IPv6 and SPAM Filtering

Service providers worldwide have warned that the transition to IPv6 will prove to be a hurdle toward filtering SPAM.

As the IPv4 address space is nearing exhaustion, it was imperative to adopt the IPv6 addressing scheme to accommodate the ever-increasing number of online hosts.

With the adoption of IPv6, more and more hosts will be able to have a unique public Internet address.

But this brings about a distinct and unique issue: security service providers across the world use an IPv4 IP address as the differentiating factor between good and bad (SPAM-sending) IP addresses.

Blacklisting is the main technology behind SPAM-blocking, and with the introduction and adoption of IPv6, this scheme of SPAM filtering is in danger.

Stuart Paton, a senior solutions architect at Cloudmark, advises that the adoption of IPv6 will result in the inability of current e-mail security systems to handle such traffic and, hence, will soon become overloaded. And without new mechanisms and an implementation plan, there will be a real danger to these security systems.

Along with SPAM filtering solutions, many other security services use IPv4 as a means of identifying and blacklisting Denial of Service (DoS) attack sources, clickjacking frauds, etc.

The reason security service providers and ISPs are worried about this is that, in IPv6, each host on the Internet can have a unique IP address, and keeping track of such a base address space will be overwhelming.

The reason behind this is, because of such a large address space in IPv6, spammers can send a single SPAM through each IPv6 address, and this would not flag as a SPAM activity on the security service provider’s honeypots.

Cloudmark advises that there is a step-by-step method to get out of this situation. Initially, ISPs do not need to receive emails from an IPv6 host, except for their own customers that send such emails.

This approach would allow for easy migration and will offer some level of business continuity to companies and organizations that have already migrated to IPv6.

Paul Wood, formerly an anti-spam expert with Message Labs (now Symantec Cloud), confirms that security service providers across the globe are not leaving out the idea of applying tough controls on mail from IPv6 hosts and networks.

Paul believes that, until and unless necessary, ISPs shouldn’t accept e-mails unless they come from an established, trusted source.

Wood also believes that spammers would have a tougher arena to deal with as open-relay servers start to decrease, even though spam filtering would prove to be a nightmare with IPv6 being adopted worldwide. Though the address space is large, spammers would have the same issues that ISPs would face, and not having the technology that ISPs have would diminish returns for spammers.

Though companies around the world are deciding whether to adopt the IPv6 scheme or not, many experts believe that about 40 to 50% of the IPv4 address space is unused, and IPv4 address space is here to stay a lot longer than assumed.