ietf-smtp
[Top] [All Lists]

Re: Block IPv6-only at the border (was: I-D Action:draft-klensin-rfc2821bis-10.txt)

2008-04-16 14:54:06

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Frank,

On 16 Apr 2008 at 20:46, Frank Ellermann 
<hmdmhdfmhdjmzdtjmzdtzktdkztdjz(_at_)gmail(_dot_)com> said:

"Tony Finch" wrote:

I doubt that it makes sense to accept email from 
test(_at_)ipv6(_dot_)l(_dot_)google(_dot_)com on a system that can only
communicate with IPv4 addresses.

In stark contrast to Ned's view I think that you
MUST reject such mails - unless you can guarantee
delivery without auto-response (no NDR, no DSN,
no MDN, no vacation, no forward, in essence an 
empty reverse-path, near to rewrite MAIL FROM:<>)

No, I don't agree.  Your only real obligation is to ensure that your 
output relay doesn't attempt a delivery and so waste resources when it 
can't do it by simply guaranteeing that IPv6 hosts aren't considered in 
email routing at time of delivery (EG worst case is a double-bounce 
listing "No data" as reason because the resolver routines have ignored the 
IPv6 addresses, if double-bounces were enabled - and they should be!).  
That doesn't mean not accepting mail from IPv6-only hosts, any more than 
it means not accepting mail from an invalid mailbox.  IMHO, it's your 
responsibility to ensure that mail can and will be accepted and to make 
sure that it will be delivered so that the minimal number of DSNs/whatever 
have to be generated to accomodate your configuration problems under 
whatever circumstance.  It is less wise to depend on a sender check that 
doesn't make sense semantically (there never has been and never will be a 
requirement in a spec enforcing it, and for good reason, even if it makes 
sense for policy) and which is only really useful as a feeble antispam 
check nowadays anyway in these days of deliberate DSN disposal.

Same idea as in EAI, after a reject "the sender
can make another plan".  After accepting it the
IPv6-only mail vanished in a black hole for all
non-trivial cases.  

Cheers,
Sabahattin

- -- 
Sabahattin Gucukoglu <mail<at>sabahattin<dash>gucukoglu<dot>com>
Address harvesters, snag this: feedme(_at_)yamta(_dot_)org
Phone: +44 20 88008915
Mobile: +44 7986 053399
http://sabahattin-gucukoglu.com/


-----BEGIN PGP SIGNATURE-----
Version: PGP 8
Comment: QDPGP - http://community.wow.net/grt/qdpgp.html

iQA/AwUBSAZv2iNEOmEWtR2TEQLidgCgk0IXZEEBqCfv9cXv1S652LVYTiUAn1bT
wv9u+hrPwyAmpqq1p98Rkph6
=75hu
-----END PGP SIGNATURE-----