ietf
[Top] [All Lists]

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

2008-11-10 13:26:01
On Mon, 10 Nov 2008, Keith Moore wrote:

I suspect it will be very difficult to make IPv6 DNSxLs work anywhere
nearly as well as IPv4 DNSxLs, because in IPv6 it is fairly easy to use
a different address for every SMTP conversation.

I expect that attack will make /48 or /64 listings common. This has the
obvious downside of an increased risk of one infected host spoiling email
connectivity for its immediate neighbours, even more than is already the
case for IPv4 DNSBLs. Perhaps ISPs and hosting providers can mitigate that
by enforcing address allocation policies.

In any case, DNSBLs should scale roughly according to the size of the
routing table, not the size of the address space.

Tony.
-- 
f.anthony.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
FISHER: SOUTHWEST 6 TO GALE 8 BACKING SOUTH 5 OR 6. VERY ROUGH BECOMING
MODERATE OR ROUGH. SHOWERS. MODERATE OR GOOD.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>