This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ipv6-wg@ripe.net/
[ipv6-wg] I thought e-mail over IPv6 was easy
- Previous message (by thread): [ipv6-wg] I thought e-mail over IPv6 was easy
- Next message (by thread): [ipv6-wg] New on RIPE Labs: Report on IPv6 Security Test Methodology
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Merike Kaeo
merike at doubleshotsecurity.com
Thu Apr 10 03:57:53 CEST 2014
On Apr 9, 2014, at 10:47 AM, Geert Jan de Groot <GeertJan.deGroot at xs4all.nl> wrote: >> I saw the headline for this article and thought, "wtf, e-mail just >> worked over IPv6 from the time I put the AAAA record in the DNS". But I >> went ahead and had a look, and it is actually pretty interesting: >> http://engineering.linkedin.com/email/sending-and-receiving-emails-over-ipv6 > > Actually, it's even more complicated than that. > > I need to send mail directly instead of "use the provider relay" because > the provider relay doesn't allow me to check whether mail is still queued - > not all the world has reliable mail delivery, unfortunately and for > the people I work with, this is an issue. > > For IPv4, it's easy for an ISP to set up stub forward & reverse records > and that's what I got away with for many, many years. > > For IPv6, the situation is different. As discussed, users have more than > one address and hence may need need more than one forward/reverse pair, > and the address may not be predictable. This gives new problems: > * If the connection is big enough to warrant delegation, then making > FCrDNS work for IPv6 is doable. > For small businesses and home power users however, this may not be > feasible. > * Making forward & reverse match for every /48 of every customer is > a challenge; > * Delegating may not be feasible. > How do you delegate to "John's pet animal and sushi shop"? > The guy probably doesn't run a DNS server to delegate to.. > * Making Dynamic DNS updates work between ISP and customer is a challenge > at best; > * I have not seen any portal solutions, to let the customer handle this. > Even with XS4all, for whom I am a customer, doesn't have an > automated way for this and the current workaround involves manual > intervention with all it's nasty scaling properties. > * I don't think that customer-specific subdomains and SPF-records will > scale either. > > I don't hear much of this new, IPv6-specific problem. Comments? Folks at M3AAWG are looking into these problems. I am aware of the work which was started close to 2 years ago but have not contributed nor am I closely following right now. But I would encourage interesting parties to have a look. Next M3AAWG meeting is in Brussels in June. FWIW there was a great lightning talk about v6 email SPAM concerns back at APRICOT 2012. Seeing all the recent threads on v6 and email on many operator groups is at least a sign to me that more people are now for real looking at the issues :) - merike -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: </ripe/mail/archives/ipv6-wg/attachments/20140409/155d9551/attachment.sig>
- Previous message (by thread): [ipv6-wg] I thought e-mail over IPv6 was easy
- Next message (by thread): [ipv6-wg] New on RIPE Labs: Report on IPv6 Security Test Methodology
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]