* [Bloat] ipv6 now disabled for lists.bufferbloat.net @ 2019-11-09 18:56 Dave Taht 2019-11-09 19:00 ` Dave Taht 2019-11-10 2:18 ` Michael Richardson 0 siblings, 2 replies; 9+ messages in thread From: Dave Taht @ 2019-11-09 18:56 UTC (permalink / raw) To: bloat, Make-Wifi-fast, cerowrt-devel, Cake List For no reason that I've been able to discern, for months and months now, nearly any use of ipv6 as an email transport has ended up getting the ipv6 address blocked in spamhaus's SBL listing, and thus a lot of email has been blocked. IPv4, seems ok, but for all I know whatever's triggering it only triggers when ipv6 is used. So I've given up on ipv6 and switched it over to ipv4 only. If anyone has any insight on how to run a dual stack email server correctly nowadays, please contact me offlist?! If anybody here actually needs to talk to this server over ipv6, well..... -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] ipv6 now disabled for lists.bufferbloat.net 2019-11-09 18:56 [Bloat] ipv6 now disabled for lists.bufferbloat.net Dave Taht @ 2019-11-09 19:00 ` Dave Taht 2019-11-10 2:18 ` Michael Richardson 1 sibling, 0 replies; 9+ messages in thread From: Dave Taht @ 2019-11-09 19:00 UTC (permalink / raw) To: bloat 'course, a pretty huge percentage of our traffic USED to run over ipv6... ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] ipv6 now disabled for lists.bufferbloat.net 2019-11-09 18:56 [Bloat] ipv6 now disabled for lists.bufferbloat.net Dave Taht 2019-11-09 19:00 ` Dave Taht @ 2019-11-10 2:18 ` Michael Richardson 2019-11-10 18:38 ` Dave Taht 1 sibling, 1 reply; 9+ messages in thread From: Michael Richardson @ 2019-11-10 2:18 UTC (permalink / raw) To: bloat [-- Attachment #1: Type: text/plain, Size: 953 bytes --] On 2019-11-09 1:56 p.m., Dave Taht wrote: > For no reason that I've been able to discern, for months and months > now, nearly any use of ipv6 as an email transport has ended up getting > the ipv6 address blocked in spamhaus's SBL listing, and thus a lot of > email has been blocked. IPv4, seems ok, but for all I know > whatever's triggering it only triggers when ipv6 is used. So I've > given up on ipv6 and switched it over to ipv4 only. I'm sorry to hear that. can we still send to you on v6? Spamhaus is useless. Discourage it as widely as you can. They seem to be on autopilot. I have blackholed a few IPv6 for destinations that I can't live without, and I've pushed ietf.org to whitelist me in to avoid their spamhaus dependancy. The major problem is that the SBL listing uses a bunch of other listings which nobody maintains and which have some bogus rules. Like that SLAAC addresses as instantly suspicious. [-- Attachment #2: pEpkey.asc --] [-- Type: application/pgp-keys, Size: 2501 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] ipv6 now disabled for lists.bufferbloat.net 2019-11-10 2:18 ` Michael Richardson @ 2019-11-10 18:38 ` Dave Taht 2019-11-10 21:50 ` Michael Richardson 0 siblings, 1 reply; 9+ messages in thread From: Dave Taht @ 2019-11-10 18:38 UTC (permalink / raw) To: Michael Richardson; +Cc: bloat, John Levine On Sat, Nov 9, 2019 at 6:18 PM Michael Richardson <mcr@sandelman.ca> wrote: > > > > On 2019-11-09 1:56 p.m., Dave Taht wrote: > > For no reason that I've been able to discern, for months and months > > now, nearly any use of ipv6 as an email transport has ended up getting > > the ipv6 address blocked in spamhaus's SBL listing, and thus a lot of > > email has been blocked. IPv4, seems ok, but for all I know > > whatever's triggering it only triggers when ipv6 is used. So I've > > given up on ipv6 and switched it over to ipv4 only. > > I'm sorry to hear that. can we still send to you on v6? > > Spamhaus is useless. Discourage it as widely as you can. They seem to > be on autopilot. > I have blackholed a few IPv6 for destinations that I can't live without, > and I've pushed ietf.org to whitelist me in to avoid their spamhaus > dependancy. The major problem is that the SBL listing uses a bunch of > other listings which nobody maintains and which have some bogus rules. > Like that SLAAC addresses as instantly suspicious. I would just like to thank everyone that helped. Notably john levine pointed me at: https://www.spamhaus.org/faq/section/Spamhaus%20CSS#426 Which said that linode, specifically, has had a tendency to gain a bad reputation in the default /64 block, and that you should request a whole /64 so you don't get caught by collateral damage. So I just did that and hopefully will turn ipv6 back on later today. ... (I have a tendency to do "IT stuff" in the wintertime, so, thinking aloud, appreciating the help, and apologetic about the noise) That said, well, I do kind of wish there was a way to get email directly "home", like in the good ole days. I have a business class static ipv4/29 from comcast, and