On 12.02.2012 07:43, Dave Funk wrote:
On Sat, 11 Feb 2012, Jeff Chan wrote:
On Saturday, February 11, 2012, 3:17:25 PM, Dave Funk wrote:
Anybody have experience running rbldnsd (serving surbl zones) on
IPv6
addresses?
[snip..]
Hi Dave, SURBL has nameservers running on IPv6 addresses. If you'd
like
to provide DNS service over v6, I think we an add your servers to
the
delegations for that. SURBL does not currently blacklist IPv6
addresses, but it may in future. Cheers, Jeff C.
Jeff,
Thanks. I'm in the testing/deploying stage now. Probably
going live next week, will take you up on your offer then.
Just wanted to know if anybody else had tried this and what
landmines were out there.
Dave
--
Hi Jeff,
I feel somewhat guilty that this has been on my todo list for sometime
(number of years, back in 2004/5 when we did our initial testing and
deployment for v6 with BT Exact/6xs and friends here in the uk) as a
subject to bring up with You/SURBL, please drop me a line so we can add
a v6 assignment to our current mirror too.
Jeff,Dave,
Undoubtedly v6 addresses will need to enter the lists as time goes on,
there will most probably come a time in the future when spammers notice
that v6 filtering is thin-on-the-ground and attempt to take advantage of
that.
Dave,
in terms of "landmines", just generally applicable things for v6 - as
things currently stand there is a mix of native v6 and tunnelled v6, the
various tunnelling techniques bring their own set of MTU related issues
to the table, so if you filter careful attention needs to paid to ICMPv6
(particularly icmpv6-packet-to-big) for example. on the general v6 note
there are a number of rfc's on operational considerations and issues
relating to dns, smtp and a number of other protocols over v6 etc now.
:)
Kindest regards
Paul Freeman,
NOC4 Technologies Limited
+44(0)20 3422 4441 (Direct)
+44(0)20 3422 4455 (Fax)