Home / Blogs

Two Stage Filtering for IPv6 Electronic Mail

Don't miss a thing – sign up for CircleID Weekly Wrap newsletter delivered to your inbox once a week.
Paul Vixie

I'm a guest at the MAAWG conference in San Francisco this week and several people have now mentioned to me the problem and the opportunity of anti-spam e-mail filtering for IPv6. Tomorrow is World IPv6 Day but since a bunch of the pieces have clicked together in my head I'll post this a day early.

Default Allow or Default Deny?

There are more "bad" hosts sending unwanted e-mail than there are "good" hosts sending wanted e-mail, and if we had a clean slate (no installed base) then engineering economics would favour a "default deny" model whereby we'd maintain a list of "good" hosts and then reject traffic from everywhere else. This is because such a list would be smaller than a list of "bad" hosts and it would change less frequently. Of course we do not have a clean slate — by the time unwanted e-mail became a compelling problem the number of "good" e-mail senders was in the millions and there was no practical way to make a reliable list of them. As a result the e-mail reputation industry is based on a "default accept" model — any e-mail sender IP address who has no known reputation is presumed to be "good". That's statistically wrong of course but there's no way to change the assumption at this late date.

At least, there's no way to change it for IPv4. In IPv6 there are still only a smallish number of hosts who transmit e-mail and it is still practical to build a list of these. One of the reasons for that practicality is that there are no IPv6-only hosts yet. Every host who wants connectivity to "the Internet" is either IPv4-only or IPv6/IPv4 "dual stack". This means any omissions in a list of "good e-mail senders" for IPv6 would simply cause mail from the omitted hosts to use IPv4 fallback mode until the list of known e-mail senders could be made more complete. Thus it is practical at this moment to consider a "default deny" model for IPv6 e-mail where a host having no known reputation could be presumed to be "bad".

Guarding the Guardians

As the co-founder with Dave Rand of the first anti-spam company (MAPS) who created the first Internet e-mail reputation system (the RBL) I can tell you that being sued is a thrill best experienced vicariously. Anyone who deliberately causes someone else to lose money or to make less money can expect to hear from lawyers about it. Running a reputation service whose outcome is that some hosts and networks are considered "bad" is a touchy business. In particular, non-criminal enterprises engaging in non-criminal activity that looks a lot like unwanted e-mail have "standing" if someone deliberately prevents this activity. The appeal of a reputation system that only says good things seems obvious in that respect and yet the problem does not change — if someone wants to be "on the list" but the list's maintainer think they are a spammer then they can still at least try to sue the list's maintainer or the subscribers to that list. Therefore a list of good hosts would have to be extremely inclusive — anyone who wanted to be on it could be on it — just to limit the size of the legal budget for the list maintainer. That may sound useless but please read on.

Quite a bit of unwanted e-mail traffic is relayed through malware-infected computers ("bots") whose owners are have no malicious intent and have not given their permission to have their computers used as "spambots". A list of hosts whose owners wanted to be allowed to transmit e-mail would necessarily not include these spambots. Assuming that we can authenticate the requests to be added to the list, so that bot herders cannot ask for their victims to be allowed to send mail, we could change the shape of the spam distribution network using a "default deny" system. Authentication of that kind will soon be possible, since RPKI is working its way toward a globally deployed security framework for network operators.

Two Stage Filtering

It seems possible that some unwanted e-mail will also come from hosts and networks whose owners know exactly what they are sending, and who would therefore ask to have their hosts and networks added to a list of "good hosts". In my model these requests would be accepted and these hosts and networks would indeed be added, as long as the requests are authentic in that they have come from the actual owner of the hosts and networks in question. Therefore if all goes as expected then some of the e-mail coming from "known e-mail senders" will be unwanted. That's a necessary cost of a system that prohibits "spambot" transmissions without costing a zillion dollars a year in legal defense for whomever might publish a list of "good" hosts.

This is where the second stage filter comes in. Mail receivers who wish to reject e-mail from places they or their reputation providers think are likely to be sources of unwanted e-mail will still have to use a "default accept" list in which the hosts and networks on that list are considered "bad". This may not seem like an improvement over the current state of affairs which in IPv4 is that no such list is adequate and the senders of unwanted e-mail can always find unlisted places to send it from or relay it through. If so, appearances are deceiving. There's a huge improvement to be had, simply because there would never be a need to put something on the second stage "bad" list that was not also on the first stage "good" list. From an engineering economics perspective this is a giant win since the total size of the first stage "good" list will be infinitesimal compared to the size of the IPv6 address space.

Technical Minutiae

Internet Service Providers (ISPs) would in this two stage filtering still face a heavy load of outbound unwanted e-mail from their customers who are infected with malware and acting as "spambots" but that's not worse than the present day situation — this is a problem they already have to solve.


I hope the e-mail industry considers all of their options and the cost/benefit of each as they stare into the very large IPv6 address space and contemplate their future. The ideas we originated with the MAPS RBL may have taken as far as they ought to. Fresh thinking is called for.

By Paul Vixie, CEO, Farsight Security. More blog posts from Paul Vixie can also be read here.

Related topics: Email, IPv6



Hi. This idea looks very much like Dreas van Donselaar  –  Jun 08, 2011 8:33 AM PDT

Hi. This idea looks very much like the implementation at IPv6whitelist.eu (except that that's focused on just 1 country).

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Sponsored Topics

Promoted Posts

Now Is the Time for .eco

.eco launches globally at 16:00 UTC on April 25, 2017, when domains will be available on a first-come, first-serve basis. .eco is for businesses, non-profits and people committed to positive change for the planet. See list of registrars offering .eco more»

Boston Ivy Gets Competitive With Its TLDs, Offers Registrars New Wholesale Pricing

With a mission to make its top-level domains available to the broadest market possible, Boston Ivy has permanently reduced its registration, renewal and transfer prices for .Broker, .Forex, .Markets and .Trading. more»

Industry Updates – Sponsored Posts

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Port25 Announces Release of PowerMTA V4.5r5

New Case Study: Jobtome.com Replaces 30 Postfix Servers with a Single PowerMTA

An Update on Port25 and the Future of PowerMTA - One Year Later​

Encrypting Inbound and Outbound Email Connections with PowerMTA

V12 Group Sustains Customer Satisfaction by Deploying PowerMTA for Launchpad Platform

PowerMTA Now Offers Scheduled Delivery Control

DKIM for ESPs: The Struggle of Living Up to the Ideal

Reactivation Campaign: Shared vs. Dedicated IPs

To Where are Bounce Messages Sent?

An Open Source Perspective on Commercial MTAs

Five Essential PowerMTA Configuration Tips

What's New With Port25's PowerMTA v4.5

New Feature in PowerMTA v4.5: IP Based Rate Limiting

Case Study: Emergency Response Systems Rely on Timely Messaging Through PowerMTA

Port25 Announces Next Major Release of Its Email Delivery Solution, PowerMTA

Case Study: How PowerMTA Transparent Deliverability Metrics Paves Way for Email Service Provider

Case Study: MailChimp Achieves Efficient Execution and Reliability with PowerMTA

Case Study: Emma Swaps Its SMTP Infrastructure for PowerMTA to Handle Growing Mail Volume