IETF Logo Mail Archive

Re: [Asrg] DNSBL and IPv6

"Peter J. Holzer" <hjp-asrg@hjp.at> Sun, 21 October 2012 21:37 UTC

Return-Path: <hjp-asrg@hjp.at>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EEBC21F887A for <asrg@ietfa.amsl.com>; Sun, 21 Oct 2012 14:37:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.082
X-Spam-Level:
X-Spam-Status: No, score=-0.082 tagged_above=-999 required=5 tests=[AWL=-0.141, BAYES_05=-1.11, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2vgxV5kR7XEh for <asrg@ietfa.amsl.com>; Sun, 21 Oct 2012 14:37:09 -0700 (PDT)
Received: from zeno.hjp.at (ns1.hjp.at [212.17.106.132]) by ietfa.amsl.com (Postfix) with ESMTP id B5C7221F8878 for <asrg@irtf.org>; Sun, 21 Oct 2012 14:37:09 -0700 (PDT)
Received: by zeno.hjp.at (Postfix, from userid 1000) id 4D416400E; Sun, 21 Oct 2012 23:37:08 +0200 (CEST)
Date: Sun, 21 Oct 2012 23:37:08 +0200
From: "Peter J. Holzer" <hjp-asrg@hjp.at>
To: asrg@irtf.org
Message-ID: <20121021213708.GF3248@hjp.at>
References: <20121019224131.28382.qmail@joyce.lan> <5081EF6F.9030808@hireahit.com> <5C0A004C-1BAD-4103-85C2-B94B718F0367@blighty.com> <20121020073031.GA3248@hjp.at> <121020072504.ZM5005@torch.brasslantern.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="CGDBiGfvSTbxKZlW"
Content-Disposition: inline
In-Reply-To: <121020072504.ZM5005@torch.brasslantern.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Subject: Re: [Asrg] DNSBL and IPv6
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Oct 2012 21:37:10 -0000

On 2012-10-20 07:25:04 -0700, Bart Schaefer wrote:
> On Oct 20,  9:30am, Peter J. Holzer wrote:
> }
> } Is there a reason why a legitimate MTA (talking to MXs, not submission
> } servers) would want to hop around in its net?
> 
> A legitimate MTA could still be running in a dynamically-assigned space.
> In this case it might hop all over the space but probably wouldn't hop
> very frequently.

By "dynamically-assigned space" do you mean a dynamically assigned
address within a /64 (either by DHCP or by privacy extensions)? If so, I
already mentioned that and yes, I think it doesn't change fast enough to
make greylisting infeasible (but frequently enough to make it annoying).

If you mean that an ISP is assigning a different /64 to the same
customer periodically (some privacy evangelists are demanding that this
should be the default), then this would probably be done even less
frequently, and this would most likely be treated the same as
dynamically assigned space today (i.e. very likely to be a zombie, not a
legitimate MTA).


> A single MTA host might have multiple NICs each with its own IP, and not
> always choose the same interface for the same MX on retry.  Here it might
> hop quite a lot, but among a limited number of choices.

An IP stack might also choose IP addresses at random or in a round robin
fashion if the interface has several. That could be a problem.

	hp

-- 
   _  | Peter J. Holzer    | Der eigene Verstand bleibt gefühlt messer-
|_|_) | Sysadmin WSR       | scharf. Aber die restliche Welt blickt's
| |   | hjp@hjp.at         | immer weniger.
__/   | http://www.hjp.at/ |   -- Matthias Kohrs in desd

v2.8.7 | Report a Bug | By Email