On Mar 24, 2014, at 8:52 PM, George Herbert george.herb...@gmail.com wrote:
On Mon, Mar 24, 2014 at 8:02 PM, Owen DeLong o...@delong.com wrote:
On Mar 24, 2014, at 9:21 AM, William Herrin b...@herrin.us wrote:
On Sun, Mar 23, 2014 at 11:07 PM, Naslund, Steve snasl...@medline.com
In message 7b6af6e9-905a-4d14-b54f-8f244afcf...@delong.com, Owen DeLong write
s:
On Mar 24, 2014, at 8:52 PM, George Herbert george.herb...@gmail.com
wrote:
On Mon, Mar 24, 2014 at 8:02 PM, Owen DeLong o...@delong.com wrote:
On Mar 24, 2014, at 9:21 AM, William Herrin
On Mar 24, 2014, at 10:12 PM, Alexander Lopez alex.lo...@opsys.com wrote:
On Mar 24, 2014, at 9:36 AM, Alexander Lopez alex.lo...@opsys.com
wrote:
not to mention the cost in readdressing your entire network when you
change an upstream provider.
Nat was a fix to a problem of lack of
I am not sure I understand the argument here. If you think that ARIN
is not representing the address space holders in proper fashion, how
would we suggest correcting that?
i have made off the cuff suggestions. but seriously, i would seek real
external governance counsel.
If an address
Randy,
Thanks for giving me a lead in!
ARIN has been gradually evolving and tweaking the governance over the past
fifteen years. Given it’s a small board it’s been generally done at the full
Board historically.
We’ve recently started to take a long look at a variety of issues to see if
Randy,
Thanks for giving me a lead in!
ARIN has been gradually evolving and tweaking the governance over the past
fifteen years. Given it’s a small board it’s been generally done at the full
Board historically.
We’ve recently started to take a long look at a variety of issues to see if
On Mar 25, 2014, at 1:07 PM, Randy Bush ra...@psg.com wrote:
ok, let me also try to be constructive. how the heck do we get
ourselves out of a hole where we are ruled by self-perptuating
monopolies which lack oversight and accountability. and it ain't
just arin. look at the big [cc]tlds,
paul,
ARIN has been gradually evolving and tweaking the governance over the
past fifteen years.
and there has been microscopic change
Given it’s a small board it’s been generally done at the full Board
historically.
i think there is some idiom about the fox guarding the hen house. it
I do not agree with the characterization that ... we are ruled by
self-perptuating monopolies which lack oversight and accountability,
when you have a governance committee which is composed of the governing,
not outsiders and governance experts, with no term limits, it would seem
hard to
On Mar 25, 2014, at 5:04 PM, Randy Bush ra...@psg.com wrote:
I do not agree with the characterization that ... we are ruled by
self-perptuating monopolies which lack oversight and accountability,
when you have a governance committee which is composed of the governing,
not outsiders and
[ you're cheating, you're in an asian time zone! ]
I have nothing against term limits (but I also did not champion them back
when I was an elected member of the Board of Trustees.) Many cite risk
of losing well-qualified and experienced Board members right when they
are most productive as
On Mon, Mar 24, 2014 at 9:12 PM, Bob Evans b...@fiberinternetcenter.comwrote:
Thus far, IPv6 has been the Field of Dreams those of us who have
built it, we know they have not yet come (the IPv6 customers). That's
all this discussion is really about is when will they come.
I know the
On Sun, Mar 23, 2014 at 10:07 PM, Naslund, Steve snasl...@medline.comwrote:
As far as printers being a more dangerous attack vector than computers, I
definitely don't buy that argument. It does not change in v4 or v6.
Printers are not merely attack vectors; they are targets.
It only makes
On 3/24/14 2:38 PM, William Herrin b...@herrin.us wrote:
On Mon, Mar 24, 2014 at 2:23 PM, Lee Howard l...@asgard.org wrote:
On 3/24/14 1:37 PM, William Herrin b...@herrin.us wrote:
That would be one of those details on which smart people disagree.
In this case, I think you're wrong. Modern NAT
On Tue, 25 Mar 2014 16:31:17 +1100, Mark Andrews said:
My bet is the number needing more that a single /64 will exceed the number
needing just a /64. Most phones really need two /64 for tethering and
currently there are lots of kludges to work around only one being available.
As a data
On 3/24/14 10:17 PM, Naslund, Steve snasl...@medline.com wrote:
I can easily answer that one as a holder of v4 space at a commercial
entity. The end user does not feel any compelling reason to move to ipv6
if they have enough v4 space.
I can't give my employer a solid business case of why
On 3/24/14 9:12 PM, Bob Evans b...@fiberinternetcenter.com wrote:
I agree with one thing herein
In order for IPv6 to truly work, everyone needs to be moving towards
IPv6.
Yep, chicken and the egg. I agree. We built an IPv6 native network - no
tunneling - no customers to speak of ...
It is late and I am just rambling, but even with DHCP(4and6) changing IP
networks is not a trivial thing. Not hard, but it will require a lot more
planning than what many do today of simply changing the WAN IP address
and some records in the DNS (if needed)
We tried:
Bob Evans
CTO
On 3/24/14 9:12 PM, Bob Evans b...@fiberinternetcenter.com wrote:
I agree with one thing herein
In order for IPv6 to truly work, everyone needs to be moving towards
IPv6.
Yep, chicken and the egg. I agree. We built an IPv6 native network - no
tunneling - no customers to
Look at it this way. If I see an attack coming from behind your NAT,
I'm gonna deny all traffic coming from your NAT block until you assure
me you have it fixed because I have no way of knowing which host it is
coming from. Now your whole network is unreachable. If you have a
- Original Message -
From: Steve Naslund snasl...@medline.com
You are right but that is usually how it works with fiber because that
last drop to the home is a pretty expensive piece that you don't
usually want installed until it is needed. The LECS usually don't even
light a
On 03/24/2014 09:39 PM, Paul Ferguson wrote:
I'll leave it as an exercise for the remainder of... everywhere to
figure out why there is resistance to v6 migration, and it isn't just
because people can't be bothered.
I'm sure there are numerous enterprises in the same shape I am in, with
On Tue, 25 Mar 2014 09:55:21 -0400, Lee Howard said:
Some of us have quite a few IPv6 customers:
http://www.worldipv6launch.org/measurements/
And we see significant traffic from those users. :-)
I'm actually glad to see that we're no longer on the first page
of that list. ;)
I have just as many issues getting ARIN IP space as the next guy and
companies like Verizon. I do vote - yes half the time I am not sure,
exactly who I am voting for from just a bio and candidate paragraph.
As a result, I decided to attend ARIN meetings. I have been to about six
ARIN meetings in
If you want to do address-based reputations for v6 similar to v4, my guess is
that it will start to aggregate to at least the /64 boundary ...
It says a lot about the state of the art that people are still making
uninformed guesses like this, non ironically.
On the one hand /64 is too coarse,
On 3/25/14, 11:23 AM, John Levine wrote:
Large mail providers all agree that v6 senders need to follow good
mail discipline, but are far from agreeing what that means. It
certainly means proper rDNS, but does it mean SPF? DKIM on all the
mail? TLS on the connections? At this point, I don't
On Tue, 25 Mar 2014, John Levine wrote:
It says a lot about the state of the art that people are still making
uninformed guesses like this, non ironically.
Yep, SMTP and the whole spam fighting part of the Internet, isn't ready
for IPv6. This is not IPv6 fault.
I have repeatedly tried to
On Tue, Mar 25, 2014 at 1:43 PM, Brielle Bruns br...@2mbit.com wrote:
On 3/25/14, 11:23 AM, John Levine wrote:
Large mail providers all agree that v6 senders need to follow good
mail discipline, but are far from agreeing what that means. It
certainly means proper rDNS, but does it mean SPF?
