On 02/13/2014 12:23 PM, James Small wrote:
Interested in what you’re using to send/receive SMTP over IPv6:
A) Using postfix from Venema
B) I run my own
I have been interested in the assertion that we cannot do SMTP on IPv6
because there are no reliable methods of doing spam prevention. So ever
since this message came through (and the discussion in the ensuing
thread) I've been taking a closer look at what's going on with my
system. I use a combination of the "typical" anti-spam measures; reject
invalid helo, greylisting, zen from spamhaus, and of course
spamassassin. Since I run my own server and I'm more concerned about
false positives I actually run the filters a little loose, which means I
get about 10 or so messages that slip by per day. Those are usually
caught by thunderbird. I also review the spam messages that get through
the network-based filters and are tagged by spamassassin.
I say all that to say this. Not counting all the messages that were
rejected before I saw them (which by definition are successfully spam
filtered whether they are IPv6 or IPv4) in the six days I've been
watching carefully there were a total of 3 spam messages that went from
the originating system to the MX host over IPv6. That's out of roughly
180 messages total. Of those 3, 2 of them were caught by spamassassin on
my server, so they were successfully filtered by my existing solution.
The other message would have been caught on my system if my system was
the direct destination. It was instead sent to an alias maintained by
someone else, which forwards to me. Because my filters are very loose
for that system, this message came through, although it was caught by
thunderbird.
My point is that all the hooha about "We can't do mail over IPv6 because
we can't do IP address reputation" seems to be nonsense. There are
plenty of ways to do spam filtering that don't involve keeping a log of
every single IP address that sends spam.
It's probably also worth pointing out that I actually get the
substantial majority of my e-mail over IPv6 nowadays, although the vast
majority of my e-mail is list traffic from technically oriented mailing
lists, so that traffic pattern fits.
I hope this information is useful.
Doug
