[6bone] RBLcheckd (was Re: Nothing is sacred...)
John Klos
john@sixgirls.org
Tue, 5 Aug 2003 16:03:43 -0400 (EDT)
Hello,
> I'm not sure I follow your question "How do we handle RBL's in a dual
> stack environment" .. the `table' of addresses to block gets loaded into
> pf on my machine, and it includes both IPv4 and IPv6 addresses. I simply
> 'rdr' (redirect) an IPv4 connection with a matching source address to
> spamd in the same way that I redirect an IPv6 connection with a matching
> source address.
But this does introduce a new problem. Just like the spammers that send to
backup MX even when the primary returns a permanent error, we'll still see
spammers which try to send to the IPv6 address(es) in the MX, then try the
IPv4 addresses (or the other way around). Because there's generally no way
to correlate IPv6 addresses with IPv4 addresses (6in4 excepted), dual
stacked spammers will need to be blocked twice.
Does anyone have an idea for this?
John Klos
Sixgirls Computing Labs