In article 5331c054.8040...@2mbit.com you write:
On 3/25/14, 11:23 AM, John Levine wrote:
Large mail providers all agree that v6 senders need to follow good
mail discipline, but are far from agreeing what that means. It
certainly means proper rDNS, but does it mean SPF? DKIM on all the
mail?
On 2014-03-25, Mikael Abrahamsson swm...@swm.pp.se sent:
I have repeatedly tried to get people interested in methods of
making it possible for ISPs to publish their per-customer
allocation size, so far without any success. Most of the time I
seem to get we did it a certain way for IPv4, it
Randy,
Thanks for giving me a lead in!
ARIN has been gradually evolving and tweaking the governance over the past
fifteen years. Given it’s a small board it’s been generally done at the full
Board historically.
We’ve recently started to take a long look at a variety of issues to see if
Hi,
I setup a netscaler load balancer for sip traffic on Amazon EC2. Clients
packets are arrived to the backend servers over to the load balancer but any
responses cannot be arrived to clients. I see the responses on the load
balancer.
I think there is a config problem for that but I don't
Hi Anil,
Have you setup MBF? I've seen that as an issue before. If you don't have a
default route set, than MBF might help you send the response out the interface
on which it was received.
Paul
On Mar 24, 2014, at 11:46 PM, Anil KARADAG akara...@netas.com.tr wrote:
Hi,
I setup a
On 3/25/14, 11:56 AM, John Levine wrote:
I think this would be a good time to fix your mail server setup.
You're never going to get much v6 mail delivered without rDNS, because
receivers won't even look at your mail to see if it's authenticated.
CenturyLink is reasonably technically clued so it
Randy (et al):
Included below is the response by Joe Sims (Jones Day) to Professor
Froomkin's similar arguments in 1999. I include it because it's not
that long but the link is:
http://archive.icann.org/en/comments-mail/comment-bylaws/msg00025.html
I found it interesting and very readable.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Isn't this just a local policy issue with handling DMARC? I know for
sure at least one other (very large) organization that (also) rejects
messages which do not have an rDNS entry, and it is a local DMARC policy.
- - ferg
On 3/25/2014 1:57 PM,
On 3/25/2014 11:53 AM, Bob Evans wrote:
I like term limits for every governing body - except when it's a company I
built with my money. :-)
I have absolutely no business jumping into this discussion, but it keeps
hammering on a topic that interests me in other venues: term limits.
I am
The usefulness of reverse DNS in IPv6 is dubious. Maybe the idea is to cause
enough pain that eventually you fold and get them to host your email too.
-Laszlo
On Mar 25, 2014, at 8:57 PM, Brielle Bruns br...@2mbit.com wrote:
On 3/25/14, 11:56 AM, John Levine wrote:
I think this would be a
DMARC says nothing about rDNS, and given how late in the game
DMARC comes, it seems like an odd place to enforce rDNS.
Local policy, sure; local DMARC policy, wait what?
Elizabeth
On 3/25/14, 2:12 PM, Paul Ferguson fergdawgs...@mykolab.com wrote:
-BEGIN PGP SIGNED MESSAGE-
On Tue, Mar 25, 2014 at 5:33 PM, Laszlo Hanyecz las...@heliacal.net wrote:
The usefulness of reverse DNS in IPv6 is dubious. Maybe the idea is to
cause enough pain that eventually you fold and get them to host your email
too.
Heh, I say the same things about DMARC where a lot of the major
On 3/25/14, 3:33 PM, Laszlo Hanyecz wrote:
The usefulness of reverse DNS in IPv6 is dubious. Maybe the idea is
to cause enough pain that eventually you fold and get them to host
your email too.
Well, like I said, there is nothing wrong with using rdns as part of a
score in how legit a
This seems like to sort of problem that Mailops or MAAWG should
be hammering out.
Of course MAAWG is working on it. But don't hold your breath.
