[rbldnsd] Re: rbldnsd support for IPv6 entries

Benoit Panizzon benoit.panizzon at imp.ch
Wed Jun 22 12:00:14 MSD 2005 

Hi Michael

> Well... IPv6 covers *much* larger space than IPv4, and is "larger" too,
> in various aspects (larger, 128 vs 32 bits, addresses, 16 vs 4 "nibbles"
> in reverse query, etc).  Ofcourse, as IPv6 isn't (yet) deployed that
> widely as IPv4, it isn't here yet to worry about sizes right now.. may
> be.
>
> The problem is, I don't know how to represent IPv6 internally, to be
> compact and efficient.  Also, I don't know if it's worth the effort to
> list ranges smaller than /64, but for things like open relays or
> proxies, /128 seems to be a way to go.

Well, in most cases 'end-users' will get assigned a /64 Range making NAT 
obsolete. But true, to stop a single unmaintained open relay, /128 would be 
more appropriate.

It is allready possible to build IPv6 DNS-RBL's using bind and do wildcard 
entries for /64 or other boundaries.

> > We use IPv6 enabled mailserver and would like to be able to blacklist
> > Adresses that sent us spam via IPv6.
>
> This can be useful.  Assuming there is IPv6 support in rbldnsd, how'd you
> use it in your case?  Do you list neranges, or individual /128 adddresses?
> How many of them do you see?  And, is there any spam in IPv6 space, at all,
> in the first place? ;) (I don't think "regular" spammers seriously (or at
> all) looking at IPv6 nowadays - too much work without any good reason).

Well this is the problem.
We feed the rbldnsd from Spamtraps, so spamruns get blocked targetting huge 
ammounts of web-harvested email-addresses get blocked allmost realtime.

Our Mailadmin won't enable IPv6 to receive email until there is a way of also 
using this mechanism on spam that could happen to arrive via IPv6.

Actually I'm operating my own mailserver with IPv6 for about two years now and 
I have never seen any Spammail arriving via IPv6. But that has not as much 
traffic as our 'big' ISP Mailservers.

There are more prerequisites that have to be met...

SpamAssassin itself  is not yet able to do lookups of IPv6 DNS-Rbl's (it does 
not even parse IPv6 Received: lines correctly, but looking at the code this 
should not be too hard to accomplish.

Well so I'll first look a bit more into spamassassin etc. and trying to 
implement IPv6-DNSbl with bind. So maybe in a few months or so when there is 
more need for a specialized DNSBL dns-server I'll contact you again :-)

Regards
-- 
BenoƮt Panizzon, <bp at imp.ch>
------------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP                   Phone:   +41 61 826 93 00
			     Kabelinternet-Hotline:   +41 61 826 93 07
Zurlindenstrasse 29                            Fax:   +41 61 826 93 01
CH-4133 Pratteln                               Net:   http://www.imp.ch/
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
Url : http://www.corpit.ru/pipermail/rbldnsd/attachments/20050622/c6f78cf9/attachment.pgp

More information about the rbldnsd mailing list