CAcert System Admins discussion list

[Ian G <iang AT cacert.org>]

On 25/10/2009 22:14, Wytze van der Raay wrote:
> > ---------- Forwarded message ----------
> > From: Moritz Augsburger
> > Subject: No reverse DNS for IPv6
> >
> > I highly appreciate that you use IPv6, but perhaps you could also set a
> > PTR RR for your IP?
> >
> > For anti spam reasons I block Mails from IPs without Reverse DNS:
> > NOQUEUE: reject: RCPT from unknown[2001:7b8:3:9c::245]: 450 4.7.1 Client
> > host rejected: cannot find your reverse hostname, [2001:7b8:3:9c::245];
> > from=<returns AT cacert.org<mailto:returns AT cacert.org>>
>
> The CAcert webserver has been running for a short period with the IPv6
> address mentioned above, basically to perform some testing. The address
> was inadvertently left enabled after completion of the test, it has now
> been disabled again.
> In the near future we will support IPv6 access, and of course setting up
> appropriate AAAA and PTR RR records will be part of that.


IPv6 sounds good.  Wytze, are there any security ramifications in this move?

I would have not thought so ... it's just another IP, v += 2, right? 
But I'm not familiar enought with IPv6 to know.  So I thought I'd ask.



iang


PS: comma is probably salivating over a possible blog post on this :)