Sign in to follow this  
Followers 0
SpamCopAdmin

IPv6 Routing Support

84 posts in this topic

I just hit this one. My MXes all have IPv6 addresses, and the backup MX forwards to the primary over IPv6. So spam received via the backup will need header mangling in order to be reported, and spam received ‘directly’ may need header mangling. (Also, the primary does greylisting; yahoo.com retries a lot, but most just… go away.)

Personally, I'd consider the following substitutions to be fine even though the header text would be changed:

Localhost:

::1 → 127.0.0.1

IPv4 in IPv6 (example address):

::ffff:192.0.2.1 → 192.0.2.1

I don't see anything which can be done about other IPv6 addresses (except, possibly, link-local being handled much like RFC1918 addresses?); but once SpamCop start handling IPv6, this will be moot.

Share this post


Link to post
Share on other sites
<snip>

spam received via the backup will need header mangling in order to be reported, and spam received ‘directly’ may need header mangling. (Also, the primary does greylisting; yahoo.com retries a lot, but most just… go away.)

<snip>

...If you mean by SpamCop users: don't do that! For more information, please see SpamCop FAQ (links to which are available near the top left of all SpamCop Forum pages) items labeled "Material changes to spam," "Material changes to spam - Updated!" and "What if I break the rule(s)?"

Share this post


Link to post
Share on other sites
<snip>

Can someone tell me what to do *without* breaking the rules please?

...See my earlier reply, above 82494[/snapback] and also Farelf's 83109[/snapback].

Share this post


Link to post
Share on other sites

...See my earlier reply, above 82494[/snapback] and also Farelf's 83109[/snapback].

Saw those, but :-

"that would be an irresponsible thing to recommend "

so assumed it wasn't what we should be doing. ;)

Here is your TRACKING URL - it may be saved for future reference:

http://www.spamcop.net/sc?id=z5437789322z6...617bd951491ba0z

No source IP address found, cannot proceed.

Share this post


Link to post
Share on other sites
Saw those, but :-

"that would be an irresponsible thing to recommend "

so assumed it wasn't what we should be doing. ;)

<snip>

..Yes but I don't know what Steve (Farelf) meant by that -- hopefully he'll drop by soon to explain. All I can think of that he might have meant is:
  • Care must be taken to ensure you are manually reporting to the correct abuse address(es) for the correct source(s) of the spam.
  • Care must be taken to avoid sending a manual report to a spammer or someone friendly to the spammer or to spamming in general.

Share this post


Link to post
Share on other sites
... All I can think of that he might have meant is:
  • Care must be taken to ensure you are manually reporting to the correct abuse address(es) for the correct source(s) of the spam.
  • Care must be taken to avoid sending a manual report to a spammer or someone friendly to the spammer or to spamming in general.

Yes, those were the points - "manual" reports can be risky, particularly for the novice, whereas SpamCop reporting is not. Probably should have instead pointed to the excellent Rick's spam digest, particularly http://www.rickconner.net/spamweb/spamreporting.html which has all the information needed for manual reporting.

Share this post


Link to post
Share on other sites
Yes, those were the points - "manual" reports can be risky, particularly for the novice, whereas SpamCop reporting is not.

<snip>

...Ah, okay, thanks for clarifying, Steve. So would you agree that the risk can be reduced by using the SpamCop parser to the degree possible to determine where to send the reports, then canceling the parse? The only thing that I can see that might negate the value of such a strategy in this case is that the IPv6 addresses would have to be removed so that the parse will work and that might remove an important part of the internet headers for the parser, causing it to find the wrong abuse address(es)!

Share this post


Link to post
Share on other sites
...So would you agree that the risk can be reduced by using the SpamCop parser to the degree possible to determine where to send the reports, then canceling the parse? ...
Absolutely - mostly we seem to be seeing "internal" IPv6 network routing which can safely be discarded. Anything else, maybe not, but if the delivery to the reporter's network is clear then that is as much as the parser has been concerned with since the advent of mailhosting anyway.

Share this post


Link to post
Share on other sites

that might remove an important part of the internet headers for the parser, causing it to find the wrong abuse address(es)!

All gets a bit to complicated for me I'm afraid.

I can't be the only one getting these daily now. :-

Here is your TRACKING URL - it may be saved for future reference:

http://www.spamcop.net/sc?id=z5438237110z6...d592fc42b57cddz

No source IP address found, cannot proceed.

Share this post


Link to post
Share on other sites
All gets a bit to complicated for me I'm afraid.
...In that case, please just delete them. No one here (that has any sense) will think the less of you! :) <g>
I can't be the only one getting these daily now. :-

...Probably not but since nothing can be done about it right now it's a moot point how many people are experiencing it. :( <frown> But, possibly good news: see SpamCopAdmin Don D'Minion's post in SpamCop Forum article "/dev/null'ing report" last sentence. :) <g> OTOH, we've heard that, before. :( <frown>

Share this post


Link to post
Share on other sites

I do not have much faith that CISCO is going to fix the IPv6 problem.

Not related to IPv6 but interesting [url=http://www.theinquirer.net/inquirer/news/2232532/cisco-hires-barclays-to-offload-linksys

Edited by hjp

Share this post


Link to post
Share on other sites

Removing IPv6 information from the headers so that SpamCop will process the spam is a material alteration, which is a HUGE TABOO with us.

Changing the SpamCop code so it will handle IPv6 headers is a big challenge. IPv6 support is the focus of the new release, which is due out in a couple of months.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

Share this post


Link to post
Share on other sites

The next SpamCop version supports IPv6 parsing.

The release should be out within the next 30 days. No promises. It could easily be 60 days, or even 90 days, but we're hopeful that it will be sooner rather than later.

- Don D'Optimistic - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

It has been over 90 days. Could we please have another update on what could possibly be the delay?

Thank You

Share this post


Link to post
Share on other sites
It has been over 90 days.

<snip>

...Actually, it's only been just short of a month since the last update telling us that the new release is due "in a couple of months:"
<snip>

Changing the SpamCop code so it will handle IPv6 headers is a big challenge. IPv6 support is the focus of the new release, which is due out in a couple of months.

Share this post


Link to post
Share on other sites

I do not have much faith that CISCO is going to fix the IPv6 problem.

Not related to IPv6 but interesting

Cisco to sell Linksys business to Belkin

[url=http://www.theinquirer.net/inquirer/news/2239064/cisco-to-sell-linksys-business-to-belkin'>http://www.theinquirer.net/inquirer/news/2...iness-to-belkin

When is CISCO going to sell or retire Spamcop?

They should do something if they cannot implement IPv6 in a reasonable time and to keep the users fully informed. Estimates of 30, 60 and even 90 days which are not kept is to the point of being funny.

Share this post


Link to post
Share on other sites
They should do something if they cannot implement IPv6 in a reasonable time and to keep the users fully informed. Estimates of 30, 60 and even 90 days which are not kept is to the point of being funny.

+1

my impression is that the more spammers discover that they can foil spamcop reporting by using IPv6 addresses, the more spamcop will become an excersise in futility... and i don't want to see that happen. <_<

Edited by salamandir

Share this post


Link to post
Share on other sites
Any progress with this please?

<snip>

...83830'[/snapback] Dec 17 + "a couple of months" = Feb 17. Nevertheless, it would be nice to have an update from SpamCop as to progress and whether the fix appears to be on target for a mid-February release.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0