This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Abuse: ipv6 and spam

Next message (by thread): [anti-abuse-wg] Abuse: ipv6 and spam

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

ox andre at ox.co.za
Thu Apr 13 14:10:38 CEST 2017

Hello Everyone,

I am currently drafting a document regarding accepting email on ipv6
and building our white list database  (it will eventually be either
six.ascams.com or  sixwhite.ascams.com)

Ref: https://tools.ietf.org/html/draft-tzink-ipv6mail-whitelist-01

The actual practical implementation is so simple and easy:, simply use
it in reverse of a blacklist, score all incoming ipv6 emails +1000 and
if listed on six.ascams.com -1000 (and if listed with
whitelist.example.com -1000 - etc etc)

Defining the actual processes for white listing itself, is not as easy as it may seem...

Black list: for example superblock.ascams.com:
First time de-listing (takes anywhere from 24 hours to 7 days)
Second time de-listing (takes anywhere from 7 days to 3 weeks)
Third time listing is a semi permanent block (discussed in public)
Fourth time listing is permanent, even if the ipv4 resource re-allocated

On White Lists, the process is not as clear or obvious as one may
think as firstly the address space has 2(128) addresses, sec issues
( https://tools.ietf.org/html/rfc5782) etc etc etc

But, notwithstanding that, the actual listing & de listing is also,
reasonably simple:

For example: the same process as blacklists, if multiple users file
complaints, the ipv6 entry is revoked, re-instated, etc etc and this is
where I am at now.

The actual listing entries, sure, we already have a few hundred
good/known ipv6 email servers, but how do admins go about adding
themselves to the white list?

Obviously it has to be free, open, fair and anyone has to be able to
add themselves.

But, it is the actual adding, bots, trust and other issues that is
still challenging. (and, yes, I have read BITAG (bitaq) etc as well as
all the other copious amounts of drivel, diatribe and POV out there)

One idea is for admins to go through manual verification process, for
which volunteers would be required, 

Another idea is that In the TXT answer, for white listing, the email
address of the ipv6 abuse@ is to be published and for the entire
database to be available (like the RIPE whois) - which has given rise
to an idea that all servers (people providing services / providers of
services as opposed to users of) - should have their own, separate
resource listing...

There are of course many other ideas as well, but the reason for my post is:
 
Do you have any value, comment or idea you could add to this?

thanks!

Andre

Next message (by thread): [anti-abuse-wg] Abuse: ipv6 and spam

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]