Re: [Asrg] [ASRG] SMTP pull anyone?

Daniel Feenberg <> Fri, 28 August 2009 11:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BA28628C219 for <>; Fri, 28 Aug 2009 04:46:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id XQBE4r9ZMVkh for <>; Fri, 28 Aug 2009 04:46:40 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 4159728C20C for <>; Fri, 28 Aug 2009 04:46:36 -0700 (PDT)
Received: from ( []) by (8.14.1/8.13.8) with ESMTP id n7SBkfYx062186 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for <>; Fri, 28 Aug 2009 07:46:42 -0400 (EDT) (envelope-from
Received: from (localhost []) by (8.13.8+Sun/8.13.8) with ESMTP id n7SBcsEV013195; Fri, 28 Aug 2009 07:38:54 -0400 (EDT)
Received: from localhost (Unknown UID 1079@localhost) by (8.13.8+Sun/8.13.8/Submit) with ESMTP id n7SBcslR013192; Fri, 28 Aug 2009 07:38:54 -0400 (EDT)
X-Authentication-Warning: Unknown UID 1079 owned process doing -bs
Date: Fri, 28 Aug 2009 07:38:54 -0400 (EDT)
From: Daniel Feenberg <>
To: Anti-Spam Research Group - IRTF <>
In-Reply-To: <>
Message-ID: <>
References: <> <> <> <> <>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Anti-Virus: Kaspersky Anti-Virus for Sendmail with Milter API 5.6.20, bases: 20090827 #2447750, check: 20090828 clean
Subject: Re: [Asrg] [ASRG] SMTP pull anyone?
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <>
List-Id: Anti-Spam Research Group - IRTF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Aug 2009 11:46:41 -0000

Tim Chown wrote:

>Based on our stats from June, we received an average of 158,000 messages
>per day over IPv4 transport, of which 81% were deemed spam, while we
>received 438 (yes, 438!) messages via per day IPv6, of which 32% were 
>spam. So even for us, v6 is less than 1% of all received mail.

The relevant percentage would be the spam percentage coming from hosts 
that have no IPv4 address. The quality of dual-stacked hosts is not 
really germane to the question of whether IPv6 only hosts will ever exist.

I don't doubt that many MTAs will accept IPv6 mail. What I dispute is the 
liklihood of anyone running a legitimate Internet MTA that accepts mail 
from an IPv6 only host. My reasoning is that such a host would have 
limited connectivity. There are two reasons for this. (1) Many MTA 
operators will lag in the adoption of IPv6 due to general lack of 
interest, ability or funds, so an IPv6 only MTA will have no access to 
many MTAs, much worse even than MTAs operating at dial-up addresses 
currently have. (2) Anyone operating an MTA on IPv6 will have to do 
without the single most effective anti-spam technique we have, the DNSBL. 
This will cause many operators with the resources to add IPv6 to hesitate 
to do so.

Given either of these two reasons, few or no MTAs will run IPv6 only, 
which obviates the need for IPv6 entirely.

Of course, some operators can do without DNSBLs, and they can 
easily operate dual-stack. There is no practical way they can drop IPv4, 
nor will they ever be able to do so.

So, how much mail came from IPv6-only hosts? And what was the percentage 
of spam?

Daniel Feenberg