have been thinking of finally upgrading a few modems to docsis 3.1 over the winter (any recomendations?), but sorting it all out, oy. For example that ipv4/29 is only usuable on that local "wire" and the actual IT area is 5 hops in, and port forwarding port 25, not huge on. Similarly, perhaps I could get (overly) happy about trying to use ipv6 as my default mx exchanger but I think that's out of spec. In particular, finding a modem that will somehow delegate more than a /60 would be nice. (a /56 is allocated but I've not managed to get the netgears I have to use it) I'm out of subnets. Maybe if I'm getting static business class ipv6 now I could use more. The vast majority of my campus traffic is ipv6 nowadays. It's kind of amazing, actually. One of my fws is about 75% ipv6. (my life is made more complicated by the fact that I have 5 comcast links spread around campus, and use babel with SADR to manage the ipv6 connectivity, on a lot of unnumbered routers inbetween - and of course, run cake on the openwrt firewalls in front of them) IETF homenet has put out a spec for dns prefix delegation that I don't think went anywhere, it looks like calling comcast is the only way to get reverse dns setup, still. > > _______________________________________________ > Bloat mailing list > Bloat@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/bloat -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] ipv6 now disabled for lists.bufferbloat.net 2019-11-10 18:38 ` Dave Taht @ 2019-11-10 21:50 ` Michael Richardson 2019-11-11 18:33 ` [Bloat] test: ipv6 re-enabled " Dave Taht 0 siblings, 1 reply; 9+ messages in thread From: Michael Richardson @ 2019-11-10 21:50 UTC (permalink / raw) To: Dave Taht; +Cc: bloat, John Levine [-- Attachment #1: Type: text/plain, Size: 321 bytes --] On 2019-11-10 1:38 p.m., Dave Taht wrote > IETF homenet has put out a spec for dns prefix delegation that I don't > think went anywhere, it looks like calling comcast is the only way to > get reverse dns setup, still. It is still in progress, but whether or not Comcast will deploy is yet another question. [-- Attachment #2: pEpkey.asc --] [-- Type: application/pgp-keys, Size: 2501 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bloat] test: ipv6 re-enabled for lists.bufferbloat.net 2019-11-10 21:50 ` Michael Richardson @ 2019-11-11 18:33 ` Dave Taht 2019-11-11 18:38 ` Dave Taht 0 siblings, 1 reply; 9+ messages in thread From: Dave Taht @ 2019-11-11 18:33 UTC (permalink / raw) To: Michael Richardson; +Cc: Dave Taht, bloat this is a test. I moved this server over to a fresh /64. If you normally got this via ipv6 before, you should be getting it now. Otherwise, please ignore. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] test: ipv6 re-enabled for lists.bufferbloat.net 2019-11-11 18:33 ` [Bloat] test: ipv6 re-enabled " Dave Taht @ 2019-11-11 18:38 ` Dave Taht 2019-11-11 18:46 ` Dave Taht 0 siblings, 1 reply; 9+ messages in thread From: Dave Taht @ 2019-11-11 18:38 UTC (permalink / raw) To: Michael Richardson; +Cc: bloat Test 2 - sorry for the noise. Dave Taht <dave@taht.net> writes: > this is a test. I moved this server over to a fresh /64. > > If you normally got this via ipv6 before, you should > be getting it now. > > Otherwise, please ignore. > _______________________________________________ > Bloat mailing list > Bloat@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/bloat ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] test: ipv6 re-enabled for lists.bufferbloat.net 2019-11-11 18:38 ` Dave Taht @ 2019-11-11 18:46 ` Dave Taht 2019-11-13 19:47 ` James Cloos 0 siblings, 1 reply; 9+ messages in thread From: Dave Taht @ 2019-11-11 18:46 UTC (permalink / raw) To: Dave Taht; +Cc: Michael Richardson, bloat Last test. And then hopefully I can forget about this a while. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Bloat] test: ipv6 re-enabled for lists.bufferbloat.net 2019-11-11 18:46 ` Dave Taht @ 2019-11-13 19:47 ` James Cloos 0 siblings, 0 replies; 9+ messages in thread From: James Cloos @ 2019-11-13 19:47 UTC (permalink / raw) To: bloat So which film/tv bot is lists's :f00f:f00f:b33b:b33b based on? (My suspicions are one of the SW bots or BR's.) -JimC -- James Cloos <cloos@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6 ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2019-11-13 19:47 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-11-09 18:56 [Bloat] ipv6 now disabled for lists.bufferbloat.net Dave Taht 2019-11-09 19:00 ` Dave Taht 2019-11-10 2:18 ` Michael Richardson 2019-11-10 18:38 ` Dave Taht 2019-11-10 21:50 ` Michael Richardson 2019-11-11 18:33 ` [Bloat] test: ipv6 re-enabled " Dave Taht 2019-11-11 18:38 ` Dave Taht 2019-11-11 18:46 ` Dave Taht 2019-11-13 19:47 ` James Cloos
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox