IETF Logo Mail Archive

Re: [Asrg] How will we manage IPv6 spam?

Daniel Feenberg <feenberg@nber.org> Fri, 17 August 2012 20:59 UTC

Return-Path: <feenberg@nber.org>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE97E11E80DC for <asrg@ietfa.amsl.com>; Fri, 17 Aug 2012 13:59:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rDXuAjIRTUF1 for <asrg@ietfa.amsl.com>; Fri, 17 Aug 2012 13:59:35 -0700 (PDT)
Received: from mail2.nber.org (mail2.nber.org [66.251.72.79]) by ietfa.amsl.com (Postfix) with ESMTP id F23EA11E80D1 for <asrg@irtf.org>; Fri, 17 Aug 2012 13:59:34 -0700 (PDT)
Received: from nber6 (nber6.nber.org [66.251.72.76]) by mail2.nber.org (8.14.4/8.14.4) with ESMTP id q7HKxT9J090565; Fri, 17 Aug 2012 16:59:30 -0400 (EDT) (envelope-from feenberg@nber.org)
Date: Fri, 17 Aug 2012 16:51:14 -0400 (EDT)
From: Daniel Feenberg <feenberg@nber.org>
X-X-Sender: feenberg@nber6
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
In-Reply-To: <alpine.BSF.2.00.1208171554300.31068@joyce.lan>
Message-ID: <Pine.GSO.4.64.1208171642250.8836@nber6>
References: <alpine.BSF.2.00.1208171554300.31068@joyce.lan>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.39/RELEASE, bases: 20120817 #7899949, check: 20120817 clean
Subject: Re: [Asrg] How will we manage IPv6 spam?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Aug 2012 20:59:35 -0000

On Fri, 17 Aug 2012, John R. Levine wrote:

> Hi.  Remember the ASRG?  I was hoping it might do a little research.
>
> In talking to people about IPv6 mail, I'm still coming to the conclusion that 
> anyone who thinks they know how they're going to handle it, beyond the 
> current toy scale, doesn't understand the problem.  Things we might address 
> include:
>

I would not expect to accept any IPv6 mail until users come forward to 
show me that they wish to correspond with MTAs that have no IPv4 
connection ability. While this may happen in the fullness of time, I don't 
expect it soon. Now and for the foreseeable future such a system would 
have very little connectivity, far less than a blacklisted spam source.

I understand that a non-trivial number of MTAs are currently able to use 
IPv6, but I also understand that all of the ones we wish to correspond 
with are also capable of using IPv4. Since our anti-spam technology 
(Spamhaus) is very dependent on IPv4 blacklists, it would be very 
undesirable to add a general IPv6 port. I would add a handful of IPv6 only 
sites to a whitelist or subscribe to a responsible whitelist long before 
attempting to accept messages from unknown IPv6 mtas.

We are all familiar with the concept that you "can't enumerate badness". 
The IPv4 address space is small enough that you actually can, and it
has worked very well for us. In IPv6, I don't think it would work at all.

dan feenberg
NBER


>
> R's,
> John

v2.8.7 | Report a Bug | By Email