nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to wish you hadn't forced ipv6 adoption (was "How to force rapid ipv6 adoption")

From: Rob McEwen <rob () invaluement com>
Date: Thu, 1 Oct 2015 23:33:51 -0400
On 10/1/2015 11:18 PM, cortana5 () gmail com wrote:
Excuse my probable ignorance of such matters, but would it not then be preferred to create a whitelist of proven Email servers/ip's , and just drop the rest? Granted, one would have to create a process to vet anyone creating a new email server, but would that not be easier then trying to create and maintain new blacklists? 



I have heard that mentioned before. Unfortunately, this wouldn't work:
(1) we already have extensive IPv4 whitelists, many of which are used by prominent anti-spam blacklists (and ISPs) to prevent false positives. However, if tomorrow, ALL IPv4 blacklists disappears, and all mail servers only allowed in the traffic coming from the IPs listed on the better IPv4 whitelists, then a massive percentage of VERY legit mail would STILL be blocked. Therefore, if IPv4 whitelists can't keep up in the IPv4 work, how are they going to do so in the IPv6 world?
(2) Then there is the chicken-N-egg problem. How do you get your mail delivered if you are a new sender, but aren't on that list yet. How do you prove your sending practices are valid if you can't get your first e-mail delivered?
(3) Any solution to that "chicken-N-egg problem"... which tries to provide some kind of verification of legit senders... is a hoop that the spammers could jump through just as easily... and they will! (some of them doing so convince that they are doing nothing wrong because they were told that the list they bought isn't spam because the recipient forgot to uncheck a button that said, "receive offers from third parties"!)
(4) and this idea oversimplifies the complexity of the spam problem. For example, many of the better blacklists know just when it is appropriate to blacklist that legit sender who sends 100 legit messages a day, but had a compromised system that triggered 50 thousand spam to be sent out that day... and the better blacklists are good about delisting that sender soon after the problem is fixed. But in a whitelist-only world, you're stuck receiving all that spam! 

--
Rob McEwen
+1 478-475-9032
Previous By Date Next
Previous By Thread Next

Current thread: