On 10/4/20 3:46 PM, Richard Clayton wrote:
* Use a static IPv4 address for your email system
IMO this should change to support the reality that IPv4 addresses are
getting scarcer by the day, especially in some parts of the world.
you may wish it to change (and I am sure it will in time) ... but a
consensus view (albeit from 2013, but I would expect it was much the
same in 2020) is that you will have much more success delivering email
from a static IPv4 address than from an IPv6 address
Oh, no doubt. But I am of the understanding that the situation with
respect to IPv4 address availability is changing and that the rate of
change may well accelerate.
(Of course at some point public IPv4 addresses may be quite plentiful
again because they are no longer very useful.)
The purpose of a standard specification is not to be reactionary, it is
to specify what is needed for the protocol/service to work well now and
in the future. Operational practice does change over time (e.g. web
traffic is now much more likely to use TLS and/or IPv6 than it was even
a few years ago.)
So today, the right answer is that you need to support sending from IPv4
if at all possible, sending from IPv6 is less essential. But in the
future IPv6 should be the norm and IPv4 should be phased out. IMO it's
valuable for there to be a standard recommendation for how to smoothly
make that transition in email. I doubt I have exactly the right words
(and I didn't really try to nail them down) but I do think it's worth
discussing in IETF.
(Especially given the inertia that likely exists with such rules,
changing the rules now may be necessary to ensure smooth operation in a
year or two)
the inertia is I suspect merely in the people whose views go to the
consensus as to what is "a wise way to set up your email"... it may be
that they miss changes, but I doubt that you will do considerably worse
by using IPv4 for some time to come
Why should MTAs be saddled with having to use a legacy and increasingly
obsolete Internet service? Why should enterprises in parts of the
world with less available IPv4 space have to jump through extra hoops to
exchange email because of obsolete assumptions? Isn't it worthwhile to
encourage MSPs to make explicit transition plans to migrate to IPv6?
* Make sure that your IP address is not listed in the PBL
I suspect that this is something that sites will have less and less
control over in the future, at least in IPv4 space, especially given the
"marketplace" in IPv4 prefixes and the need to have different sites'
addresses in different IPv4 subnets (also has to do with limitations of
DNS in-addr.arpa delegation).
I think you may misunderstand the nature of the PBL ... this is
basically telling you that if you are using IPv4 addresses handed out by
a consumer ISP then you are going to have to ensure that they don't
settle for a quiet life for their abuse@ team by listing all their
assets
I don't know that I'm specifically familiar with the PBL but I have been
of the understanding that blackhole lists often operated on "reputation"
and that the "reputation" of IP addresses were sometimes sullied by past
usages, thereby penalizing users/sites who were subsequently assigned
those same addresses.
Can we reasonably expect that there will continue to be a clean
separation between IPv4 addresses used by consumers and IPv4 addresses
used by enterprises?
* Your system should say HELO (or EHLO) with its hostname
Could use better definition of "its hostname". Suspect you mean EHLO
name should match PTR lookup of client's source IP address.
the document I'm quoting from has a paragraph or so of explanatory text
accompanying each of the bullet points -- so although those bullet
points should resonate with everyone here, to make really good use of
the advice you would need the whole thing
Ah, good to know. I'd be pleased to read it if it were made available.
IMO that might be a bit limiting - I would really like to see
you miss the point -- the list is what you should do for success today.
It is not a manifesto for how the world should be
that said, of course there is value in identifying where success is hard just
to achieve and so we should be promoting initiatives to address that
A document that says what you should do for success today is indeed
useful. IMO a document that outlined a transition (mostly to IPv6 but
perhaps in other ways also) would also be useful, and that's what I'm
arguing for.
* Accept reports of problems with your systems
Is there a more recent standard for doing so than postmaster@?
if you are not reading abuse@ and security@ as well (and paying
attention to email coming in to pretty much any email address in whois
data (for IP or domains) then more fool you
ok, fair.
Keith
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp