On 19/02/2014 14:29, Doug Barton wrote:
> On 02/18/2014 07:55 PM, SM wrote: > Hi Doug, At 17:52 18-02-2014, Doug Barton wrote: My point is that all the > hooha about "We can't do mail over IPv6 because we can't do IP address > reputation" seems to be nonsense. There are plenty of ways to do spam > filtering that don't involve keeping a log of every single IP address that > sends spam. People are used to blocking spam by IPv4 address. That makes it > difficult to explain that it is no longer the better way for IPv4 > connections, and nowadays for IPv6 connections. Sorry I wasn't clear, but my post was already long enough. I understand that blocking spam by IPv4 address hasn't been an effective solution by itself for many years now, and I understand that the vendors are crying foul because IPv6 makes their snake oil sales harder. My purpose was to offer some actual concrete numbers from a mail server that's hit relatively hard with spam, to demonstrate that the entire argument of "We can't filter spam on IPv6" is specious. :) Doug I've been blocking for sometime spam on IPv6 from some 64's, all by the way from china telecom. Blocking by IP, why would that not be the best way, blocking by domain name sure isn't. We block only by IP from whatever spam source is used (4, or 6), and rbldnsd handles ipv6 nicely (albeit in /64's - fair enough too, since most end users get that, typically), so your MTA's query would get a response from your DNSBL if it has an entry.
