Re: problem dealing w/ ietf.org mail servers
Jeroen Massar <jeroen@unfix.org> Thu, 03 July 2008 13:57 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 50E563A6864; Thu, 3 Jul 2008 06:57:51 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D4C173A6864 for <ietf@core3.amsl.com>; Thu, 3 Jul 2008 06:57:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FY2xQ+Dwq-zd for <ietf@core3.amsl.com>; Thu, 3 Jul 2008 06:57:48 -0700 (PDT)
Received: from abaddon.unfix.org (abaddon.unfix.org [IPv6:2001:41e0:ff00:0:216:3eff:fe00:4]) by core3.amsl.com (Postfix) with ESMTP id 631C53A6809 for <ietf@ietf.org>; Thu, 3 Jul 2008 06:57:48 -0700 (PDT)
Received: from [IPv6:2001:620:20:1000:216:d3ff:fe25:14da] (spaghetti.zurich.ibm.com [IPv6:2001:620:20:1000:216:d3ff:fe25:14da]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jeroen) by abaddon.unfix.org (Postfix) with ESMTPSA id 2F65040200C; Thu, 3 Jul 2008 15:57:54 +0200 (CEST)
Message-ID: <486CDAE1.4040905@spaghetti.zurich.ibm.com>
Date: Thu, 03 Jul 2008 15:57:53 +0200
From: Jeroen Massar <jeroen@unfix.org>
Organization: Unfix
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080421 Lightning/0.8 Thunderbird/2.0.0.14 Mnenhy/0.7.5.666
MIME-Version: 1.0
To: Richard Shockey <richard@shockey.us>
Subject: Re: problem dealing w/ ietf.org mail servers
References: <013301c8dca5$22ca0a80$685e1f80$@us> <20080703054752.GM6185@lark.songbird.com> <20080703134655.GA17472@boreas.isi.edu>
In-Reply-To: <20080703134655.GA17472@boreas.isi.edu>
X-Enigmail-Version: 0.95.6
OpenPGP: id=333E7C23
X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on abaddon.unfix.org
X-Virus-Status: Clean
Cc: Dave Crocker <dcrocker@bbiw.net>, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1393742199=="
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
On Wed, Jul 02, 2008 at 10:47:53PM -0700, 'kent' wrote: [..] > However, this last address, 2001:470:1:76:2c0:9fff:fe3e:4009, is not > explicitly configured on the sending server; instead, it is being implicitly > configured through ip6 autoconf stuff: Which (autoconfig) you should either not be using on servers, or you should be configuring your software properly to select the correct outbound address. (I prefer to use the autoconfig one for 'management' and using a 'service address' for the service). SMTP shows that it is perfectly usable for these situations as it nicely rejects the message with a proper message automatically telling you on how to solve it. > That is to say, it appears the ietf.org mail server is probably now rejecting > mail from *any* box that is getting a default global ipv6 address, since > those addresses will most likely not be in ip6.arpa. There may be a whole > lot of boxes in this situation. Those boxes are not set up correctly thus should not be sending email in the first place. For that matter you should actually be firewalling+logging port 25 outbound so you can monitor any host in your network doing illegal SMTP connects. Spam bots don't use IPv6 yet (afaik), but when they are aware how 'open' everything is and especially that RBL's don't exist yadda yadda, they might just switch over to that. Good that the mainstream spamreceivers (gmail/yahoo/etc) don't have IPv6 yet as that would change that scenario. Configure your mailservers correctly, it helps you send out mail, and it helps avoid others receiving crap from you. Greets, Jeroen -- For postfix folks: http://www.postfix.org/IPV6_README.html 8<-------------------------------------------------------- /etc/postfix/main.cf: smtp_bind_address6 = 2001:240:587:0:250:56ff:fe89:1 -------------------------------------------------------->8 Other SMTP servers have similar mechanisms.
_______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- problem dealing w/ ietf.org mail servers 'kent'
- Re: problem dealing w/ ietf.org mail servers Mark Andrews
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers Bill Manning
- Re: problem dealing w/ ietf.org mail servers Jeroen Massar
- Re: problem dealing w/ ietf.org mail servers John Levine
- Re: problem dealing w/ ietf.org mail servers Dave Crocker
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers John Levine
- RE: problem dealing w/ ietf.org mail servers michael.dillon
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers Mark Andrews
- Re: problem dealing w/ ietf.org mail servers Bill Manning
- Re: problem dealing w/ ietf.org mail servers TS Glassey
- Re: problem dealing w/ ietf.org mail servers Mark Andrews
- Re: problem dealing w/ ietf.org mail servers kent
- Draft on how to correctly configure servers and o… Jeroen Massar
- Re: problem dealing w/ ietf.org mail servers Kurt Erik Lindqvist
- Re: problem dealing w/ ietf.org mail servers Kurt Erik Lindqvist
- Re: problem dealing w/ ietf.org mail servers John C Klensin
- Re: problem dealing w/ ietf.org mail servers Jeroen Massar
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers kent
- Re: problem dealing w/ ietf.org mail servers Ned Freed
- Re: problem dealing w/ ietf.org mail servers Dave Crocker
- Re: problem dealing w/ ietf.org mail servers Iljitsch van Beijnum
- Re: problem dealing w/ ietf.org mail servers Francis Dupont
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers SM
- Re: problem dealing w/ ietf.org mail servers Kurt Erik Lindqvist
- Re: problem dealing w/ ietf.org mail servers Keith Moore
- Re: problem dealing w/ ietf.org mail servers Kurt Erik Lindqvist
- Re: problem dealing w/ ietf.org mail servers Jeroen Massar