[Asrg] DNSBL and IPv6
2012-10-19 01:22:48
Hello.
I just subscribed to this list and tried to read up.
I'm very interested in IPv6 and SPAM, and I'd like to add some to the two last
threads here regarding DNSBL and IPv6.
Fundamentally in IPv6, a "customer" (or entity or whatever) will in a lot of
cases not a single IP address, but a network.
Households will get /64s, or get a /56 via DHCPv6-PD. Phones get a /64 or a
network via DHCPv6-PD. Companies get /48 (or something else, but a bunch of
networks). This is fundamentally how IPv6 was intended to be used, and
hopefully that's how most ISPs will deliver it to customers.
So for spam detection to happen, detection of what is a "customer" needs to
happen, and this needs to be on a network level, not single IPv6 address level.
The RIR databases (at least RIPE) contain information about what kind of
per-customer subnet size is for a certain large block of addresses.
Equivalent in IPv4 is "this customer has an IPv4 /26" and spam blocking would
be done on a per-customer level, not per unique IPv4 address.
I'm a routing guy, not MUA/MTA guy, so I have little insight in what things
look like in the real world outside of my personal setup with postfix, some
DNSBL and procmail/spamassassin.
What I feel needs to happen is that policy needs to put in place to RIRs (via
ISPs) can present "what is a customer" on a network level, and then this
information can be put into DNS somehow, and used for DNSBL.
Example:
An ISP serves 10000 households with connectivity, each household gets a /56,
this is done via an IPv6 /42 (because this is in a single town and it's
aggregated like that). So this /42 would be in some kind of "residential
access" classification, so people could block on that, and if one wants to
block unique spammers, then this needs to be identified on a /56 level.
In other places I've pitched that the RIRs would publish this information in
some kind of format outside of whois, so perhaps we need to start there, to
create a standard (I don't know who should create the standard, but agreeing
that a standard is needed is one step) for how this information is published,
is a first step.
Thoughts?
--
Mikael Abrahamsson email: swmike(_at_)swm(_dot_)pp(_dot_)se
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Asrg] DNSBL and IPv6,
Mikael Abrahamsson <=
|
|
|