Douglas Otis wrote: > This issue is largely about email acceptance policies. > > Saying IPv6 reverse DNS is not considered a practical means to determine > legitimate IP address use needs to be either stated or refuted.
Well, the draft seems focused on the idea of rDNS for ISPs who hand out addresses to customers (this is another area where the draft could use more focus and/or specification). That said, I don't think the issues with rDNS for _infrastructure_ hosts such as mail servers, name servers, etc. are any different than that in IPv4. Adding these records should not be difficult, and is a reasonable expectation. The relative value of these records as a form of authentication for things like mail remains a hotly contested topic in IPv4, and I don't see that getting any better in IPv6. My personal feeling (which I state in the interest of full disclosure, not to persuade anyone) is that yes, rDNS is useful in these circumstances. > DNS timeouts already consume a large portion of MTA resources when > attempting to discover reverse DNS entries. Yep, that's part of the cost of doing business. I used to maintain the resolvers for the Yahoo! Mail product, so I know whereof I speak. :) > When IPv6 forces use of > positive reputations, reverse DNS entries become superfluous. I'm sorry, I have no idea what this is supposed to mean. Could you elaborate? > Negative > reputations within the IPv6 address space also seems impractical, > largely due to the scale of the space involved. Are you saying that it's not going to be possible to keep track of bad actors in IPv6? Doug _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
