Tony Finch wrote: > On Mon, 10 Nov 2008, Keith Moore wrote: >> I suspect it will be very difficult to make IPv6 DNSxLs work anywhere >> nearly as well as IPv4 DNSxLs, because in IPv6 it is fairly easy to use >> a different address for every SMTP conversation. > > I expect that attack will make /48 or /64 listings common. This has the > obvious downside of an increased risk of one infected host spoiling email > connectivity for its immediate neighbours, even more than is already the > case for IPv4 DNSBLs. Perhaps ISPs and hosting providers can mitigate that > by enforcing address allocation policies. Or perhaps enterprise networks will be forced to outsource their mail submission to third parties with supposedly "trustworthy" addresses. Which IMHO would not be a desirable result. > In any case, DNSBLs should scale roughly according to the size of the > routing table, not the size of the address space. What does it mean for a DNSBL to "scale"? Keith _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf