On Sat, 22 Nov 2014 13:15:29 +0100 Aban Dokht <ml...@abando.de> wrote:
> We also have honeypots with enabled IPv6 MX, but SPAM over IPv6 is > very, very seldom. We keep reputation reports from a large number of mailboxes and they break down roughly as follows: IPv4 mail: about 475 million reports of which 166 million were reported back as spam. IPv6 mail: about 9 million reports of which 145,000 were reported as spam. Conclusion: Not much mail travels over IPv6 and that which does is more likely to be ham than mail travelling over IPv4. On the other hand, IPv6 is bad news for some anti-spam technologies like RBLs. Even if the smallest RBL entry you make is a /64, there's such a vast pool of addresses available that once IPv6 is ubiquitous, spammers will be able to snowshoe much more effectively than over IPv4. Additionally, if your mail server tries to resolve the hostname of incoming SMTP clients (most do), attackers can blow your DNS server's cache by cycling through billions of IPv6 addresses from one machine; I believe we will need to rethink the strategy of always resolving host names when IPv6 is widespread. Regards, David.
