Our first inbound email via IPv6

[vixie at isc.org (Paul Vixie)]

Randy Bush <randy at psg.com> writes:

> > ...
> i have assiduously avoided gaining serious anti-spam fu.  but it seems
> to me that ipv6 does not create/enable significantly more spam-bots.

the malware will generally have complete control over the bottom 64 bits
of an ipv6 address. there's no reason to expect to ever receive more than
one spam message from any single ipv6 source.

so, we'll all be blackholing /64's.

moreover, there are going to be more native endpoints in ipv6 than there
were in ipv4, since the NAT incentives are very different in the larger
address pool.

so, we'll all need network operators to whitelist the parts of their
address spaces that they plan to send e-mail from, so that we can avoid
having to blackhole things one /64 at a time.

as before: for more information see:

http://www.circleid.com/posts/20110607_two_stage_filtering_for_ipv6_electronic_mail/

paul