In message <21077.65231.279689.263778@world.std.com>, Barry Shein writes:
On October 9, 2013 at 11:49 cma@cmadams.net (Chris Adams) wrote:
Once upon a time, Robert Webb <rwebb@ropeguru.com> said:
But how would thet differ from the IPv4 address space which has PTR records for all their IP's? Just the shear number they would have to deal with in the IPv6 space?
Oh, are you looking for auto-generated reverse for every address? That's not going to happen for IPv6 (and it turns out that it wasn't really a good idea for IPv4). There's no reason to have reverse DNS unless it has meaning, and "12-34-56-78.rev.domain.net" isn't really all that useful.
It's very useful for blocking spammers and other miscreants -- no reason at all to accept SMTP connections from troublesome *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN is.
Perhaps not their problem, but it is useful!
And not accepting SMTP from everybody leaves your customers exposed to NSA and others snooping the wires or ISP being subject to warrentless requests to send all the email delivered to their submission and other servers to various government agencies under the idiotic notion that email is always sent in the clear so it doesn't need a warrant. Direct to MX reduces the risk of snooping to the two end points and end point MITM can be detected with the use of tls. If we want secure email, and we should want secure email, then we should be pushing for direct to MX with every customer hosting their own MX server and start tls on by default. Yes that comes with the risk of additional spam but get over it and run proper abuse desks. Mark
-- -Barry Shein
The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org