1. SPF/RFC

1.1. 7208

RFC 7208 Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1

https://datatracker.ietf.org/doc/html/rfc7208

Abstract

   Email on the Internet can be forged in a number of ways.
   In particular, existing protocols place no restriction on what a sending
   host can use as the "MAIL FROM" of a message or the domain given on the SMTP HELO/EHLO commands. 
   This document describes version 1 of the Sender Policy Framework (SPF) protocol, 
   whereby ADministrative Management Domains (ADMDs) can explicitly authorize the hosts that
   are allowed to use their domain names, and a receiving host can check such authorization.

   This document obsoletes RFC 4408.

"MAIL FROM" HELO/EHLO identity

2.1. Publishing Authorization

These records authorize the use of the relevant domain names in the "HELO" and "MAIL FROM" identities by the MTAs specified therein.

4. The check_host() Function

4.4. Record Lookup

1.2. 5.2. "include"

  1. If it returns not-match or an error, the parent check_host()
    • resumes processing as per the table below, with the previous

      value of <domain> restored.

In hindsight, the name "include" was poorly chosen.  

Only the evaluated result of the referenced SPF record is used, rather than
   literally including the mechanisms of the referenced record in the
   first.  

For example, evaluating a "-all" directive in the referenced
   record does not terminate the overall processing and does not
   necessarily result in an overall "fail".  

(Better names for this
   mechanism would have been "if-match", "on-match", etc.)

1.3. history

https://datatracker.ietf.org/doc/html/rfc4408


CategoryDns CategoryWatch CategoryTemplate

MoinQ: SPF/RFC (last edited 2024-02-18 23:27:49 by ToshinoriMaeno)