R's,
John
In article 5331edab.8000...@2mbit.com you write:
On 3/25/14, 11:56 AM, John Levine wrote:
I think this would be a good time to fix your mail server setup.
You're never going to get much v6 mail delivered without rDNS, because
receivers won't even look at your mail to see if it's authenticated.
On Tue, Mar 25, 2014 at 02:57:15PM -0600, Brielle Bruns wrote:
Nothing wrong with my mail server setup, except the lack of RDNS.
Lacking reverse should be one of many things to consider with
rejecting e-mails, but should not be the only condition.
Lack of rDNS means either (a) there is
The OP doesn't have control over the reverse DNS on the ATT 6rd. Spam
crusades aside, it can be seen as just another case of 'putting people in their
place', reinforcing that your end user connection is lesser and doesn't entitle
to you to participate in the internet with the big boys. How
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 3/25/2014 2:38 PM, Elizabeth Zwicky wrote:
Local policy, sure; local DMARC policy, wait what?
My goof. Apparently just local policy sans DMARC.
- - ferg
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-BEGIN
On Tue, 25 Mar 2014 19:07:16 -0400, Laszlo Hanyecz las...@heliacal.net
wrote:
One would hope that with IPv6 this would change, but the attitude of
looking down on end subscribers has been around forever.
And for damn good reasons (read: foolish and easy to trick into becoming a
spam
In article 3d7d0845-cb25-4c05-8fab-f5728c860...@heliacal.net you write:
The OP doesn't have control over the reverse DNS on the ATT 6rd.
Ah, OK, you're saying that their IPv6 isn't ready for prime time.
One would hope that with IPv6 this would change, but the attitude of looking
down on end
In message 20140325233557.6311.qm...@joyce.lan, John Levine writes:
In article 3d7d0845-cb25-4c05-8fab-f5728c860...@heliacal.net you write:
The OP doesn't have control over the reverse DNS on the ATT 6rd.
Ah, OK, you're saying that their IPv6 isn't ready for prime time.
One would hope
Or he could just not like NSL and the fact the ISP's are required
to abide by them. If people want their email going through where
it can be snooped apon that is their perogative. Just don't force
people to have to use I-WILL-SNOOP-ISP!!!
Who said anything about being required to use your
In message alpine.bsf.2.00.1403252016070.6...@joyce.lan, John R. Levine
writes:
Or he could just not like NSL and the fact the ISP's are required
to abide by them. If people want their email going through where
it can be snooped apon that is their perogative. Just don't force
people to
auDA has announced it will be introducing DNSSEC into the .au domain space in
an experimental capacity. Deployment on production servers will commence
during April and will be trialled for 4 months. The .au DS records will_not be
added to the root zone during this period.
Operators
Congratulations Adam.
Mehmet
On Mar 26, 2014, at 7:19, Adam King adam.k...@auda.org.au wrote:
auDA has announced it will be introducing DNSSEC into the .au domain space in
an experimental capacity. Deployment on production servers will commence
during April and will be trialled for 4
On 3/25/14, 5:35 PM, John Levine wrote:
In article3d7d0845-cb25-4c05-8fab-f5728c860...@heliacal.net you write:
The OP doesn't have control over the reverse DNS on the ATT 6rd.
Ah, OK, you're saying that their IPv6 isn't ready for prime time.
One would hope that with IPv6 this would change,
In an attempt to get this thread back on topic:
* Does Google require rDNS for IPv4 mail sources?
If so, doing so for IPv6 shouldn't be a surprise. Your current provider's
inability to support rDNS for IPv6 is not a protocol failure, it is a
provider failure.
If not, is there an additional
On 3/25/14, 6:24 PM, Brielle Bruns wrote:
The problem is, it blows my cred and rep with my end users when on day
one of getting them set up and fully running on IPv6, they can't e-mail
the local school district, or their business partners, because the other
end uses Google mail. It makes me
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 3/25/2014 7:03 PM, Robert L Mathews wrote:
On 3/25/14, 6:24 PM, Brielle Bruns wrote:
The problem is, it blows my cred and rep with my end users when
on day one of getting them set up and fully running on IPv6, they
can't e-mail the local
On 3/25/2014 9:24 PM, Brielle Bruns wrote:
Last time I checked, there is no RFC that states that using SMTP
transport is mandatory with the originator having rDNS (ipv4/ipv6).
