[Greylist-users] Greylisting over IPv6
Scott Nelson
scott at spamwolf.com
Thu Jul 22 08:36:37 PDT 2004
At 02:23 PM 7/22/04 +0100, you wrote:
>Been thinking about IPv6, in as much as new projects should probably now
>be thinking about IPv6 from the word go.
>
>I have a greylisting system which works fine with IPv4. I use the top
>24 bits of the IP(v4) address as an approximation to the caller's
>network.
>
>This value is then used as the originating network address in the
>triple. This seems to work quite well.
>
>I was wondering how this might work with IPv6.
>
>I sniffed around a bit and found some documentation on IPv6.
>
>The conclusion I came to was that it might work to use the top 64 bits
>of the IPv6 address and use that to identify the caller's network.
>
>Does anybody here use IPv6?
>
>Can anybody here comment as to whether or not that might be a viable
>solution?
>
Right now, I think 64 bits is the "right" number.
If IPv6 is ever fully deployed, then the number might need to change.
It's possible to debate what that future number might be, but it
doesn't seem particularly productive to me, since there a real chance
that IPv6 won't ever be fully deployed.
Clearly, if there's a correct number of bits, it's somewhere between
1 and 128. In other words, I think you should reserve enough space
for a /128 in the database, but truncate to a /64 right now.
Scott Nelson <scott at spamwolf.com>
More information about the Greylist-users
mailing list