Jump to content

IPv6 Routing Support


SpamCopAdmin

Recommended Posts

  • Replies 83
  • Created
  • Last Reply

Top Posters In This Topic

I just hit this one. My MXes all have IPv6 addresses, and the backup MX forwards to the primary over IPv6. So spam received via the backup will need header mangling in order to be reported, and spam received ‘directly’ may need header mangling. (Also, the primary does greylisting; yahoo.com retries a lot, but most just… go away.)

Personally, I'd consider the following substitutions to be fine even though the header text would be changed:

Localhost:

::1 → 127.0.0.1

IPv4 in IPv6 (example address):

::ffff:192.0.2.1 → 192.0.2.1

I don't see anything which can be done about other IPv6 addresses (except, possibly, link-local being handled much like RFC1918 addresses?); but once SpamCop start handling IPv6, this will be moot.

Link to comment
Share on other sites

<snip>

spam received via the backup will need header mangling in order to be reported, and spam received ‘directly’ may need header mangling. (Also, the primary does greylisting; yahoo.com retries a lot, but most just… go away.)

<snip>

...If you mean by SpamCop users: don't do that! For more information, please see SpamCop FAQ (links to which are available near the top left of all SpamCop Forum pages) items labeled "Material changes to spam," "Material changes to spam - Updated!" and "What if I break the rule(s)?"
Link to comment
Share on other sites

...See my earlier reply, above 82494[/snapback] and also Farelf's 83109[/snapback].

Saw those, but :-

"that would be an irresponsible thing to recommend "

so assumed it wasn't what we should be doing. ;)

Here is your TRACKING URL - it may be saved for future reference:

http://www.spamcop.net/sc?id=z5437789322z6...617bd951491ba0z

No source IP address found, cannot proceed.

Link to comment
Share on other sites

Saw those, but :-

"that would be an irresponsible thing to recommend "

so assumed it wasn't what we should be doing. ;)

<snip>

..Yes but I don't know what Steve (Farelf) meant by that -- hopefully he'll drop by soon to explain. All I can think of that he might have meant is:
  • Care must be taken to ensure you are manually reporting to the correct abuse address(es) for the correct source(s) of the spam.
  • Care must be taken to avoid sending a manual report to a spammer or someone friendly to the spammer or to spamming in general.

Link to comment
Share on other sites

... All I can think of that he might have meant is:
  • Care must be taken to ensure you are manually reporting to the correct abuse address(es) for the correct source(s) of the spam.
  • Care must be taken to avoid sending a manual report to a spammer or someone friendly to the spammer or to spamming in general.

Yes, those were the points - "manual" reports can be risky, particularly for the novice, whereas SpamCop reporting is not. Probably should have instead pointed to the excellent Rick's spam digest, particularly http://www.rickconner.net/spamweb/spamreporting.html which has all the information needed for manual reporting.
Link to comment
Share on other sites

Yes, those were the points - "manual" reports can be risky, particularly for the novice, whereas SpamCop reporting is not.

<snip>

...Ah, okay, thanks for clarifying, Steve. So would you agree that the risk can be reduced by using the SpamCop parser to the degree possible to determine where to send the reports, then canceling the parse? The only thing that I can see that might negate the value of such a strategy in this case is that the IPv6 addresses would have to be removed so that the parse will work and that might remove an important part of the internet headers for the parser, causing it to find the wrong abuse address(es)!
Link to comment
Share on other sites

...So would you agree that the risk can be reduced by using the SpamCop parser to the degree possible to determine where to send the reports, then canceling the parse? ...
Absolutely - mostly we seem to be seeing "internal" IPv6 network routing which can safely be discarded. Anything else, maybe not, but if the delivery to the reporter's network is clear then that is as much as the parser has been concerned with since the advent of mailhosting anyway.
Link to comment
Share on other sites

that might remove an important part of the internet headers for the parser, causing it to find the wrong abuse address(es)!

All gets a bit to complicated for me I'm afraid.

I can't be the only one getting these daily now. :-

Here is your TRACKING URL - it may be saved for future reference:

http://www.spamcop.net/sc?id=z5438237110z6...d592fc42b57cddz

No source IP address found, cannot proceed.

Link to comment
Share on other sites

All gets a bit to complicated for me I'm afraid.
...In that case, please just delete them. No one here (that has any sense) will think the less of you! :) <g>
I can't be the only one getting these daily now. :-

...Probably not but since nothing can be done about it right now it's a moot point how many people are experiencing it. :( <frown> But, possibly good news: see SpamCopAdmin Don D'Minion's post in SpamCop Forum article "/dev/null'ing report" last sentence. :) <g> OTOH, we've heard that, before. :( <frown>
Link to comment
Share on other sites

  • 2 weeks later...

I do not have much faith that CISCO is going to fix the IPv6 problem.

Not related to IPv6 but interesting [url=http://www.theinquirer.net/inquirer/news/2232532/cisco-hires-barclays-to-offload-linksys

Edited by hjp
Link to comment
Share on other sites

Removing IPv6 information from the headers so that SpamCop will process the spam is a material alteration, which is a HUGE TABOO with us.

Changing the SpamCop code so it will handle IPv6 headers is a big challenge. IPv6 support is the focus of the new release, which is due out in a couple of months.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

Link to comment
Share on other sites

  • 4 weeks later...

The next SpamCop version supports IPv6 parsing.

The release should be out within the next 30 days. No promises. It could easily be 60 days, or even 90 days, but we're hopeful that it will be sooner rather than later.

- Don D'Optimistic - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

.

It has been over 90 days. Could we please have another update on what could possibly be the delay?

Thank You

Link to comment
Share on other sites

It has been over 90 days.

<snip>

...Actually, it's only been just short of a month since the last update telling us that the new release is due "in a couple of months:"
<snip>

Changing the SpamCop code so it will handle IPv6 headers is a big challenge. IPv6 support is the focus of the new release, which is due out in a couple of months.

Link to comment
Share on other sites

  • 2 weeks later...

I do not have much faith that CISCO is going to fix the IPv6 problem.

Not related to IPv6 but interesting

Cisco to sell Linksys business to Belkin

[url=http://www.theinquirer.net/inquirer/news/2239064/cisco-to-sell-linksys-business-to-belkin'>http://www.theinquirer.net/inquirer/news/2...iness-to-belkin

When is CISCO going to sell or retire Spamcop?

They should do something if they cannot implement IPv6 in a reasonable time and to keep the users fully informed. Estimates of 30, 60 and even 90 days which are not kept is to the point of being funny.

Link to comment
Share on other sites

They should do something if they cannot implement IPv6 in a reasonable time and to keep the users fully informed. Estimates of 30, 60 and even 90 days which are not kept is to the point of being funny.

+1

my impression is that the more spammers discover that they can foil spamcop reporting by using IPv6 addresses, the more spamcop will become an excersise in futility... and i don't want to see that happen. <_<

Edited by salamandir
Link to comment
Share on other sites

Any progress with this please?

<snip>

...83830'[/snapback] Dec 17 + "a couple of months" = Feb 17. Nevertheless, it would be nice to have an update from SpamCop as to progress and whether the fix appears to be on target for a mid-February release.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...