How to wish you hadn't forced ipv6 adoption (was "How to force rapid ipv6 adoption")
Rob McEwen
rob at invaluement.com
Fri Oct 2 03:33:51 UTC 2015
On 10/1/2015 11:18 PM, cortana5 at gmail.com wrote:
> Excuse my probable ignorance of such matters, but would it not then be
> preferred to create a whitelist of proven Email servers/ip's , and
> just drop the rest? Granted, one would have to create a process to
> vet anyone creating a new email server, but would that not be easier
> then trying to create and maintain new blacklists?
>
I have heard that mentioned before. Unfortunately, this wouldn't work:
(1) we already have extensive IPv4 whitelists, many of which are used by
prominent anti-spam blacklists (and ISPs) to prevent false positives.
However, if tomorrow, ALL IPv4 blacklists disappears, and all mail
servers only allowed in the traffic coming from the IPs listed on the
better IPv4 whitelists, then a massive percentage of VERY legit mail
would STILL be blocked. Therefore, if IPv4 whitelists can't keep up in
the IPv4 work, how are they going to do so in the IPv6 world?
(2) Then there is the chicken-N-egg problem. How do you get your mail
delivered if you are a new sender, but aren't on that list yet. How do
you prove your sending practices are valid if you can't get your first
e-mail delivered?
(3) Any solution to that "chicken-N-egg problem"... which tries to
provide some kind of verification of legit senders... is a hoop that the
spammers could jump through just as easily... and they will! (some of
them doing so convince that they are doing nothing wrong because they
were told that the list they bought isn't spam because the recipient
forgot to uncheck a button that said, "receive offers from third parties"!)
(4) and this idea oversimplifies the complexity of the spam problem. For
example, many of the better blacklists know just when it is appropriate
to blacklist that legit sender who sends 100 legit messages a day, but
had a compromised system that triggered 50 thousand spam to be sent out
that day... and the better blacklists are good about delisting that
sender soon after the problem is fixed. But in a whitelist-only world,
you're stuck receiving all that spam!
--
Rob McEwen
+1 478-475-9032
More information about the NANOG
mailing list