[153693] in North American Network Operators' Group
Re: Our first inbound email via IPv6
daemon@ATHENA.MIT.EDU (Paul Vixie)
Sun Jun 10 17:46:27 2012
To: nanog@nanog.org
From: Paul Vixie <vixie@isc.org>
Date: Sun, 10 Jun 2012 21:46:14 +0000
In-Reply-To: <m2wr3ffb2w.wl%randy@psg.com> (Randy Bush's message of "Sun,
10 Jun 2012 08:20:07 -0700")
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Randy Bush <randy@psg.com> writes:
> > ...
> i have assiduously avoided gaining serious anti-spam fu. but it seems
> to me that ipv6 does not create/enable significantly more spam-bots.
the malware will generally have complete control over the bottom 64 bits
of an ipv6 address. there's no reason to expect to ever receive more than
one spam message from any single ipv6 source.
so, we'll all be blackholing /64's.
moreover, there are going to be more native endpoints in ipv6 than there
were in ipv4, since the NAT incentives are very different in the larger
address pool.
so, we'll all need network operators to whitelist the parts of their
address spaces that they plan to send e-mail from, so that we can avoid
having to blackhole things one /64 at a time.
as before: for more information see:
http://www.circleid.com/posts/20110607_two_stage_filtering_for_ipv6_electronic_mail/
paul
