IETF Logo Mail Archive

Re: [Asrg] DNSBL and IPv6

"John Levine" <johnl@taugh.com> Fri, 19 October 2012 22:41 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A64221F87CD for <asrg@ietfa.amsl.com>; Fri, 19 Oct 2012 15:41:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.402
X-Spam-Level:
X-Spam-Status: No, score=-110.402 tagged_above=-999 required=5 tests=[AWL=-0.803, BAYES_50=0.001, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2WPDQx-wWzLe for <asrg@ietfa.amsl.com>; Fri, 19 Oct 2012 15:41:57 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id AC21521F878B for <asrg@irtf.org>; Fri, 19 Oct 2012 15:41:56 -0700 (PDT)
Received: (qmail 96612 invoked from network); 19 Oct 2012 22:41:54 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP; 19 Oct 2012 22:41:54 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=5081d731.xn--yuvv84g.k1208; i=johnl@user.iecc.com; bh=xouR3P5tgbNYob+ub3mlxXz0WF3l6pI7rU4AZB8yOmg=; b=EQQ2oar6O7Y1g+py12b0KoOZDHpRVVMjvFgB92qUb6oWpF8px+zMrXWfwTPLgIzsR0dEv0C9Pn3z0mPFXX6c6yL/ebZkpO4zqk63XQZWFrxDwU6s0swUmbgc3eFGytu467rMs/K/+mFBuRk1PMZyBXvvzmq/KyN+fVEFjf8yLXk=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info; s=5081d731.xn--yuvv84g.k1208; olt=johnl@user.iecc.com; bh=xouR3P5tgbNYob+ub3mlxXz0WF3l6pI7rU4AZB8yOmg=; b=iQg0UAYdq6MZ4Q7EnJPWAgeh7V1Aj6BkI1EL0YZy2vjenbcEVz+y1r/6OZozPAguh5HNBWq+dbp01vFnlF+1FcSq+I374O0Xs14lYCP8VUfB6jKuC9ZOYeMEtVUjEw5m++jFa4GvPjmEN6C5faNsVcfjPB7aG168A4CXpFngH9A=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: 19 Oct 2012 22:41:31 -0000
Message-ID: <20121019224131.28382.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <CALgnk9rEPZwR5UHqeqSWQOPLYMOdLCF=hP1u+oeFatoVoavv3w@mail.gmail.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] DNSBL and IPv6
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Oct 2012 22:41:57 -0000

>> What I feel needs to happen is that policy needs to put in place to RIRs
>> (via ISPs) can present "what is a customer" on a network level, and then
>> this information can be put into DNS somehow, and used for DNSBL.

Yeah, I've been talking to people on and off about this for over a
year.  Even though providers can lie about their allocation
granularity, most won't, and the ones that lie would probably merit
total blocking anyway.

A customer allocation can be anywhere from a /56 to a /64, and I
expect we'll see hosting companies with a /64 per rack or per VM host,
so you'll have different customers within the same /64.

So, uh, anyone interested in doing simulations of how this sort of
stuff would work with various DNSBL designs?  I have access to IPv4
mailstream connection data we can use to calibrate it.

R's,
John

v2.8.7 | Report a Bug | By Email