Re: Poll on SMTP over IPv6 Usage
On 13 February 2014 21:23, James Small jim.sm...@mail.com wrote: Interested in what you’re using to send/receive SMTP over IPv6: A) Using Postfix on Ubuntu, for mailing lists B) Using Google Apps for Education for MX/SMTP -- Dick Visser System Networking Engineer TERENA Secretariat Singel 468 D, 1017 AW Amsterdam The Netherlands
Re: Poll on SMTP over IPv6 Usage
On Wed, Feb 19, 2014 at 10:54:14AM +0100, Gert Doering wrote: Blocking by /64 by default is likely to get collateral damage. Enough people do shared subnets with multiple customers in the same /64 - while I won't recommend it, it is *done*, and blocking the whole /64 because you have seen SPAM from a single IP out of it is hurting the wrong people. This is btw standard setup in the DOCSIS world. All CPEs get a single IP out of a shared /64. In case the CPE is not a customer PC but a router (most customers have that), of course DHCPv6-PD is used to issue prefixes. Nevertheless, there is a non-insignificant amount of people directly attaching their PCs directly to cable modems. The assumption everyone inside a /64 is the same subject is flawed, indeed. Best regards, Daniel -- CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0
Re: Poll on SMTP over IPv6 Usage
On Feb 19, Daniel Roesen d...@cluenet.de wrote: This is btw standard setup in the DOCSIS world. All CPEs get a single IP out of a shared /64. In case the CPE is not a customer PC but a router (most customers have that), of course DHCPv6-PD is used to issue prefixes. Nevertheless, there is a non-insignificant amount of people directly attaching their PCs directly to cable modems. This does not really matter wrt mail since nobody sane accepts it from dynamically-assigned addresses, but: The assumption everyone inside a /64 is the same subject is flawed, indeed. Operators who do this should use the assignment-size attribute. -- ciao, Marco signature.asc Description: Digital signature
Re: Poll on SMTP over IPv6 Usage
Hi Gert, On Wed, 2014-02-19 at 10:54 +0100, Gert Doering wrote: Hi, On Wed, Feb 19, 2014 at 02:45:33PM +1000, Noel Butler wrote: We block only by IP from whatever spam source is used (4, or 6), and rbldnsd handles ipv6 nicely (albeit in /64's - fair enough too, since most end users get that, typically), so your MTA's query would get a response from your DNSBL if it has an entry. Blocking by /64 by default is likely to get collateral damage. Enough people do shared subnets with multiple customers in the same /64 - while I won't recommend it, it is *done*, and blocking the whole /64 because you have seen SPAM from a single IP out of it is hurting the wrong people. But, since pretty much every end user gets a /64 (I accept some web hosts and vps services do not work that way - including one of my vps providers), blocking a /64 would be identical to blocking a single IPv4 address with NAT, so should be overall, no worse than what we've been doing for decades. I would prefer it if rbldnsd allowed smaller, or even singular, but it does not, and the reasoning that was given was fair enough, it only allows a single IPv6 address if it is an exclusion, you may know this already, but for others, as an eg to take out fdid:c01d:1ce:ab/64 but allow real mail server fdid:c01d:1ce:ab::10you use fdid:c01d:1ce:ab !fdid:c01d:01ce:ab00::::0010 It accepts no other approaches (note: If I block an IPv6 address in postfix's access files, I usually only block singular, unless I end up with a few addresses in same /64, then I'll change to /64 and clear out the singles) And yes, I've seen that in the wild, Ironport reputation for a very well-behaved machine going down the drain because of bad neighbourhood. ironport *shudders* I never let external orgs decide who I can trust, what's that saying... trust is earned, not bought Cheers signature.asc Description: This is a digitally signed message part
Re: Poll on SMTP over IPv6 Usage
Hi Doug, At 17:52 18-02-2014, Doug Barton wrote: My point is that all the hooha about We can't do mail over IPv6 because we can't do IP address reputation seems to be nonsense. There are plenty of ways to do spam filtering that don't involve keeping a log of every single IP address that sends spam. People are used to blocking spam by IPv4 address. That makes it difficult to explain that it is no longer the better way for IPv4 connections, and nowadays for IPv6 connections. I don't have any problems with SMTP over IPv6. Regards, -sm
Re: Poll on SMTP over IPv6 Usage
