Am 22.08.25 um 09:24 schrieb Simplelists - Andy Beverley via mailop:
On 22/08/2025 04:43, Viktor Dukhovni via mailop wrote:
Therefore, and especially for email, given that SMTP deliveries are
queued and retried, I don't see a compelling reason for long TTLs.
I would say that for email it's not so much the delivery itself, it's
the plethora of other checks. E.g. receivers checking DKIM/DMARC and
having stringent requirements for such (Microsoft DNS failures in this
regard have come up on this list a few times).
We occasionally see rejects from Gmail when it thinks there is no PTR
record for the IP address that is sending the email, even though the
record is there.
The problem with these checks is that there is no retry mechanism -
the email is just rejected.
Andy
That's why the default on failed checks of any kind (DNS checks, local
database lookup failure, milter timeout) should be to temp fail, not
reject. I know it is tempting to treat no PTR as reason to reject, one
should resist that temptation. Only a positive reject result should lead
to rejection.
Of course, there are still a multitude of reasons why one would enter an
IP address into some kind of rejection list - repeated DNS lookup
failures being one possible reason. False positives do happen, it's the
list maintainer's or list user's responsibility to enable affected
parties to report such false positives and to fix them in a reasonable time.
Cheers,
Hans-Martin
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
