Moin, To add some data to this discussion... On Fri, 2024-07-05 at 00:06 -0400, Paul Wouters wrote: > This is the opposite of reality now. As of now, for the ~2k unique domains that participated in email- security-scans.org so far: - 53.93% of senders support IPv6 mail sending - 70.03% of senders are able to perform DNS resolution via IPv6 - 52.34% of senders have fully IPv6 ready authoritative DNS (With this number being significantly influenced down by a large portion of reverse DNS zones being not IPv6 ready). In total, 33.60% of senders are fully IPv6 ready (overlap of those three categories). For comparison, 56.16% of domains are setup correctly to receive DMARC reports (including whether the report can actually be delivered). DKIM is being used correctly by 59.94%. MTA-STS is used correctly for outbound emails by 15.95% of senders. So I would say that IPv6 mail delivery is not overly niche. > Enabling IPv6 currently makes it HARDER to get reliable email > delivery. For example, I need to use postfix features to disable > email delivery over ipv6 to google to avoid getting “spam blocked” > without recourse to get google to fix their false positives. (Note: There is a lot of sarcasm, frustration, and general cynicism in the next paragraphs. In general, I do see your point and tend to agree with it more than it may seem.) I would argue that you are drawing the wrong conclusion here. The issue is _not_ IPv6 (+- some of the v6 issues you tend to have with hosters, including putting too many hosts into too small prefixes, not enabling/setting rDNS etc.); Instead, the problem here is Google's (and not only their; and not only for IPv6) behavior as a market controlling entity; Which, again--makes sense--given the scale they are operating at. The necessary cattle approach just requires making some things the same that are not (for my whole complaint about all of that I recommend my talk on the topic: https://ripe85.ripe.net/archives/video/877/ ). _I_ have no issues delivering mails via IPv6 to Gmail; All you have to do is having a 10y+ good reputation for the associated v4 addresses, without _any_ other spam coming from the same netblocks (or having come there for the past decade), best ensured by not having _anyone else_ there; Of course, the netbloock should be your own as well, so better get in line with your local RIR; And of course, fcRDNS, SPF, DKIM, DMARC, [...] You see, extremely simple to do and very certainly only a matter of competence and absolutely not of 'having made specific choices by pure chance, like clicking IPv4 PI over a decade ago'. Ah, and slip up once, your mails 'disappear' again. Maybe for a day. Maybe for a week. Maybe you never find out. Until you meet someone at a conference, who asks 'why did you never reply to my email'. And in that sense... maybe it might be best to support IPv6 for IETF mailinglist; Well, at least for delivery to @google.com addresses (and maybe a couple more, including @microsoft.com); Exclusively. That might actually have some adoption encouraging implications... With best regards, Tobias
