Re: current usage of AAAA implicit MX?

On Apr 7, 2008, at 9:54 AM, Dave Crocker wrote:
> John C Klensin wrote:
> > --On Sunday, 06 April, 2008 22:44 -0400 "Robert A. Rosenberg"
> > <hal9001(_at_)panix(_dot_)com> wrote:
> > > Remember that the A-Fallback behavior is ONLY due to the needs  
> > > (back in the 1980s)
> ...
> > Someone would need to check with Craig Partridge, but I believe  
> > that "only" (or "ONLY") in the above is not strictly correct. It  
> > may have been the primary reason, but, no matter how often "only"  
> > is repeated a desire to permit minimal configurations did, I am  
> > quite sure, figure in to the equation.
> A side discussion about history might be interesting, but I'll  
> suggest that it should not really be a factor for the current  
> discussion.  The reasons are:
> 1. It has a substantial installed base of use now.
SMTP without MX and only AAAA resource records is not widely deployed  
for public interchange.
> 2. There is a benefit in the feature, by virtue of reducing the  
> effort to create and email receiving service, and in some  
> environment the reduction is quite significant.
Standardizing on AAAA fallback when MX resource record do not exist  
will require those using IPv6-only hostnames to publish bogus MX  
resource records as a means to avoid undesired traffic SMTP now  
generates. Standardization on AAAA fallback is likely to attract this  
undesired traffic and further abuse of SMTP.  The undesired traffic  
can be substantial, depending upon the nature of the spoofed email,  
where creating bogus MX resource records in response should not be  
seen as beneficial.  This effort will increase the DNS zone sizes.   
Instances of IPv6 only SMTP lacking MX records and receiving public  
SMTP traffic is sure to represent a small minority of the number of  
hostnames in IPv6 address space.
A standardized default behaviour of AAAA fallback would also increase  
the overhead for those transmitting or receiving SMTP messages.  This  
new fallback mode would necessitate an additional DNS transaction and  
greatly increase the pool of hostnames used for spoofing an  
originating domain. In addition, when the hostname with AAAA only  
records do not accept messages, it may take days and many transactions  
before this problem is reported.  When a host is intended to act as a  
public SMTP server, publishing an MX record can be seen as offering an  
Opt-In strategy.  As everyone knows, Opt-Out and email does not work.
> 3. It is not generally recognized as causing any problems now.
Spoofing of originating domain is extremely common.  This strategy is  
already creating undesired traffic on servers not running SMTP.  This  
traffic might be generated when spoofed messages are being returned as  
NDNs, or when receiving SMTP servers attempt to validate the domain of  
the message in question.  When an MX is not found, a test might be  
performed by confirming a connection to port 25 is possible.  When  
these IPv6 hostnames represent simple devices reporting the status of  
vending machines, hot water heaters, etc, the undesired traffic  
created by the standardization of AAAA fallback may be enough to make  
these devices inoperable.  SMTP needs to play well with other protocols.
> What we need to do with this thread is end it.
End the denial that standardizing AAAA fallback for SMTP is not a  
substantial architectural change.  Depending upon the AAAA fallback  
mode of operation is also less likely to provide inter-operation, the  
goal of standardization.
-Doug