> On Apr 4, 2022, at 08:13 , Robert Kisteleki <rob...@ripe.net> wrote:
>
>
> On 2022-04-03 07:18, Owen DeLong via NANOG wrote:
>> I’ve not experienced this problem sending emails via IPv6 to gmail
>> destinations from my personal domain.
>> (delong.com <http://delong.com>)
>> Likely this email will, in fact, get sent to GMAIL via IPv6.
>> I do have good SPF and DKIM records and signing and a reasonable DMARC
>> policy set up.
>> If ISC doesn’t have that yet, it might be a better alternative than turning
>> off IPv6.
>> If that doesn’t solve it, I can reach out to someone at Google who can
>> likely get the right parties involved.
>> Owen
>
> I think it has been argued before that having a different email acceptance
> policy over IPv4 vs IPv6 is essentially a layering violation. I'm sympathetic
> to that argument.
The problem with that argument is that it ignores the fact that IP reputation
services are available for IPv4 and impractical for IPv6.
> More to the point: *you* could do this and there are a number of other
> clueful people who can make this work today. And when Google changes their
> rules (that you'll have to learn about once you hit the next wall), then you
> adjust. And you keep on doing this whack-a-mole game.
It hasn’t been all that much whack-a-mole. Frankly, I’ve had more difficulty
playing whack-a-mole with Apple’s changes in what they require for a CA to be
accepted by an iPhone so that I can access my own IMAP server than anything
Google has done to IPv6 mail acceptance.
Bottom line, if you’re running an MTA, then there is a changing landscape of
BCPs that you have to adapt to. Google may be one of the first to get strict
about some of those BCPs, they are also likely the first one many sites will
trip over due to the high volume of email headed their way and the large user
base they have, but there are definitely others that you will also trip over.
You can’t run an MTA in the modern internet without this whack-a-mole game and
I suspect it will eventually hit v4 just as hard as it currently hits v6
because I think that v4 reputation services will fail to cope with CGNAT in
much the same way that they currently can’t cope with IPv6.
> Of course there's an argument that say "mom and pop should not run their own
> mailserver, there are professionals for that!" but at the end of the day what
> this really serves is deliberate and pre-mediated centralisation, slowly but
> steadily stamping out small players.
As pop running his own mail server, I don’t buy that first argument at all.
However, I will say that if you are going to run an MTA on the greater
internet, then you have inherently as part of the social contract, accepted the
obligation to run it in accordance with the current form of BCP and the further
obligation to keep up with the current definition of current BCP.
>
> Robert
Owen
