[Top] [All Lists]

Re: Last Call: draft-klensin-rfc2821bis

2008-03-26 05:35:37
On Wed, Mar 26, 2008 at 01:15:23PM +0100, Frank Ellermann wrote:
Bill Manning wrote:  soa (
ns foo.
ns bar.
mailhost   aaaa  fe80::21a:92ff:fe99:2ab1
is what i am using today.

In that case adding an MX record pointing to mailhost
or not is perfectly irrelevant from an IPv4-only POV:  

IPv4-only users cannot reach your AAAA, therefore they
better reject mails claiming to be from any(_at_)example(_dot_)com
at their border for obvious reasons.

        sounds like a great way to reduce the incoming 
        spam to me.

Consider it as one-way spam if the mail with IPv6-only
addresses somehow makes it into IPv4-only land.  That
is broken, as you said, but unrelated to demanding an
MX record for IPv6 SMTPs.

        you mean mail w/ a name that only maps
        to IPv6 addresses is resolvable by names w/ only IPv4
        addresses.  What about the situation where
        mail emitted from a node with only IPv4 addresses
        is resolvable in the IPv6 world?  same "one-way" spam.

Without a mandatory MX for your IPv6 SMTP if the mail
reaches IPvAnything land and folks want to reply or
send DSNs where required, they have to query for MX,
A, and AAAA to finally find your IPv6 SMTP.

        or... they have to query AAAA, then A, then MX

For simple "if it can't receive it has no business to
send" checks at the border it is also three queries.
With a mandatory MX for IPv6 we simply reduce this.

        your arguing that because an SMTP agent implementation
        policy might be in place, that every one who runs
        DNS is now required (that "mandatory" thing) to 
        install an MX?

All "v=spf1 -all" and obscure null-MX ideas could be
phased out if "no MX" means "cannot receive, must not
send".  We will never reach this ideal for IPv4, but
*NOW* is a chance to prepare it for the time when the
whole Internet is IPv6-only.  

        placing an SMTP dependency in the DNS is 
        (imho) fundamentally wrong.  

        The trick here is that applicaiton designers in
        these modren times equate all DNS entries as being
        in the same address family.  Twas not always so and
        class IN to the contrary, IPv4 and IPv6 are pragmatically
        different address families.  Architecturally, the "right"
        thing to do would have been to create a new class for IPv6
        - just like the classes for Chaos and Hesiod.  Orthoginal
        namespaces would have made appications developers lives easier.

        Long and Lean - publication of data elements in the DNS does
        not now and never has equated to reachability for bit delivery.


Opinions expressed may not even be mine by the time you read them, and
certainly don't reflect those of any other entity (legal or otherwise).

IETF mailing list