ietf-asrg
[Top] [All Lists]

Re: [Asrg] DNSBL and IPv6

2012-10-25 19:35:10

Anyway, back on topic: I'm still not convinced we'd be talking about
IPv6-based blacklists if we didn't have a long and successful history of
IPv4-based blacklists.

How about enumerating goodness rather than badness?

Does anybody have a list of techniques to consider?

We don't have to list IP Addresses.  We could list domains and only accept 
mail if the IP Address reverses to a listed domain (and forward confirms).

Would ISPs be willing to run a (white)list of their customers?  (Either by 
domain or IP Address.)  How about web hosters?

Can't we do something entirely different for IPv6? Like, use domain-based
filtering by making it mandatory to DKIM-sign a message you send over IPv6
outside of your network?

Does DKIM tell me anything about the sending site being good or bad?

If I get a DKIM signed message, I could lookup the domain rather than the 
sender's IP address.  Does that avoid the too-many-IPv6 addresses problem?


I'm obviously biased since I run dnswl.org, but an IPv6-based whitelist may
work better than an IPv6-based blacklist. Enumerating the goodness is
generally easier than enumerating the badness. 

What fraction of email comes from hosts you have listed?  How hard would it 
be to scale your list up to cover the whole world?

Assuming that you don't want to put all your eggs in one basket, how many 
white lists would you need and/or how would you decide the order to check 
them?

Do we need a list of ISPs that maintain a list of their their clients?


-- 
These are my opinions.  I hate spam.



_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>