On 16/Dec/10 18:38, Matthias Leisi wrote:
On Thu, Dec 16, 2010 at 5:12 PM, Ian Eiloart
<iane(_at_)sussex(_dot_)ac(_dot_)uk> wrote:
Given that we already don't accept IPv6 connections, I think this is an
opportunity to draw a line in the sand. When we do eventually deploy IPv6,
it'll be on much stricter terms than now.
Yes, "default deny, allow from trusted/whitelisted/... sources"
instead of the current "default accept, deny from blacklisted, plus
some white/greylisting".
+1, although this might be one of those good things that we already
lost (like avoiding fallback-to-AAAA.)
I don't mean that IP address is a clever authentication method, but
currently it is the most widely available one.
BTW, http://blog.teamlazerbeez.com/2009/09/14/email-on-ipv6/ assert
that some 1.9% sampled domains have one or more MX records with at
least one host on IPv6. Are there more recent stats?
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg