why IPv6 isn't ready for prime time, SMTP edition
Paul Ferguson
fergdawgster at mykolab.com
Tue Mar 25 21:12:52 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Isn't this just a local policy issue with handling DMARC? I know for
sure at least one other (very large) organization that (also) rejects
messages which do not have an rDNS entry, and it is a local DMARC policy.
- - ferg
On 3/25/2014 1:57 PM, Brielle Bruns wrote:
> On 3/25/14, 11:56 AM, John Levine wrote:
>> I think this would be a good time to fix your mail server setup.
>> You're never going to get much v6 mail delivered without rDNS,
>> because receivers won't even look at your mail to see if it's
>> authenticated.
>>
>> CenturyLink is reasonably technically clued so it shouldn't be
>> impossible to get them to fix it.
>
>
> Nothing wrong with my mail server setup, except the lack of RDNS.
> Lacking reverse should be one of many things to consider with
> rejecting e-mails, but should not be the only condition.
>
> That would be like outright refusing mail unless it had both SPF
> and DKIM on every single message.
>
> Sure, great in theory, does not work in reality and will result in
> lost mail from legit sources.
>
> Already spoken to CenturyLink about RDNS for ipv6 - won't have
> rdns until native IPv6. Currently, IPv6 seems to be delivered for
> those who want it, via 6rd.
>
> And, frankly, I'm not going to get in a fight with CenturyLink over
> IPv6 RDNS, considering that I am thankful that they are even
> offering IPv6 when other large providers aren't even trying to do
> so to their residential and small business customers.
>
> It is very easy for some to forget that not everyone has a gigabit
> fiber connection to their homes with ARIN assigned IPv4/IPv6 blocks
> announced over BGP. Some of us actually have to make do with
> (sometimes very) limited budgets and what the market is offering us
> and has made available.
>
>
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iF4EAREIAAYFAlMx8VQACgkQKJasdVTchbJkBgD+PeCiFIefgXhmcsyIiqHAdiNX
slrBbBk3/edq9yiAsPAA/0zwEwPqfFTyjYvChdgMyC09aSDOFeGT8vf6HZzMCPDt
=OHTl
-----END PGP SIGNATURE-----
More information about the NANOG
mailing list