<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body>
<p>On 19/02/2014 14:29, Doug Barton wrote:</p>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<pre>On 02/18/2014 07:55 PM, SM wrote:</pre>
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px">Hi Doug, At 17:52 18-02-2014, Doug Barton wrote:
<blockquote type="cite" style="padding-left:5px; border-left:#1010ff 2px solid; margin-left:5px">My point is that all the hooha about "We can't do mail over IPv6 because we can't do IP address reputation" seems to be nonsense. There are plenty of ways to do spam filtering that don't involve keeping a log of every single IP address that sends spam.</blockquote>
People are used to blocking spam by IPv4 address. That makes it difficult to explain that it is no longer the better way for IPv4 connections, and nowadays for IPv6 connections.</blockquote>
<pre>Sorry I wasn't clear, but my post was already long enough. I understand
that blocking spam by IPv4 address hasn't been an effective solution by
itself for many years now, and I understand that the vendors are crying
foul because IPv6 makes their snake oil sales harder.
My purpose was to offer some actual concrete numbers from a mail server
that's hit relatively hard with spam, to demonstrate that the entire
argument of "We can't filter spam on IPv6" is specious. :)
Doug
</pre>
</blockquote>
<p>I've been blocking for sometime spam on IPv6 from some 64's, all by the way from china telecom.</p>
<p>Blocking by IP, why would that not be the best way, blocking by domain name sure isn't.</p>
<p>We block only by IP from whatever spam source is used (4, or 6), and rbldnsd handles ipv6 nicely (albeit in /64's - fair enough too, since most end users get that, typically), so your MTA's query would get a response from your DNSBL if it has an entry.</p>
<p> </p>
</body></html>