Poll on SMTP over IPv6 Usage

Doug Barton dougb at dougbarton.us
Wed Feb 19 02:52:21 CET 2014 

On 02/13/2014 12:23 PM, James Small wrote:
> Interested in what you’re using to send/receive SMTP over IPv6:
>
> A) Using postfix from Venema
>
> B) I run my own

I have been interested in the assertion that we cannot do SMTP on IPv6 
because there are no reliable methods of doing spam prevention. So ever 
since this message came through (and the discussion in the ensuing 
thread) I've been taking a closer look at what's going on with my 
system. I use a combination of the "typical" anti-spam measures; reject 
invalid helo, greylisting, zen from spamhaus, and of course 
spamassassin. Since I run my own server and I'm more concerned about 
false positives I actually run the filters a little loose, which means I 
get about 10 or so messages that slip by per day. Those are usually 
caught by thunderbird. I also review the spam messages that get through 
the network-based filters and are tagged by spamassassin.

I say all that to say this. Not counting all the messages that were 
rejected before I saw them (which by definition are successfully spam 
filtered whether they are IPv6 or IPv4) in the six days I've been 
watching carefully there were a total of 3 spam messages that went from 
the originating system to the MX host over IPv6. That's out of roughly 
180 messages total. Of those 3, 2 of them were caught by spamassassin on 
my server, so they were successfully filtered by my existing solution. 
The other message would have been caught on my system if my system was 
the direct destination. It was instead sent to an alias maintained by 
someone else, which forwards to me. Because my filters are very loose 
for that system, this message came through, although it was caught by 
thunderbird.

My point is that all the hooha about "We can't do mail over IPv6 because 
we can't do IP address reputation" seems to be nonsense. There are 
plenty of ways to do spam filtering that don't involve keeping a log of 
every single IP address that sends spam.

It's probably also worth pointing out that I actually get the 
substantial majority of my e-mail over IPv6 nowadays, although the vast 
majority of my e-mail is list traffic from technically oriented mailing 
lists, so that traffic pattern fits.

I hope this information is useful.

Doug

More information about the ipv6-ops mailing list