IETF Logo Mail Archive

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

Tony Finch <dot@dotat.at> Mon, 10 November 2008 18:25 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 715DE28C146; Mon, 10 Nov 2008 10:25:28 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D60AB28C146 for <ietf@core3.amsl.com>; Mon, 10 Nov 2008 10:25:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6
X-Spam-Level:
X-Spam-Status: No, score=-6 tagged_above=-999 required=5 tests=[AWL=-0.200, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OXt2FkPgayt for <ietf@core3.amsl.com>; Mon, 10 Nov 2008 10:25:25 -0800 (PST)
Received: from ppsw-7.csi.cam.ac.uk (ppsw-7.csi.cam.ac.uk [131.111.8.137]) by core3.amsl.com (Postfix) with ESMTP id 842BD3A68BA for <ietf@ietf.org>; Mon, 10 Nov 2008 10:25:25 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from hermes-1.csi.cam.ac.uk ([131.111.8.51]:34418) by ppsw-7.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:25) with esmtpa (EXTERNAL:fanf2) id 1KzbRr-0000Fj-ND (Exim 4.70) (return-path <fanf2@hermes.cam.ac.uk>); Mon, 10 Nov 2008 18:25:15 +0000
Received: from fanf2 (helo=localhost) by hermes-1.csi.cam.ac.uk (hermes.cam.ac.uk) with local-esmtp id 1KzbRr-0002tW-5u (Exim 4.67) (return-path <fanf2@hermes.cam.ac.uk>); Mon, 10 Nov 2008 18:25:15 +0000
Date: Mon, 10 Nov 2008 18:25:15 +0000
From: Tony Finch <dot@dotat.at>
X-X-Sender: fanf2@hermes-1.csi.cam.ac.uk
To: Keith Moore <moore@network-heretics.com>
Subject: Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)
In-Reply-To: <491850D0.2070300@network-heretics.com>
Message-ID: <alpine.LSU.2.00.0811101820090.30582@hermes-1.csi.cam.ac.uk>
References: <20081110130255.49372.qmail@simone.iecc.com> <491850D0.2070300@network-heretics.com>
User-Agent: Alpine 2.00 (LSU 1167 2008-08-23)
MIME-Version: 1.0
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Mon, 10 Nov 2008, Keith Moore wrote:
>
> I suspect it will be very difficult to make IPv6 DNSxLs work anywhere
> nearly as well as IPv4 DNSxLs, because in IPv6 it is fairly easy to use
> a different address for every SMTP conversation.

I expect that attack will make /48 or /64 listings common. This has the
obvious downside of an increased risk of one infected host spoiling email
connectivity for its immediate neighbours, even more than is already the
case for IPv4 DNSBLs. Perhaps ISPs and hosting providers can mitigate that
by enforcing address allocation policies.

In any case, DNSBLs should scale roughly according to the size of the
routing table, not the size of the address space.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
FISHER: SOUTHWEST 6 TO GALE 8 BACKING SOUTH 5 OR 6. VERY ROUGH BECOMING
MODERATE OR ROUGH. SHOWERS. MODERATE OR GOOD.
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email