Rich, does ipv6 change any of this?
I'm not Rich, but the open question at this point is how effective
DNSBLs will be on IPv6.
A DNSBL that blocks a single IP at a time, like the CBL and XBL, would
be unworkable. A typical v6 setup allocates a /64 to each host which
allows various sorts of clever self-configuration, but also means the
host can easily use a different IP address for every connection it
ever makes. (At one address per millisecond, it would take 500 million
years to run through a /64.) DNSBLs can and do list ranges, and an
obvious change would be to make the finest listed granularity be a
/64, but we really have no idea how the vast number of v6 addresses
will be handed out, and whether it will be practical to create
listings that cover all of the available addresses for a particular
host without also listing a lot of its neighbors.
This suggests that whitelisting techniques (most likely based on DKIM)
will become much more important to recognize mail from people you know
are credible.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg