Re: [Asrg] rDNS and cache issues, was How will we manage IPv6 spam?
"John Levine" <johnl@taugh.com> Sun, 19 August 2012 23:39 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id E42FA21F8567 for <asrg@ietfa.amsl.com>;
Sun, 19 Aug 2012 16:39:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -111.145
X-Spam-Level:
X-Spam-Status: No, score=-111.145 tagged_above=-999 required=5 tests=[AWL=0.054,
BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3,
USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id btcEDr2YKW1V for
<asrg@ietfa.amsl.com>; Sun, 19 Aug 2012 16:39:04 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com
[IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with
ESMTP id B63D821F8564 for <asrg@irtf.org>;
Sun, 19 Aug 2012 16:39:02 -0700 (PDT)
Received: (qmail 59650 invoked from network); 19 Aug 2012 23:38:58 -0000
Received: from leila.iecc.com (64.57.183.34) by mail1.iecc.com with QMQP;
19 Aug 2012 23:38:58 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com;
h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info;
s=50317912.xn--yuvv84g.k1208; i=johnl@user.iecc.com;
bh=MqrU/Lzceiu7kjQU3KyomdhsQ1m6/fIAmBXm76XI0Z4=;
b=Rh8rmOCERGJPDxo6uwUWdcFY08v4jmo9eSJNSWJhe6iNNQR8KsPxSA7/YiY5cm8PoFuspBKwstd6JnC65R+FEG64dYOZsLqgroEeBB7LzlvPX7Pnz3dNzn0OjxwA+D24MKDxP8T6o70bC7gpf1YkCPby7EZog9xrWZpolUxgzNQ=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com;
h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:vbr-info;
s=50317912.xn--yuvv84g.k1208; olt=johnl@user.iecc.com;
bh=MqrU/Lzceiu7kjQU3KyomdhsQ1m6/fIAmBXm76XI0Z4=;
b=GeWWPX1ip/15a2KIQtdKAZZdOIAa5xiTHE0nzl0wVmc0qV4WJA0QY0CGFV2hTJaLS96Y7sMURFR013I9jYBLVtJTv+UulzMQ9UwM6FIBseva4s9pdnt26tTfrsRIes0Hp1U0p0SQk32g2Qjxrf5Q5NjtBnGCGSvpx76R8f1LUw8=
VBR-Info: md=iecc.com; mc=all; mv=dwl.spamhaus.org
Date: 19 Aug 2012 23:38:36 -0000
Message-ID: <20120819233836.95876.qmail@joyce.lan>
From: "John Levine" <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <5030F48B.4000601@bofhland.org>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] rDNS and cache issues, was How will we manage IPv6 spam?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>,
<mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
<mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Aug 2012 23:39:05 -0000
>If this problem is going to raise, it's going to raise exactly the same >way with rDNS as well, so having v6 DNSBLs in place is going to make the >problem worse by just a factor related only with the number of DNSBLs in >place. 2x? 5x? That's true, but people I've talked to at large mail systems say they're not planning to do rDNS lookups for v6 mail, both because of the cache problems and because they don't think it will catch much spam. >FWIW, the DNSBL case can be worked around using 0 as TTL for DNSBLs >(directly on the DNSBL side, or on the caching side for resolvers with >the ability to do that). That's true, but what would be really nice would be DNSBLs that tried to be smart about TTLs based on the amount of traffic an IP sends. I'd think it should be possible to estimate that pretty well from query logs. >make it query for the /64 network instead of the full address, ... >This would significantly reduce the size of the caching problem, but >would render listings much less granular and whiltelisting of single >hosts basically impossible... I think you'll also find that you're blacklisting whole racks at hosting companies when one customer has an insecure PHP script. >> * Is there some reasonable way for networks to publish allocation >> granularity >I already had the chance to tell you that, but RIPE DB provides an >"assignment-size" field with this explicit purpose: Do you really want people querying that at DNSBL rates? This needs to be at a lower level. >> * Can we build models to predict this stuff now, since under the most >> optimistic scenario it'll still be years before the v6 mail volume >> approaches v4 mail volume. > >DUNNO Hey, I know a research group where we could give it a try. R's, John
- [Asrg] How will we manage IPv6 spam? John R. Levine
- Re: [Asrg] How will we manage IPv6 spam? Daniel Feenberg
- Re: [Asrg] How will we manage IPv6 spam? Michael Thomas
- Re: [Asrg] How will we manage IPv6 spam? Daniel Feenberg
- Re: [Asrg] How will we manage IPv6 spam? Paul Smith
- Re: [Asrg] How will we manage IPv6 spam? Michael Thomas
- Re: [Asrg] How will we manage IPv6 spam? John Levine
- Re: [Asrg] How will we manage IPv6 spam? Daniel Feenberg
- Re: [Asrg] How will we manage IPv6 spam? Daniel Feenberg
- Re: [Asrg] How will we manage IPv6 spam? Paul Smith
- Re: [Asrg] How will we manage IPv6 spam? Emanuele Balla (aka Skull)
- Re: [Asrg] How will we manage IPv6 spam? SM
- Re: [Asrg] rDNS and cache issues, was How will we… John Levine
- Re: [Asrg] rDNS and cache issues, was How will we… Emanuele Balla (aka Skull)
- Re: [Asrg] rDNS and cache issues, was How will we… Matthias Leisi
- Re: [Asrg] rDNS and cache issues, was How will we… John Levine