IPv6 and Message Filtering

Articles about network security.

IPv4 address space has been depleted by far and more and more countries across the globe are willing to adopt or already in the process of adopting IPv6 as their next IP protocol.

But as the IPv6 addressing scheme is getting adopted there have been issues that have been surfacing left, right & center.

Companies that are willing to go for globally routable IP addresses, are being offered IPv6 addresses, but the fact remains that most of the current publicly available servers are still only reachable through IPv4 address scheme.

NAT would be required to sustain the Internet during that period and the NAT would be performed at multiple layers.

Large scale NAT (LSN) systems are being deployed by ISPs across the globe.

One of such issues that have surfaced is to do with the reputation filtering of email messages.

Most of the security systems across the globe use list of IPv4 addresses (public) to identify the spamming servers or hosts on the global scale.

More over the issue would become worse when more and more ISP start deploying LSN systems only to end up hurting the effectiveness of the IPv4 filtering systems specially for the security systems that use reputation filtering as their main email security system.

To better explain this let us take a scenario. A company's single public IPV4 address is being NATed to a large IPv6 pool of addresses.

Now if one of those IPv6 IP address is known to send SPAM messages to the entire world, the honeypots of the global black listing servers or the reputation system servers will end up classifying the IPv4 address behind the IPv6 address as being a dirty IP.

This will result into blocking of not only that particular IPv4 address but the entire IPv6 address space. This scenario is very grim as more and more security system across the globe are adopting the reputation based services and doing away with the old content filtering options.

The reason that security systems across the globe are using reputation based services is that this particular technology helps block the SPAM emails before they even enter the network and hence reduce the processing time and cost that are otherwise involved with content filtering solutions.

It is a fact that as the entire world is transitioning toward adopting IPv6 as the new technology for IP addressing, security companies involved in email security will have to definitely continue and enhance their content filtering solutions as the transition from IPv4 to IPv6 will definitely take the toll on reputation based filtering.

Content filtering solutions seem to be the way ahead in future with IPv6 addressing scheme approaching fast.