[mailop] IPv6 addresses for Microsoft Office 365 hosted domains?

Bernhard Schmidt Bernhard.Schmidt at lrz.de
Tue Dec 16 10:03:54 CET 2014


Hi Frank,
> 
> Thanks for sharing your experience.  You may have been able to send
> email to Google for some days from your IPv6 host without a PTR, but
> I think that would only go on for a short time.  Have you tried
> sending to Comcast?

Note that I specifically do not suggest sending without PTR. We reject
on missing FCrDNS even in IPv4 and are pretty happy with that (with an
easy process to whitelist though). But I tried it to O365 and the mail
went through nevertheless.

According to
https://www.m3aawg.org/sites/maawg/files/news/M3AAWG_Inbound_IPv6_Policy_Issues-2014-09.pdf
which Google, Microsoft and LinkedIn claim to follow you need a "PTR and
(SPF or DKIM)". And we've been preferring IPv6 outbound for 5+ years
now, without any issues. 99% of our mail does neither have DKIM nor SPF.

> From an ISP perspective, adding in an SPF (or equivalent TXT) record
> for the IPv6 space of your ISP mail server would not be a hard thing
> to do.  While not all email servers support DKIM, all DNS servers
> support TXT records.

Both SPF and DKIM are controlled by the sender domain, not by the
operator of the sending mailserver. Think the classic Permit-by-IP
smarthost run by ISPs, you just cannot make any assumptions there about
the sender.

Bernhard

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5070 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20141216/cd1d00cb/attachment.p7s>


More information about the ipv6-ops mailing list