We're dependent on the honest DNS folks, and have talked to them about the possibility of them returning us expired data in the case of server errors, but they haven't been too excited by the possibility.
And you should note that even coming though in via ipv4 may not outright reject, but it heavily increases the possibility that you get spam foldered or temp failed. At least that way your recipients have a chance to whitelist the mail. I can understand that setting up auth may be a pain, but it's increasingly worthwhile. Also, at the moment, even signing with a completely unaligned key has benefits, as it provides a non IP based item to hang reputation off of. We also use it for our fbl, see https://support.google.com/mail/answer/6254652?hl=en Brandon On Dec 3, 2015 6:06 PM, "Ted Cooper" <ml-mailop...@elcsplace.com> wrote: > On 04/12/15 11:10, Franck Martin wrote: > > check > http://dnsviz.net/d/5.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.7.2.0.0.1.0.0.0.0.0.1.5.0.4.2.ip6.arpa/dnssec/ > > That's a DNSSEC error on servers that are so far out of reach they may > as well be on mars. That makes things a little difficult to fix, or even > track for problems. > > So whomever runs 0.4.2.ip6.arpa has screwed up their key roll over and > the entire branch is now unsigned?! > > organisation: APNIC > > Anyone know who to poke to get that fixed? > > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