It may be SUGGESTED or RECOMMENDED, but not MANDATORY or REQUIRED. It
is an arbitrary decision made by each mail
On 3/25/14, 7:58 PM, TJ wrote:
In an attempt to get this thread back on topic:
* Does Google require rDNS for IPv4 mail sources?
After a quick test here, Google did not reject the mail from an IPv4
address that did not have rDNS.
If so, doing so for IPv6 shouldn't be a surprise. Your
On 3/25/14, 8:03 PM, Robert L Mathews wrote:
I don't quite see how this is anything to do with IPv6.
It does when you've got the job of trying to convince people who know
nothing about how the internet works why they should invest time in
something new.
Unless, I'm wrong in that we're
On 3/25/14, 8:08 PM, Paul Ferguson wrote:
Also, please do*not* expect folks to toss anti-spam measures out the
window just because they might move to v6.
That would be naive.
Of course not, been spending the last few months trying to adapt my own
anti-spam measures to work properly for
None of this is REQUIRED. It is forced on people by a cartel of
email providers.
It must be nice to live in world where there is so little spam and other
mail abuse that you don't have to do any of the anti-abuse things that
real providers in the real world have to do.
Regards,
John
On 3/25/2014 10:25 PM, Brielle Bruns wrote:
Like I said in a previous response, if you are going to make rdns a
requirement, why not make SPF and DKIM mandatory as well?
many ISPs ALREADY require rDNS. So making that standard official for
IPv6 is isn't asking for much! It is a NATURAL
On Tue, Mar 25, 2014 at 12:51 PM, Mikael Abrahamsson swm...@swm.pp.sewrote:
On Tue, 25 Mar 2014, John Levine wrote:
It says a lot about the state of the art that people are still making
uninformed guesses like this, non ironically.
I have repeatedly tried to get people interested in methods
I would suggest the formation of an IPv6 SMTP Server operator's club,
with a system for enrolling certain IP address source ranges as Active
mail servers, active IP addresses and SMTP domain names under the
authority of a member.
Surely you don't think this is a new idea.
R's,
John
I'm sure you are as vocal about outright rejecting messages for lack of
SPF (even if softfail) and lack of DKIM as you are about requiring rDNS?
Interesting guess, but completely wrong.
Or perhaps making TLS mandatory, outright rejecting cleartext.
Not until we have SMTP DANE.
Seems like the
On 3/25/2014 10:51 PM, Jimmy Hess wrote:
I would suggest the formation of an IPv6 SMTP Server operator's club,
That comes across too much like the failed FUSSP ideas. What happens
when spammers try to get onboard? Who is the arbitrator? How fast could
they react? And then you have legit senders
On Tue, 25 Mar 2014 22:51:11 -0400, Rob McEwen said:
On 3/25/2014 10:25 PM, Brielle Bruns wrote:
Like I said in a previous response, if you are going to make rdns a
requirement, why not make SPF and DKIM mandatory as well?
many ISPs ALREADY require rDNS. So making that standard official
On 25 Mar 2014 22:55:19 -0400, John R. Levine said:
I would suggest the formation of an IPv6 SMTP Server operator's club,
with a system for enrolling certain IP address source ranges as Active
mail servers, active IP addresses and SMTP domain names under the
authority of a member.
Maybe we could give everyone globally unique numbers and end to end
connectivity. Then maybe the users themselves can send email directly to each
other without going through this ESP cartel.
