For the case of abusive behaviour (ie, spammer using vast pools of IP
addresses, eg > 10^3 IP addresses, either snowshoe-like or in cannon
style), DNS caches will only blow if receiving systems are "dumb", ie
do not handle dDoS-like patterns appropriately. That's already an
issue today, and will only be "somewhat worse" in an IPv6 world.
How can an MTA tell whether a connection from a hitherto unseen IP
is part of a DDoS or a real user sending mail for the first time?
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg