On 2015-08-27 at 14:39 +0900, Randy Bush wrote: > so we need a bgp feed of gmail's ipv6 prefixes so we all can automate > blacklisting them?
"Need" is strong. Especially since their IPv6 space is so much more coalesced than their IPv4 space. Technically, _if_ you're going to choose to avoid IPv6 for delivery to them (your system, your rules) and if you want to be future-proof without more maintenance, and if you want to do this for all domains hosted by Gmail, instead of just hard-coding @gmail.com and @google.com, then yes, a dynamically updated feed piping into your mail config build system (to avoid run-time dependence) is going to be helpful. In honesty, the closest I come to this is my list of IP space assigned to cloud hosting providers, because I hard-require DKIM for mails from ranges where IP address is not a stable persistent identifier. And those ranges, I just keep in a file which records in the comments the whois lookups used to find the answers, so that every so often I can update the lists of AWS, GCE and SL space. (And I exempt AWS SES because that is an abuse-controlled flow, instead of dynamic hosts). You can probably get away with just updating the list whenever you see problems. I just figured that you probably already had analysis and extraction tools for BGP data so this would be easy for you. :) -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