-Laszlo
On Mar 26, 2014, at 2:51 AM, Rob McEwen r...@invaluement.com wrote:
On 3/25/2014 10:25 PM,
On Tue, Mar 25, 2014 at 9:55 PM, John R. Levine jo...@iecc.com wrote:
I would suggest the formation of an IPv6 SMTP Server operator's club,
with a system for enrolling certain IP address source ranges as Active
Surely you don't think this is a new idea.
Would it make it more unique; if
Wow, what a lot of NANOG traffic about IPv6 readiness for SMTP!
Please explain my misunderstanding on the following:
1. IPv6 is a Routing Layer Protocol (with some associated helpers, like RA,
ND, DHCP-PD, and the like).
2. SMTP is an Application Layer Protocol, supposedly independent of
On Tue, Mar 25, 2014 at 10:08 PM, Rob McEwen r...@invaluement.com wrote:
On 3/25/2014 10:51 PM, Jimmy Hess wrote:
I would suggest the formation of an IPv6 SMTP Server operator's club,
That comes across too much like the failed FUSSP ideas. What happens
when spammers try to get onboard? Who
On 3/26/2014 午後 12:31, Cutler James R wrote:
Wow, what a lot of NANOG traffic about IPv6 readiness for SMTP!
Please explain my misunderstanding on the following:
1. IPv6 is a Routing Layer Protocol (with some associated helpers, like RA,
ND, DHCP-PD, and the like).
2. SMTP is an
On 3/25/2014 10:31 PM, Cutler James R wrote:
Wow, what a lot of NANOG traffic about IPv6 readiness for SMTP!
Please explain my misunderstanding on the following:
1. IPv6 is a Routing Layer Protocol (with some associated helpers, like RA,
ND, DHCP-PD, and the like).
2. SMTP is an
3. Arguing about IPv6 in the context of requirements upon SMTP connections is
playing that uncomfortable game with
one�s own combat boots. And not particularly productive.
If you can figure out how to do effective spam filtering without
looking at the IP addresses from which mail arrives, you
According to the Ace of Spades HQ blog:
IPv6 would allow every atom on the surface of the earth to have its
own IP address, with enough spare to do Earth 100+ times.
--
Requiescas in pace o email Two identifying characteristics
of System
On 3/25/2014 11:18 PM, John Levine wrote:
3. Arguing about IPv6 in the context of requirements upon SMTP connections is
playing that uncomfortable game with
ones own combat boots. And not particularly productive.
If you can figure out how to do effective spam filtering without
looking at
On 3/26/2014 12:28 AM, Larry Sheldon wrote:
According to the Ace of Spades HQ blog:
IPv6 would allow every atom on the surface of the earth to have its
own IP address, with enough spare to do Earth 100+ times.
Not with a /64 minimum allocation per customer :)
Jeff
On 3/26/2014 12:33 AM, Larry Sheldon wrote:
On 3/25/2014 11:18 PM, John Levine wrote:
3. Arguing about IPv6 in the context of requirements upon SMTP
connections is playing that uncomfortable game with
ones own combat boots. And not particularly productive.
If you can figure out how to do
But, as always, I'm not holding my breath.
Is spam fighting really about SMTP? Or is it about abuse of the
transport layer by (among other things) the SMTP?
I don't think that your typical spam recipient cares how the spam got
into her inbox. Anyone who has any familiarity with large scale
IPv6 adds an entirely new aspect to it.
Well, if you mean the entirely new aspect is a list of hex addresses instead
of dotted decimal addresses I guess so. I personally would rather have a
list of actual end system addresses than a list of addresses that represent a
mail server and
Thus far, IPv6 has been the Field of Dreams those of us who have
built it, we know they have not yet come (the IPv6 customers). That's
all this discussion is really about is when will they come.
Some of us have quite a few IPv6 customers:
On Tue, Mar 25, 2014 at 11:07 PM, Larry Sheldon larryshel...@cox.netwrote:
On 3/25/2014 10:31 PM, Cutler James R wrote:
2. SMTP is an Application Layer Protocol, supposedly independent of
Routing and lower layers of the protocol stack. Various communities have
added connection initiation
84 matches
Mail list logo