DNS blacklists for IPv4 addresses are now nearly 15 years old, and DNSBL operators have
gathered a great deal of expertise running them.
Over the next decade or two mail will probably move to IPv6.
How will running IPv6 DNSBLs differ from IPv4?
There aren't any significant IPv6 DNSBLs yet since there isn't significant unwanted
IPv6 mail traffic yet (or significant wanted traffic, for that matter), but we can make
some extrapolations from the IPv4 experience.
Existing IPv4 DNSBLs tend to fall into three categories, exemplified by the Spamhaus
SBL, PBL, and XBL.
The PBL (Policy Block List) includes ranges of addresses that shouldn't be sending
mail directly, either because they're retail customers who are supposed to use
their providers' mail servers, or they're assigned to equipment that should send
no mail at all.
Each entry is a range of addresses.
List maintenance is manual; network managers can and often do add ranges of their
own addresses, and Spamhaus adds ranges that they've determined are appropriate.
In some cases, it's possible to de-list an individual address to poke a hole in
a PBL range and allow mail out.
The SBL is managed manually, and lists ranges of IP addresses that based on historical
evidence are likely to send predominantly or entirely spam.
Some SBL entries are single IP addresses, while others list entire networks that
are controlled by criminals.
The XBL lists individual IP addresses of hosts that have been observed
sending 'bot spam or other mechanical indications that they are likely to send
spam but no legitimate mail. Listings are added automatically, and are
removed automatically some time after the IP stops sending spam. It's usually
possible to remove an entry manually, although not an unlimited number of times.
How do these map into a world of IPv6 mail?
See more ...