On 2021-10-07 1:11 p.m., Simon Arlott via mailop wrote:
On 06/10/2021 02:15, Brandon Long via mailop wrote:
Generally speaking, outside of the obvious differences, most of our spam
rules are agnostic to IPv4/IPv6.
The frustrating problem with Google's treatment of IPv6 is that the
"must have reverse DNS" requirement means it will return a 5xx permanent
error for a temporary DNS resolution failure, and reverse DNS typically
involves multiple nameserver delegations with no glue so it's never 100%
reliable.
Twenty years ago it was frustrating to some people that IPv4 Email
servers needed rDNS. (I get your point on the 5xx though)
It of course should depend on WHY no reverse DNS was found. If there is
no authourative server for that IP it should get a different response
than if the authourative name server is down, or if it doesn't have an
entry for that IP Address.
(I wasn't going to get into this thread but.. )
Of course, network engineers sometimes see things as 'simple' when to
the average lay administrator might not find it so. Yes, they can
learn, but do they want to?
Sometimes we just make things more complicated for people, and those
people see very little benefit, so you have to understand WHY things
aren't adopted..
And, while I said tongue in cheek, turn off IPv6, I meant for some
people if they don't want to deal with the extra 'burden' (no flame war
please) of the realities of IPv6, then hey.. you don't have to use it.
(And as one poster said, they only use SPF because Google requires it;
the sheer volume of people that have trouble with SPF is staggering, let
alone DKIM, DMARC [and on and on] should make engineers carefully think
before telling people they have to do things the 'correct way')
For instance, there are 109,915,135 IPv4 addresses on just RATS-NOPTR
(thankfully many ISPs actually block port 25 on egress), just imagine
how big that table would be for IPv6?)
Everything from DNS, IP Reputation, firewalls, IS more difficult in
IPv6, maybe not for you, but for some people.. please, give them a break
when they prefer not to wade in that pool.
The internet SHOULD be free and open.. we need more people running their
own networks, and mail servers.. we have to make sure that the world
doesn't turn into network silo's.
(oh, and friends don't let friends use 1.1.1.1/8.8.8.8 for DNS)
As another poster pointed out, that is the danger of putting all the
eggs in one basket.
......
Now, back to something more on topic..
Happy Thanksgiving Weekend to all my Canadian peeps..
Quick recap of the state of affairs out there..
* Thankfully, Snow Shoe spammers are having a hard time finding new
fresh IP Space.. but still active at some of the familiar hosting
companies.. Only about 10 new ranges per day, most of it by the same
group..
* Digital Ocean dedicated phishing droplets keep getting stood up at a
ridiculous pace
* Amazon/Google/Azure IPs keep being used for BEC at an unabated pace
* Gmail Spam still represents most of what content filters are catching
* Brazil is still off the hook for spam bots (Please block port 25 on
egress)
* MagicMail 5.0 hit Beta..
* Shanghai UCloud spammer volumes steadily increasing.
* Love this one on Azure IP space..
20.50.38.18 1 mta0-2.ungapped.email
20.50.38.19 1 mta0-3.ungapped.email
20.76.58.160 1 mta4-0.ungapped.email
20.76.58.161 1 mta4-1.ungapped.email
20.76.58.162 1 mta4-2.ungapped.email
20.76.58.163 1 mta4-3.ungapped.email
(Nice to see the domain is on Google ;) 404
Hypothetical question for you, if all the spammers and malware actors
were kicked off OVH and Digital Ocean, would their stock valuation still
be so ridiculously high?
Talk to you the other side of a big plate of turkey.. Stay safe, you
know how the bad guys love long weekends.
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
