1 EE 88 BC 57
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
> official M:S:Q repository, because it is essentially a gross hack. Let's
> face it, M:S:Q does have some deficiencies that will never be resolved.
Indeed. I think we should leave it as it is and not even try to fix it. I
was just trying to picture what I was talking about.
> It not being able to do HELO and MAIL FROM checks separately is one of
> them.
Is it? As far as I'm concerned, it is able to do that. If you feed it a
sender address that meets its expectations of a sender address, it will
perform a MAIL FROM check and not a HELO check. On the other hand, if it
can't find a sender address, it will perform a HELO check. In both cases,
the same algorithm is used. This is documented too.
> Is it of much value for postfix-policyd-spf to work around this
> limitation in such an awkward way?
I don't consider it to be awkward, but that may be because I don't really
understand what it is that you find awkward. Basically, a HELO and MAIL
FROM check are essentially the same operation, just with different input
values (and the result will in many cases be treated different too). IMHO,
an SPF checker should not even need to know (or care) whether it is
performing a HELO or MAIL FROM check, this could be left to the calling
implementation as well (like postfix-policyd-spf in this case).
Personally, I would definitly prefer to have it that way, in order to be
able to decide whether I want to do either or both of these checks and act
differently on the results.
Arjen
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> iD8DBQFDlhUywL7PKlBZWjsRAnM0AJwNjTVGPXVCLtiAfuRU+AF+JRgykwCfZVds
> DAcpixUTHhuz8To6fQ6/nPo=
> =TvmC
> -----END PGP SIGNATURE-----
>
> -------
> To unsubscribe, change your address, or temporarily deactivate your
> subscription,
> please go to
> http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
>
>
--
Eindhoven - The Netherlands
Key fingerprint - 66 4E 03 2C 9D B5 CB 9B 7A FE 7E C1 EE 88 BC 57
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com