1 / 8

The problem of email spam from IPv6

The problem of email spam from IPv6. Modern filters. The problem of scale. IP lists must be updated in (near) real time Max IPv4 addresses ~ 4 billion Max IPv6 addresses ~ 18 x 10 Even if everyone gets their own /64, max addresses = 18 x 10. 38. 18. The problem of scale (cont’d).

berget
Download Presentation

The problem of email spam from IPv6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The problem of email spam from IPv6

  2. Modern filters

  3. The problem of scale • IP lists must be updated in (near) real time • Max IPv4 addresses ~ 4 billion • Max IPv6 addresses ~ 18 x 10 • Even if everyone gets their own /64, max addresses = 18 x 10 38 18

  4. The problem of scale (cont’d) • What happens when we build a better spammer? • Every spam comes from a unique IP (or limited reuse) • 5 billion spamming IPs per day  Size of file = 190 GB (XBL+SBL+PBL = 138 MB) • This is too big!

  5. Too big to process • Geo-distributed systems must replicate across network quickly (large files take too long for real time effectiveness). • Processing the file takes a long time. • IP stats history tables (e.g., Microsoft maintains its own IP reputation tables) grows too big for so many unique IPs.

  6. Drop in effectiveness If spammers don’t reuse IP addresses, it makes IP blocklists useless

  7. Proposal (short term) – Allow Lists Allow List = “I sometimes send legitimate mail over IPv6.”You still perform content filtering. We already do this for big mailers like Hotmail, Gmail, etc. Either a central reputation service for IPv6, or build your own. Do not allow anyone to send you IPv6 email! Allow lists are way smaller and easier to maintain.

More Related