> On Aug 17, 2016, at 2:38 PM, Michelle Sullivan <miche...@sorbs.net> wrote: > > Franck Martin wrote: >> I don't think you should block however: > > I'm not making any call either way - it's upto the admins involved. > Personally I have a valid SPF record my milter I wrote and build from scratch > the other week uses libspf2 to make determinations on whether to accept or > reject email based on the pass/soft fail/hard fail, it makes no > differentiation between 'has a SPF record' and 'does not have a SPF record'. >> >> -IPv4 rate limit if the email is not authenticated (pass SPF or DKIM) >> -IPv6 reject email if it is not authenticated (pass SPF or DKIM) > > Personally I wouldn't treat them differently, but that my personal opinion.
There is a fairly good reason to - and I say this as someone whose non-SPF-authenticated IPv6 email has been blocked solely by LinkedIn, not by anyone else - and that's deployment dates. The main reason to accept non-authenticated mail is that it's likely coming from legacy systems that haven't been maintained or updated in decades, and which may not be able to deploy DKIM (or SPF, come to that). Anyone who is sending mail over IPv6 has touched the network recently enough that they don't have that excuse, and it's not unreasonable to hold them to a slightly higher standard. Cheers, Steve _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
