On Wed, 17 Jun 2009, Steve Atkins wrote:
On Jun 16, 2009, at 4:17 PM, Daniel Feenberg wrote:
Because it would be impossible to maintain a DNSBL for IPV6,
I keep hearing people say this, but I've not seen any clear justification for
it. It seems to me to be no more difficult to run a blacklist for IPv6
addresses than IPv4 addresses (neither is easy, but the details of the
address representation don't seem to make more than minor differences).
Can you expand on why you think it's the case, or point me at some discussion
of it?
Of course a spammer could reuse an IPV6 address, and then a DNSBL could
catch subsequent spam from that address. But there isn't any need to reuse
IPV6 addresses - they are nearly infinite in number, each customer is
assigned billions by default and there is no real need for the spammer to
restrict himself to his officially listed addresses.
IPV4 DNSBL work, even though they are "listing badness" because IPV4
address space is finite. That means that "listing badness" isn't really
different from "listing goodness". But if badness is infinite, then
listing bad addresses won't be effective.
Note that my argument that MTAs with only IPV6 won't be established is not
contradicted by the existence of MTAs with IPV6 and IPV4 connectivity. Nor
does it really depend on the difficulties with DNSBLs, although that is an
additional obstacle. The major obstacle is the limited connectivity that
an IPV6 only MTA would have.
Daniel Feenberg
Cheers,
Steve
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg