nudging things along
Carmen Sandiego on Friday, 07 May 2010 00:56:44
Inspired by all the IPv6 articles I've seen appear in the last few weeks I've decided to try to configure my web server (http://www.wsrcc.com/) and mail server (wsrcc.com) to only answer IPv6 requests. Part of the motivation was to try to cut down on all the worthless traffic from ancient, ill-maintaind trojaned Microsoft machines trying to either send me spam or check every web page for potential email addresses. Well the experiment is interesting. Things have certainly gotten quiet. I've realized that 1) my gmail is no longer forwarded to my server. Google doesn't do IPv6 SMTP delivery. Neither does my ISP (Sonic) even though they do offer IPv6 over a tunnel to one of their routers. I also can't seem to get mail from my registrar (Gandi). Geez. Doesn't *anyone* that I do business with support even rudimentary IPv6 services???
That begs the question, why are service providers so afraid of turning on, for example, IPv6 outbound delivery of SMTP mail? The code to do that has existed for probably 10 or more years. Can it still be *that* buggy?
Is it time to gently start pressuring merchants and service sites to deliver IPv6 mail to AAAA-only customers? Things seem to be moving at a snails pace. Can we nudge things along a bit??? Ideas?
nudging things along
Jeroen Massar on Friday, 07 May 2010 08:17:11 Part of the motivation was to try to cut down on all the worthless traffic from ancient, ill-maintaind trojaned Microsoft machines trying to either send me spam or check every web page for potential email addresses.
It is always fun to see people trying to insult Microsoft, but you are forgetting that the largest part of compromised hosts which are actually doing damage are hosts running software like PHPBB, Wordpress and a variety of other 'common web software for everybody', who then don't update and a simple google by a virus will reveal their locations. As these things tend to run on webservers in a datacenter and not on a puny cable/dsl line, they do a lot more damage then the hosts running software from the company you are trying and failing to insult.
Doesn't *anyone* that I do business with support even rudimentary IPv6 services???
No. The Internet is IPV4 based, if you are going to live in IPv6-only land you are being silly as there is almost nothing there.
That begs the question, why are service providers so afraid of turning on, for example, IPv6 outbound delivery of SMTP mail?
Ask you provider about that, as that should not be an issue.
The code to do that has existed for probably 10 or more years. Can it still be *that* buggy?
Seeing that postfix still has buggy delivery code, yes. (Postfix will try every single address provided and give up after a few of them, while it should be trying AAAA for lowest MX, A for lowest MX, AAAA for 2nd MX, A for 2nd MX etc.)
Do realize also that some people actually earn money with this thing called the Internet, thus even 0.01% loss of clients might mean several million lost in revenue. Not even thinking about the helpdesk/support charges to debug a broken IPv6 setup, possibly not on their side, but on the remote site or heck in the middle.
Is it time to gently start pressuring merchants and service sites to deliver IPv6 mail to AAAA-only customers? Things seem to be moving at a snails pace. Can we nudge things along a bit??? Ideas?
There is somewhere a thread here about contacting your ISP and it is something that people have been doing for a long long time already. Still think about the money and you'll understand that provide will keep out of some steps for the time being.
nudging things along
Carmen Sandiego on Friday, 07 May 2010 10:58:28 It is always fun to see people trying to insult Microsoft,
Yes, I do see plenty of rooted linux boxes too, but they are all trying to guess passwords on my ssh server. ;-) Perhaps it is just where my email address has been passed around to, but the vast majority of the ones trying to bother my smtp port all seem to have hostnames that are on cable and dsl modems. Interestingly my gmail spam all seems to come from hosts that sound like they are servers of sorts. I'm not sure if this is because the cable/dsl machines are rejected at an earlier pass, or because they know to stay away.
Well, it seems that moving my smtp to IPv6-only will also stop most of the mail from the sites I want it from. Too bad. Maybe it is time to retire that email address and domain.
nudging things along
Jeroen Massar on Tuesday, 11 May 2010 00:07:30 Maybe it is time to retire that email address and domain.
Or just install a proper anti-spam tool and configure your SMTP servers properly to reject the spam already at DATA time and not after having already accepted it.
Posting is only allowed when you are logged in. |