On Mar 20, 2008, at 3:30 PM, John C Klensin wrote: > > > --On Friday, 21 March, 2008 09:03 +1100 Mark Andrews > <Mark_Andrews@xxxxxxx> wrote: > >> I think Doug is saying don't let domains with just AAAA >> records be treated as valid RHS of email. Today we >> have to add records to domains with A records to say that >> these are not valid RHS of email. With MX synthesis >> from AAAA you create the same problem for domains with >> AAAA records. >> >> user@<A record owner> >> user@<MX record owner> >> user@<AAAA record owner> * don't allow this. > > Mark, Doug, > > With the understanding that this is just my personal opinion (as > editor, I'll do whatever I'm told) _and_ that I'm personally > sympathetic to phasing out even the A record implicit MX... > > It seems to be that 2821bis is the wrong place to try to fix this, > especially via a comment posted well after the _second_ Last Call > closed. The current phrasing is not an oversight. It was > explicitly discussed on the mailing list and this is the behavior > that people decided they wanted. John, In the past you had made several comments that RFC2821bis would not change SMTP, and that you had also stated AAAA records where NOT defined as SMTP server discovery records. (Not in those words of course.) It does not appear this change was your choice, but nonetheless and surprisingly this unfortunate change is now being made. The "update" of RFC2821 is making a _significant_ architectural change to SMTP by explicitly stating AAAA records are within a list of SMTP server discovery records. This change represents a poor architectural choice since this _will_ increase the burden on networks being spoofed by abusive email. Due to high levels of abuse, confirming validity of email domains by checking for discovery (A and MX) records in the forward DNS zone often replaces an alternative of checking PTR records in the in-addr.arpa reverse DNS zone. The reverse zone suffers from poor maintenance where its use creates a sizeable burden for recipients. RFC2821bis now adds AAAA records to a list of records that must be checked to disqualify public SMTP server domains within the DNS forward direction. This change adds to the transactional burdens already headed in the wrong direction. It would seem a sound architectural change would be to deprecate A records as a means to qualify domains for message acceptance, but RFC2822bis adds AAAA records instead. This situation becomes considerably worse when domain tree walking or wildcards are then preferred over checks against discovery records. It was not my intention to post this after last call, but this only came to my attention recently. For that I am sorry, nevertheless this issue may deserve greater consideration. -Doug _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf