Author: Phil Pennock Date: To: Randy Bush CC: exim users Subject: Re: [exim] wanna turn off ipv6 when sending to gmail
On 2015-08-27 at 14:39 +0900, Randy Bush wrote: > so we need a bgp feed of gmail's ipv6 prefixes so we all can automate
> blacklisting them?
"Need" is strong. Especially since their IPv6 space is so much more
coalesced than their IPv4 space. Technically, _if_ you're going to
choose to avoid IPv6 for delivery to them (your system, your rules) and
if you want to be future-proof without more maintenance, and if you want
to do this for all domains hosted by Gmail, instead of just hard-coding
@gmail.com and @google.com, then yes, a dynamically updated feed piping
into your mail config build system (to avoid run-time dependence) is
going to be helpful.
In honesty, the closest I come to this is my list of IP space assigned
to cloud hosting providers, because I hard-require DKIM for mails from
ranges where IP address is not a stable persistent identifier. And
those ranges, I just keep in a file which records in the comments the
whois lookups used to find the answers, so that every so often I can
update the lists of AWS, GCE and SL space. (And I exempt AWS SES
because that is an abuse-controlled flow, instead of dynamic hosts).
You can probably get away with just updating the list whenever you see
problems. I just figured that you probably already had analysis and
extraction tools for BGP data so this would be easy for you. :)
