On 3/25/2014 9:24 PM, Brielle Bruns wrote:
Last time I checked, there is no RFC that states that using SMTP transport is mandatory with the originator having rDNS (ipv4/ipv6). It may be SUGGESTED or RECOMMENDED, but not MANDATORY or REQUIRED. It is an arbitrary decision made by each mail provider.
For IPv6, FCrDNS... using NOT "dynamic formatted" host names... and with the host name ending in the sender's main domain... *should* be mandatory. And +1 THOUSAND for everything that John Levine said in his last few messages! Additionally... [addressing this topic in general from here on, not talking specifically to Brielle...] I have a unique perspective on this... as I manage an anti-spam blacklist which blacklists many of the snowshoe spammers and "can-spam complient" spammers whose practices are 100% legal, and who are not sending to a single caught-you-red-handed honeypot trap. Many of them abuse blackhat and grayhat ESPs. Unfortunately, in some instanaces, that "abuse" is symbiotic ("wink wink"), where the blackhat ESP will know that a sender's practices are extremly suspect (or worse), but will look the other way in exchange for much needed revenue. In fact, with the worldwide economy still in somewhat of a drag for about the 6th year in the row, I'm seeing evidences that *some* ESPs are lowering their standards a little to even more accommodate this crap. Some once-proud ESP who claimed they never do this, are in fact doing it. Still, a HUGE deterrent is getting their IP reputation "soiled"up on senderbase.org and getting on many blacklists. That becomes a "safety net" that keeps some of these ESPs from going off the deep end. And, again, I'm on the front lines dealing with this everyday. Therefore, SCARCITY of IPv4 IPs... is a FEATURE.. NOT a bug when it comes to keeping ESPs under control. And it also gives hosters/datacenters motivation to likewise "police" potential customers because the hoster or datacenter is left with the damage long after they've kicked a spammer off of their network. ALL of that would "unravel"... ALL OF IT!!!!! ... if we all started using IPv6 for sending authenticated mail. (workstations sending mail to their own mail server could send via IPv6 all they wanted to.. that wouldn't be a problem at all) But if all or most MTAs switched to IPv6, it would be a nightmare and what is sad is that MANY people reading this message are STILL going to GREATLY underestimate my warning after reading this. There are, unfortunately, many poeple who won't listen to reason and logic and require a real world nightmare before they "believe"... much like a 2-year-old who doesn't believe his parents' warning to not touch a hot stove... until AFTER he touches it. But we don't all have that luxury, do we? IPv6 is a spammer's dream! But REQUIRING FCrDNS for IPv6 ... using a NOT "dynamic formatted" host name... and with the host name ending in the sender's main domain... would go a long way towards mitigating these problems as then there would be more "truth in sending" as the rDNS would then properly convey both reputation and identity to the sender. I wish that could becomes a universal IPv6 SMTP standard... yesterday! PS - but even then, I'm told that there may be issues with overrunning DNS caches should spammers send each spam from a unique IP.... and slowing down of processing of mail when rDNS lookups happen on each individual IP. To go back over the "root problem" that I never mentioned, a spammer would send out a million spams, each from a unique IP address, without even having that large of an IPv6 allocation. IPv6 MTAs is NOT something to be "rushed into". Anyone promoting rushing into that... is not very well informed. (to put it nicely).. or they are a spammer who can't wait for all the fun to commence. -- Rob McEwen