SMTP over IPv6 : gmail classifying nearly all IPv6 mail as spam since 20140818
dougb at dougbarton.us
Sat Aug 23 20:01:49 CEST 2014
FWIW, I agree with Matthew 100%, especially about the fact that the SMTP
world is changing. It's also worth noting that it's been in constant
(although not always rapid) flux since I first got involved in Internet
stuff 20+ years ago. Back then it was common for any connected system to
be able to send mail, nowadays that's unthinkable of course.
Also FWIW, since I know Nick a bit based on his postings on other lists
it's probably worth pointing out that in all likelihood his concern here
is based on not slowing down IPv6 adoption. That's a worthy goal, which
I'm fully in support of. However the change has been blowing in the wind
towards SPF/DKIM/DMARC now for years, and as Matthew pointed out there
are only going to be more folks requiring it, not less.
Fortunately SPF is dead simple, and DKIM isn't that much harder. In fact
for one domain it's also dead simple (ProTip: Use OpenDKIM). I couldn't
find a good, concise, up to date guide on using OpenDKIM for multiple
domains, so it took me 2 tries to get it right, but I'm happy to write
up my results if there's a need.
DMARC is also pretty painless, although right now I'm set up for "report
only," at least until the mailing list software folks get that problem
fixed. I do find it interesting to see how often mail is being
Joe-jobbed from some of my mostly-unused domains though.
So yes, rDNS/SPF/DKIM at minimum to get in the game, regardless of your
IP protocol. DMARC is highly recommended.
I realize that change is always painful, more so to folks who've been in
the game just long enough to be really comfortable with their IPv4
address-based reputation stuff. But the times, they are a-changin'.
On 8/23/14 8:52 AM, Matthew Huff wrote:
> Nick, I would expect the response will be silence. Since the current RBL methods are not currently operational with IPv6 due to design issues and that IPv4 reputation is a large part of anti-spam, there is a fundamental difference currently between the two protocols. As IPv6 smtp ramps up, I would expect more to move to Googles direction than vice versa. The idea that you will be able to send email from an IPv6 address without rDNS, SPF and DKIM and have it end up in anything other than the spam folder is a pipe dream. Hell, I helped a friend that was running a hosted domain with only IPv4 and he had difficulty getting email delivered to corporate emails systems without SPF/DKIM. The SMTP world is changing, I doubt it is going to go back.
> -----Original Message-----
> From: ipv6-ops-bounces+mhuff=ox.com at lists.cluenet.de [mailto:ipv6-ops-bounces+mhuff=ox.com at lists.cluenet.de] On Behalf Of Nick Hilliard
> Sent: Saturday, August 23, 2014 11:37 AM
> To: Lorenzo Colitti
> Cc: IPv6 Ops list; Marco d'Itri; Jared Mauch
> Subject: Re: SMTP over IPv6 : gmail classifying nearly all IPv6 mail as spam since 20140818
> On 22 Aug 2014, at 20:26, Lorenzo Colitti <lorenzo at google.com> wrote:
>> What specifically would you like me to pass on? "Dear gmail team, can you please publicly present data on IPv4 spam vs IPv6 spam in order to justify your documented policy?" ?
> How about: "Dear gmail team, v6 mta operators have noticed that there is a substantial difference between how spam detection is handled for ipv4 and ipv6 connections and this appears to be causing problems with high rates of false positives on v6 sessions. These problems appear to be specific to gmail and are not seen with connections to other major mail operators. Where SPF/dkim are not feasible/possible, this causes people to either implement gmail specific hacks or else disable ipv6. Both these workarounds act against the interests of both Google and the internet at large. Can you please reach out to the ipv6 operator community about this?"
More information about the ipv6-ops