On 10/25/12 5:19 PM, Rob McEwen wrote:
On 10/25/2012 10:48 AM, Emanuele Balla (aka Skull) wrote:
So you're basically suggesting that MXs should not allow any IPv6 SMTP
connection unless it's coming from a trusted entity, and only MSAs
should speak IPv6.
No. I'm talking about AUTHENTICATED e-mail that is, by design, NOT
considered the "sending IP" for that message. Maybe the "originate
IP"... but not the "sending IP". I'm not sure what you mean by "only
MSAs", this wouldn't prevent the use of IPv6 for OTHER uses. My answers
below should clear this up...
In other words, you're basically suggesting something like "do not
publish any AAAA record for your MXs and just rely on IPv4, unless you
found a solution to the IPv6 spam problem".
I think you must be greatly misunderstanding me. When millions of end
user customers for a large set up their outlook programs (or
thunderbird, or whatever)... their connection to their ISP's mail server
does NOT use MX records!!!!
I think we're speaking of the same thing here... :-)
MSA == Mail Submission Agent, the SMTP server your MUA (Outlook,
Thunderbird, pine) will connect to in order to send email.
MX in my notation was intended as "the MTA on the receiving end" or, in
other words, a mailserver that expects to be contacted by others MTAs
only, not by MUAs.
So, to rephrase the whole thing as I understood it:
- allow end customers to use IPv6 to *send* email through their ISP's
(not necessarily the connection one) IPv6-enabled authenticated mailserver
- do not allow the receiving mailserver (aka "the one published as MX
record for the domain") to receive email from strangers through IPv6
Did I get it right?
--
Paranoia is a disease unto itself. And may I add: the person standing
next to you may not be who they appear to be, so take precaution.
-----------------------------------------------------------------------------
http://bofhskull.wordpress.com/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg