ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] DNSBL and IPv6

2012-10-25 09:48:15
from [Emanuele Balla (aka Skull)] [Permanent Link] 
On 10/25/12 4:24 PM, Rob McEwen wrote:

Hi Rob!


One thing that is harmless and which should be promoted now is the
exclusive use of IPv6 addresses for authenticated e-mail headed to the
mail server.  That way, IPv6 can be dynamically assigned IPs for things
like residential customers where that end user's IPv6 would never sent
mail directly to the recipient. Then, such a mail server could, for now,
ONLY accept mail for THOSE smtp-authenticated/IPv6 sessions, and
actually refuse non-authenticated IPv6 traffic. Such a server would then
relay out such mail via IPv4. 99.9% of the argument about hurrying up
IPv6 implementation for mail servers due to running out of IPv4 IPs are
solved by this scenario since there are thousands of dynamically
assigned IPs delegated to end users for every one legitimate mail server IP.

Not saying this is the answer for 100 years from now, but this scenario
scales well, too. When EVERYTHING is assigned an IPv6 IP (your car, your
refrigerator, etc)... those IPv6 IPs won't be prevented from sending
e-mail in the scenario I described above, even if mail servers haven't
yet moved into the IPv6 world.



So you're basically suggesting that MXs should not allow any IPv6 SMTP
connection unless it's coming from a trusted entity, and only MSAs
should speak IPv6.

This will allow to work in the upcoming IPv4 shortage scenario, as you
say. But I think you underestimate how hard could be switching from this
scenario to the "all IPv6" one in the future...

In other words, you're basically suggesting something like "do not
publish any AAAA record for your MXs and just rely on IPv4, unless you
found a solution to the IPv6 spam problem".

But this is not suggesting a solution anyway... ;-)


-- 
Paranoia is a disease unto itself. And may I add: the person standing
next to you may not be who they appear to be, so take precaution.
-----------------------------------------------------------------------------
http://bofhskull.wordpress.com/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] DNSBL and IPv6, Emanuele Balla (aka Skull)
Next by Date:  Re: [Asrg] DNSBL and IPv6, Paul Smith
Previous by Thread:  Re: [Asrg] DNSBL and IPv6, Rob McEwen
Next by Thread:  Re: [Asrg] DNSBL and IPv6, Rob McEwen
Indexes:  [Date] [Thread] [Top] [All Lists]