As for migration strategies for email, I’m going to throw one out here that may run contrary to popular thinking: perhaps there’s no need for you to migrate your public facing email streams to IPv6 in the next few years. Instead, I propose that you slow down, focus on some other things first, and then worry about migrating.
A small conversation followed on twitter:
- @returnpath Unless we migrate right away we will not be prepared for the hordes of spammers originating from IPv6 networks
- @hakmem DKIM in place before migration may be better defense against hordes than just opening gates and using IP-based filters?
- @returnpath Everyone can score incoming messages using #DKIM but not everyone can block
- @returnpath + imagine having recipients with delivery problems on their v4 path while their v6 path is fully operational
I cannot imagine anyone in the email delivery business risking not to be able to deliver email in the dual-stack world that we are entering. Really I am not crying wolf, for yesterday Daniel Karrenberg wrote:
Imagine having a path that reaches the desired destination and not taking it. Make no mistake, situations like this will start to appear. They will be routing problems, DNS problems and other unforeseen problems in the largest network interoperability experiment ever.
Todd Herr also advices that “First, you are going to have to listen for outbound email connections on IPv6 from your own customers”. I disagree with that also. The first step is to accept IPv6 traffic on all services before creating outgoing IPv6 traffic. This means that ISPs must be able to accept email coming from IPv6 before sending. And yes I know that while the robustness principle was invented for what one accepts and sends within a protocol’s specification (i.e. what one sends and accepts in an SMTP dialog) it also applies here. One cannot have machines ready to send via a medium where no one is listening. First we build the listeners and then the senders.
The time to deploy IPv6 is now: First the routers, then the servers, next the services and last the users. So yes, you do not have to migrate your email infrastructure to IPv6 tomorrow, but spend this year planning (and testing). In a year the migration clock will be ticking.