On 3/26/2014 12:09 PM, John Levine wrote:
OTOH, a spammer with a single /64, pretty much the absolute minimum IPv6 block,
has more than 18 quintillion addresses
and there�s not a computer on the planet with enough memory (or probably not
even enough disk space) to store that
block list.
Sometimes scale is everything. host-based reputation lists scale easily to 3.2
billion host addresses. IPv6, not so easily.
Quite right. If I were a spammer or an ESP who wanted to listwash, I
could easily use a different IP addres for every single message I sent.
Which isn't too bad for the spam block lists, as they will usually
escalate and block /64 and shorter anyways.
It will be problematic for handling something like CBL, though. DHCP
shifted occasionally, but not as often as IPv6 privacy addresses can.
The botnet world is where the problems will arise, and not just for
spam. It becomes even more problematic, as you don't know if you have
multiple bots in a /64 (individual handouts via DHCPv6) or a single bot
shifting within a /64 assignment, or given some layouts, perhaps
shifting within a /48 assignment.
Jack