On 02/18/2014 07:55 PM, SM wrote: Hi Doug, At 17:52 18-02-2014, Doug Barton wrote: My point is that all the hooha about We can't do mail over IPv6 because we can't do IP address reputation seems to be nonsense. There are plenty of ways to do spam filtering that don't involve keeping a log of every single IP address that sends spam. People are used to blocking spam by IPv4 address. That makes it difficult to explain that it is no longer the better way for IPv4 connections, and nowadays for IPv6 connections. Sorry I wasn't clear, but my post was already long enough. I understand that blocking spam by IPv4 address hasn't been an effective solution by itself for many years now, and I understand that the vendors are crying foul because IPv6 makes their snake oil sales harder. My purpose was to offer some actual concrete numbers from a mail server that's hit relatively hard with spam, to demonstrate that the entire argument of We can't filter spam on IPv6 is specious. :) Doug
Re: Poll on SMTP over IPv6 Usage
Thus wrote emilio brambilla (emi...@ngi.it): PS it's very odd to see so much sendmail on this list, where I would bet to see something more cutting-edge even on the software side! for infrastructure, you run bleeding edge for two reasons: a) you have no choice, it's the only thing that will meet the requirements b) you are terminally bored and don't mind if stuff breaks, it'll relieve the boredom It seems that not many run mail servers in category a, and there's even less list participants in category b. Sendmail, today, is mostly a meh, it's there choice, and does its job reliably well enough, as do the other common open source MTAs. Sendmail does have an advantage if/when you e.g. have uucp connections or need to fold, spindle and mutilate mail headers in other exiting ways. regards, spz -- s...@serpens.de (S.P.Zeidler)
Re: Poll on SMTP over IPv6 Usage
On 17/02/2014 15:16, Ignatios Souvatzis wrote: Not necessarily. All I'd imagine to do with UUCP can be done with postfix and maybe transport tables; I've run a connection that way for a couple of years. This is rapidly turning into a contest of who's admitting to the greatest MTA horrors. Nick
Re: Poll on SMTP over IPv6 Usage
On Mon, Feb 17, 2014 at 03:37:28PM +, Nick Hilliard wrote: On 17/02/2014 15:16, Ignatios Souvatzis wrote: Not necessarily. All I'd imagine to do with I should maybe have added: e-mail over UUCP can be done with postfix and maybe transport tables; I've run a connection that way for a couple of years. This is rapidly turning into a contest of who's admitting to the greatest MTA horrors. Anonymized: @domain.example uucp:nexthop @.domain.exampleuucp:nexthop @another.exampleuucp:nexthop!targethost -is
Re: Poll on SMTP over IPv6 Usage
A) Using Postfix from Ubuntu. Cheers, Raoul -- DI (FH) Raoul Bhatia M.Sc. | E-Mail. ra...@bhatia.at Software Development and | Web. http://raoul.bhatia.at/ System Administration | Tel. +43 699 10132530
Re: Poll on SMTP over IPv6 Usage
On 13-2-2014 21:23, James Small wrote: Interested in what you’re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) B) Using (service provider or “cloud solution”) C) Elected not to implement SMTP over IPv6 at this time because ___ (reason) edge servers running Debian + sendmail + milter-greylist (with optimistic whitelisting[1]) + spamassassin + mimedefang Internal Exchange 2010 + OWA over IPv6 Kind regards, Seth [1] http://mailtoaster.coltex.nl/spam/mxhostcheck.php
Re: Poll on SMTP over IPv6 Usage
On 13 Feb 2014, at 20:23, James Small jim.sm...@mail.com mailto:jim.sm...@mail.com wrote: Interested in what you’re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) B) Using (service provider or “cloud solution”) C) Elected not to implement SMTP over IPv6 at this time because ___ (reason) A. postfix (with Amavis/SpamAssassin)
RE: Poll on SMTP over IPv6 Usage
A) postfix on Solaris In the user environment we introduced later Exchange 2010 (on Windows, what a surprise ;-). But we have v4 hubs in between as neither our great IPv6 supporting firewall with content AV scanning nor commercial AV/SPAM filtering appliances / SW products (at least not the ones we aimed for at that time) did support IPv6 years ago ... we tried to get some vendors moving or tried to participate in their beta programs, but gave up after a while (at the end our IT is pretty small and as our big mother didn't uses IPv6 internally at all, we had not the power to push harder). Since then nothing changed the basic setup beside the usual updates (or left alone as it is) ... even though at least one of the deployed appliances boxes finally does support IPv6 since one+ (or even more) years). Markus -- FVD-RIPE // KPN Eurorings B.V., Darmstädter Landstr. 184, D-60598 Frankfurt Amtsgericht Frankfurt HRB56874, Geschäftsführer Jacobus Snijder Bouke Hoving
Re: Poll on SMTP over IPv6 Usage
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882 On Thu, 13 Feb 2014, James Small wrote: Interested in what you?re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) We are using postfix/exim from various Linux/*BSD distribution.
Re: Poll on SMTP over IPv6 Usage
James Small jim.sm...@mail.com writes: Interested in what you’re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) postfix on Debian Jens -- | Foelderichstr. 40 | 13595 Berlin, Germany | +49-151-18721264 | | http://blog.quux.de | jabber: jensl...@jabber.quux.de | --- |
Re: Poll on SMTP over IPv6 Usage
Le 13 févr. 2014 à 21:23, James Small a écrit : Interested in what you’re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) B) Using (service provider or “cloud solution”) C) Elected not to implement SMTP over IPv6 at this time because ___ (reason) A) (Postfix or OpenSMTPd on Debian) x (multiple servers), with IPv4-only RBLs, without server-wide antispam B) Using Gmail Best regards
Re: Poll on SMTP over IPv6 Usage
On Thu, Feb 13, 2014 at 03:23:21PM -0500, James Small wrote: Interested in what you're using to send/receive SMTP over IPv6: A) Using Postfix rgds, Sascha Luck
RE: Poll on SMTP over IPv6 Usage
Interested in what you're using to send/receive SMTP over IPv6: A) Using sendmail (product) from FreeBSD (vendor) best regards, Andreas -- Telefónica Germany GmbH Co. OHG Andreas Schwarz, NT NO BOTA BOIPFA Überseering 33a, D-22297 Hamburg fon: +49-40-23726-3892, fax: +49-40-23726-37 Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
Re: Poll on SMTP over IPv6 Usage
A) Using Postfix (product) from Wietse (vendor) B) Using AS57771 and AS12414 (service provider or “cloud solution”) C) Elected not to implement SMTP over IPv6 at this time because N.A. Fully IPv6 capable (reason) Sander
Re: Poll on SMTP over IPv6 Usage
Hoi, And for completeness ... 2014-02-13 12:31 GMT-08:00 Pim van Pelt p...@ipng.nl: 2014-02-13 12:23 GMT-08:00 James Small jim.sm...@mail.com: Interested in what you're using to send/receive SMTP over IPv6: Hard to answer your question. You are not giving a lot of context for your inquiry, but here goes: A) Using Sendmail from OpenBSD. B) Using gmail from Google. Received: from mail1.cluenet.de (mail1.cluenet.de. [2001:1440:201:101::5]) by mx.google.com with ESMTPS id h44si6155624eew.143.2014.02.13.12.23.35 for pim+i...@ipng.nl (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 13 Feb 2014 12:23:35 -0800 (PST) -- Pim van Pelt p...@ipng.nl PBVP1-RIPE - http://www.ipng.nl/
Re: Poll on SMTP over IPv6 Usage
On 13/02/2014 20:23, James Small wrote: Interested in what you’re using to send/receive SMTP over IPv6: Using Sendmail from FreeBSD. Thanks, Daniel.
RE: Poll on SMTP over IPv6 Usage
C) Because our current vendor does not support it and anti-spam is seen as mandatory within the business. /JF
Re: Poll on SMTP over IPv6 Usage
Postfix + Spamassassin
Re: Poll on SMTP over IPv6 Usage
Postfix 2.9.5 on FreeBSD best Enno On Thu, Feb 13, 2014 at 03:23:21PM -0500, James Small wrote: Interested in what you're using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) B) Using (service provider or cloud solution) C) Elected not to implement SMTP over IPv6 at this time because ___ (reason) All responses greatly appreciated, --Jim -- Enno Rey ERNW GmbH - Carl-Bosch-Str. 4 - 69115 Heidelberg - www.ernw.de Tel. +49 6221 480390 - Fax 6221 419008 - Cell +49 173 6745902 Handelsregister Mannheim: HRB 337135 Geschaeftsfuehrer: Enno Rey === Blog: www.insinuator.net || Conference: www.troopers.de Twitter: @Enno_Insinuator ===
Re: Poll on SMTP over IPv6 Usage
On 13. feb. 2014 21:23, James Small wrote: Interested in what you’re using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) B) Using (service provider or “cloud solution”) C) Elected not to implement SMTP over IPv6 at this time because ___ (reason) A) Using Postfix from ___ vendor A) Using Postfix from ___ vendor (work, private) -- André Tomt
Re: Poll on SMTP over IPv6 Usage
On 2014-02-13 at 15:23 -0500, James Small wrote: Interested in what you're using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) Exim, from The Exim Maintainers; I'm one, and the mail between exim.org and my own mail box routinely goes over IPv6. To send, as a submission client, mutt, which works with IPv6, and I've set up Thunderbird in years past, it just worked. (I know this, because I used GSSAPI for auth, so the hostname was set IPv6-only because I only have enough IPs for per-service matching forward-reverse DNS, with service-based names, if I use IPv6). B) Using (service provider or cloud solution) Gmail, to/from, works fine. -Phil
Re: Poll on SMTP over IPv6 Usage
Interested in what you’re using to send/receive SMTP over IPv6: A) Using Postfix + OpenBSD Солдатов Валерий, ЗАО Бэст Телеком.
Re: Poll on SMTP over IPv6 Usage
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James Small said the following on 13/02/2014 21:23: A) Using Postfix from CentOS Ciao, luigi - -- / +--[Luigi Rosa]-- \ Space travel is utter bilge. --Richard Van Der Riet Woolley, 1956 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJS/beFAAoJEO5WT/qgw4yKqvwP/2ckVv9UQ4t3bsjnbFR/Wvvv MJmAA18Z4bO23oqBo/RK2hRnwx5GLDWt/gv+sT+i2u1YAvT/8ndxLq/oVfoV4V+A EEDFAhCYCtzsuaJ6w7G4pbg88RwS2J2jluDnzsvo8+24DNTOQWbAHndN/Y4MFSZ8 E0dpadvYXilyO95fSSWkYPG4x4j6J2oa/FJkDSb5WUdfmpdPlcz4V7RnHnBFAlkt 7VDfP3KZbKZmUbP/ASpWiOVN+4xG7csDwc6u3cD3iUxfoc9y8Lu/W/mSK463HyQB DKWt3c4gfyUkh1Cj03vq3c4ZqtIccozicg696Z6Qy8lZWOO9LdJceO9c8rPsW7FD DsyW1mUlByJloU6kxVhmCw0NumcepNWq5Tl4WOM6zbzyRBZN15L+3yAsFeO14EQs erxIl4HFYEkgyWENsfFEJHcPvUiE6q4wVEv1UjQi9o3CNGvfcU6cYdobo486C0AM ocO+FumkSr2pKnr3gNZjzWEs0CFbA+FtPmxJePQU2tjSeku2z4JJaTK/5fCVzyvx pK7yfbReOhUv5xODTyvLzaVk3cd6mJ69O/CKEvhncmmAJzE5s4lPC1ptUVw47f2T hGL9hGaghdGdayjTZT7r7gZZ2kic5+NxK06XbOJ6SnfXinTnSMDUAvAQGBdOsMfJ w5i2PtB0dNpvWmiLSb3t =z9sa -END PGP SIGNATURE-
Re: Poll on SMTP over IPv6 Usage
On Thu, Feb 13, 2014 at 03:23:21PM -0500, James Small wrote: Interested in what you're using to send/receive SMTP over IPv6: A) Using (product) from __ (vendor) three systems where I'm (partially) responsible 1. A) Using postfix from NetBSD 2. partially A) (clients to sub-dept. server) , using Postfix from NetBSD (big dept. server not IPv6-enabled, because infrastructure not on v6 yet) 3. was A using postfix from Gentoo for some years; machine moved to a location where IPv6 is promised really soon now. Regards, -is