On Mar 29, 2013, at 9:58 AM, "John Levine" <johnl(_at_)taugh(_dot_)com> wrote:
As a result, it is questionable whether any IPv6 address-based reputation
system can be successful (at least those based on voluntary principles.)
It can probably work for whitelisting well behaved senders, give or take
the DNS cache busting issues of IPv6 per-message lookups.
Since a bad guy can easily hop to a new IP for every message (offering
interesting new frontiers in listwashing) I agree that it's a losing
battle for blacklisting, other than blocking large ranges of hostile
networks.
Fortunately, the IETF as a whole is not called upon to solve this
problem right now. People interested in mail reputation are welcome
to drop by the spfbis WG and the discussions in appsarea about
updating authentication and authentication logging RFCs.
Dear John,
The Internet is under a DDoS attack specifically against an email address
reputation service. This affects everyone, especially the IETF.
Strategies not premised on low overhead AUTHENTICATION are of little benefit.
We can no longer continue business as usual. I call upon the IETF to solve
this problem. It is within their charter. It is within their capabilities.
We can not make everyone upgrade, but we can establish a path that has a chance
of offering a solution.
Regards,
Douglas Otis