Isn't the fear that with IPv6, spammers simply won't use the same
address twice, thereby causing cache meltdown on a scale that isn't
possible in today's IP-scarce IPv4 world?
That is my concern, but it is not at all clear how well existing DNSBL
queries cache. My current working hypothesis divides the mail world
into three parts:
Large: big mail systems get copies of the BLs out of band, e.g. by
rsync, and run a local rbldnsd on the same LAN as the mail servers.
Since a local rbldnsd can respond as fast as a cache, it uses a TTL of
zero to effectively bypass the cache, no problem.
Medium: mail systems query public BLs and use the local DNS cache.
Cache may or may not help.
Small: like medium, but so little traffic that cache entries all
expire before being reused, so it doesn't matter.
The concern is the medium systems. I have some hints, but nobody
really knows how well their queries cache.
If I had data I could try some experiments. Obvious things include
varying TTLs to see how that affects cache behavior. Slightly less
obvious things include the BL noting how many queries it gets for an
address, and returning a longer TTL for heavily queried addresses.
This would require a hacked server to vary the SOA TTL on negative
answers, but we know how to do that.
So, anyone got server log [IP,timestamp] data they can share?
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg