[AusNOG] IPv6 reverse DNS and Mail ...

Robert Mibus mibus at mibus.org
Thu May 23 15:15:25 EST 2013


On Wed, May 22, 2013 at 7:26 PM, Mark Smith <markzzzsmith at yahoo.com.au>wrote:

> MTAs can be a good choice as one of the first servers to IPv6 enable when
> dipping your toe in the IPv6 water, as acceptable latency for email
> delivery can be measured in the order of minutes rather than milliseconds.
> If your IPv6 is broken despite your efforts, the MTA will fall back to IPv4
> within 30 seconds, and then delivery will still occur. If you have
> end-users who don't find that acceptable, tell them they should be using
> Instant Messaging, rather than Percolated Messaging.
>

Many MTAs will *not* automatically fall back to IPv4 correctly.

I've seen MTAs repeatedly banging only on IPv6 without falling back at all;
I've seen MTAs get SERVFAIL for AAAA DNS lookups, and just keep retrying
AAAA lookups rather than falling back; I've also seen MTAs trying multiple
AAAA addresses on a dual-stacked DNS record, before trying any IPv4 ones.

It's a lot better now that there are several large providers that do IPv6
MXes and MTAs, because there's a good chance that someone with a broken MTA
setup will find out before you have to deal with them - but it's not all
roses.

Is it worth doing? Yes, absolutely. But there's no widely deployed "happy
eyeballs"-style code for MTAs, so - like with using IP reputation - do
consider the business risk in potentially not being able to get mail from
random people who might email you once then move on to another vendor [or
whatever the case may be in your business], and make sure you are on the
lookout for potential signs of lost mail and delivery issues etc.

My suggestion for dipping your toes in the water, are DNS servers. Enabling
IPv6 on a caching resolver lets it talk to IPv6-enabled authoritative
nameservers, and enabling at least some of your authoritative nameservers
means your clients should be able to fall back to an alternate nameserver
if they really have problems.

Robert.

-- 
Robert Mibus <mibus at mibus.org>
Tech by day, geek by night
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130523/d857096b/attachment.html>


More information about the AusNOG mailing list