IPv6 smtp spam
SM
sm at resistor.net
Mon Apr 28 02:12:07 CEST 2008
At 05:58 23-04-2008, Tim Chown wrote:
>Having now added IPv6 transport mails to our service graphs for a week,
>we're running at an average of 410 mails per day over IPv6, plus an
>average of 525 spams per day. So it's sticking around 1000 mails
>a day, and the spam rate is over 50%, but not at IPv4 ratios (yet).
That's a fairly high rate. I expect that it's mostly from mail
servers instead of compromised hosts.
>Well, we could record the sender IPs and run some tests I guess.
>The RIPE-NCC chaps used to have some tunnel detector code that they
>ran, which worked by looking at PMTUs:
You could use that through passive fingerprinting or else do a match
against a list of known prefixes used by tunnel brokers.
Regards,
-sm
More information about the ipv6-ops
mailing list