funsec mailing list archives
Re: Why spam blacklisting isn't going to work anymore ...
From: Dan White <dwhite () olp net>
Date: Tue, 8 Mar 2011 16:36:41 -0600
On 08/03/11 13:38 -0800, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:
http://www.theregister.co.uk/2011/03/08/ipv6_spam_filtering_headache/
Summary:
The migration towards IPv6, which has been made necessary by the expansion of the internet, will make it harder to filter spam messages, service providers warn.
...
While this expansion allows far more devices to have a unique internet address, it creates a host of problems for security service providers, who have long used databases of known bad IP addresses to maintain blacklists of junk mail cesspools. Spam-filtering technology typically uses these blacklists as one (key component) in a multi-stage junk mail filtering process that also involves examining message contents.
...
"Cloudmark advocates that ISPs do not initially need to be able to receive mail from IPv6 addresses (on inbound) except from their own customers (known as outbound)," Paton explained. "This would ensure business continuity for ISPs and provisioning of ADSL/Cable modems to continue. This measure will also protect the IPv4 reputation system that is currently in use and working well."
The rather simple solution (if you're in to blacklists) is to treat comprised traffic as coming from a subnet (such as the containing /64 subnet), rather than an individual address. This is one of the reasons why I'm assigning v6 subnets in /48 blocks to customers rather than something shorter, regardless of the complexity of the customer's network. When it's all said and done, I expect many such blacklists to reject on the /48 boundary. -- Dan White _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Why spam blacklisting isn't going to work anymore ... Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 08)
- Re: Why spam blacklisting isn't going to work anymore ... Dan White (Mar 08)
- Re: Why spam blacklisting isn't going to work anymore ... Larry Seltzer (Mar 08)
- Re: Why spam blacklisting isn't going to work anymore ... Valdis . Kletnieks (Mar 09)