Le 23 août 2014 à 07:51, Michael Chang <thenewm...@gmail.com> a écrit :
> I was under the impression that it wasn't so much about there being more IPv6 > spam as much as tracking IPv6 reputation based on addresses was > computationally infeasible. > > If a spammer gets a hold of a /64, then the spammer can send 18 billion > billion (~2^64) different email addresses, each coming from a different IP > address. Never-mind that a spammer can go to a half-dozen tunnel brokers and > get /48s for free. > Indeed, if your repudiation algorithm is naïve. Blacklisting by /128 is not viable. But you can definitely filter by /64. For smaller prefixes (/48, /56), you can try to put a reputation on prefixes (depending on the number of /64 you already blacklisted) in order to blacklist the entire prefix. Best regards. Emmanuel Thierry > > On Fri, Aug 22, 2014 at 8:18 PM, Brian E Carpenter > <brian.e.carpen...@gmail.com> wrote: > On 23/08/2014 11:16, 🔓Dan Wing wrote: > > On Aug 22, 2014, at 7:42 AM, Matthew Huff <mh...@ox.com> wrote: > > > >> Currently it is not feasible to do ipv6 reputation filtering. IPv4 > >> reputation filtering is a big part of most anti-spam engines, so without > >> it, SPF / DKIM of domain reputation is the best alternative. > >> > >> BTW, we have had to remove all IPv6 from our mail gateways due to the > >> large number of Exchange SBS with broken isatap/6to4 tunnels causing mail > >> to blackhole. > > > > MTU issue? > > I can't speak for Teredo, but for 6to4 there is a whole list of > possible issues ( http://tools.ietf.org/html/rfc6343 ). PMTUD failure > and/or MSS negotiation failure are on the list, and so is reverse > DNS failure. > > Brian > > > > > -d > > > > > >> These have been at small web based retailers which don't have hosted > >> email. After the third incident, we yanked our IPv6 from our MX/gateways. > >> > >> > >> > >> ---- > >> Matthew Huff | 1 Manhattanville Rd > >> Director of Operations | Purchase, NY 10577 > >> OTA Management LLC | Phone: 914-460-4039 > >> > >> -----Original Message----- > >> From: ipv6-ops-bounces+mhuff=ox....@lists.cluenet.de > >> [mailto:ipv6-ops-bounces+mhuff=ox....@lists.cluenet.de] On Behalf Of Nick > >> Hilliard > >> Sent: Friday, August 22, 2014 10:25 AM > >> To: Lorenzo Colitti; Laurent GUERBY > >> Cc: IPv6 Ops list > >> Subject: Re: SMTP over IPv6 : gmail classifying nearly all IPv6 mail as > >> spam since 20140818 > >> > >> On 22/08/2014 15:16, Lorenzo Colitti wrote: > >>> Are you following the "Additional guidelines for IPv6" section of > >>> https://support.google.com/mail/answer/81126 ? > >> Lorenzo, > >> > >> it looks like Google is trying to enforce SPF / DKIM on ipv6 connections > >> where there is no similar requirement for ipv4. Is there a particular > >> reason for this? It's causing a lot of breakage. > >> > >> Nick > >> > > > > > >