Mar 10, 2011

Will IPv6 render blacklisting obsolete?

We are all aware that IP addresses have almost run out. Security experts are debating the pros and cons, but the sad fact is the migration towards IPv6 is inevitable. Now it remains only to adapt as fast as we can and solve the problems that will arise as soon as it's humanly possible.

Among those problems that need a fast solution - or, at least, an interim solution that will help hold back most of the problem - is that of spam blocking.

Internet service providers usually use blacklisting as the key component of the e-mail filtering process to block domains that send out spam. The 4,294,967,296 (4.3 x 10⁹) addresses supported by the IPv4 standard are actually a small number when compared with the 4.3 x 10³⁸ (by the by, that's 340,282,366,920,938,000,000,000,000,000,000,000,000) addresses that the move to IPv6 will create.

Seeing those numbers in black and white, it is obvious that blacklisting will become an obsolete filtering technique. "As an example, the address space is so large that it would be easy for spammers to use a single IP address just once to send a single e-mail," says Stuart Paton, a senior solutions architect at Cloudmark.

And spam filtering is not the only defense activity that will be affected by the demise of blacklisting. The filtering and blocking of sources of denial of service attacks, click fraud and search engine manipulation also depends on it, The Register reports.

Most experts agree that the complete transition to IPv6 may take quite a while. Paton suggests to ISPs to make sure that at the beginning, the receipt of e-mails from IPv6 addresses is blocked except when it comes from their own customers. Symantec.cloud anti-spam expert Paul Wood says that is definitely a good idea for businesses as well. He advises accepting e-mails only from IPv6 trusted sources.

Wood also says that even if the last blocks of IPv4 address space have been handed out recently, "there are very few real mail servers in the world, so the starvation of IPv4 will not affect them much because there will for a very long time be a resale market in the IPv4 address space."

The IPv4 standard could, therefore, last for a few more years at least. In the meantime, let's hope that fresh ideas will bring the much needed solution for when the IPv6 standard becomes the dominant - or sole - one.

No comments:

Post a Comment