> The real issue isn't that you can't block an entire CIDR, but that > the current DNSBL query methods compare with the full IP, which means > that caching becomes useless, since the /56 that a given user gets > can be cycled through randomly with more than the 2^40 times the > current Internet worth of AAAA RRs.
Actually, it occurs to me: this is something only spammers are likely to do. Thus, it becomes a detectable behaviour which can be used to identify them. I can see plenty of problems with that. I'm sure you can too. But it might be worth thinking about. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.