[Greylist-users] Greylisting over IPv6
Morris Maynard
morris at maynidea.com
Thu Jul 22 10:10:06 PDT 2004
ICANN announced today that it has upgraded all its root servers to
recognize IP6 addresses.
http://arstechnica.com/news/posts/20040721-4015.html
-----Original Message-----
From: greylist-users-bounces at lists.puremagic.com
[mailto:greylist-users-bounces at lists.puremagic.com] On Behalf Of Scott
Nelson
Sent: Thursday, July 22, 2004 11:37 AM
To: greylist-users at lists.puremagic.com
Subject: Re: [Greylist-users] Greylisting over IPv6
At 02:23 PM 7/22/04 +0100, you wrote:
>Been thinking about IPv6, in as much as new projects should probably
now
>be thinking about IPv6 from the word go.
>
>I have a greylisting system which works fine with IPv4. I use the top
>24 bits of the IP(v4) address as an approximation to the caller's
>network.
>
>This value is then used as the originating network address in the
>triple. This seems to work quite well.
>
>I was wondering how this might work with IPv6.
>
>I sniffed around a bit and found some documentation on IPv6.
>
>The conclusion I came to was that it might work to use the top 64 bits
>of the IPv6 address and use that to identify the caller's network.
>
>Does anybody here use IPv6?
>
>Can anybody here comment as to whether or not that might be a viable
>solution?
>
Right now, I think 64 bits is the "right" number.
If IPv6 is ever fully deployed, then the number might need to change.
It's possible to debate what that future number might be, but it
doesn't seem particularly productive to me, since there a real chance
that IPv6 won't ever be fully deployed.
Clearly, if there's a correct number of bits, it's somewhere between
1 and 128. In other words, I think you should reserve enough space
for a /128 in the database, but truncate to a /64 right now.
Scott Nelson <scott at spamwolf.com>
More information about the Greylist-users
mailing list