Alpha test of MAE filtering capability

the paternalistic "just remove the temptation" approach is offensive
because it makes the starting assumption that the other people on the
net are out to rip you off. it also makes the assumption that you'd
rather they try and fail than that they try and get kicked out of an
IXP. it's true that third party BGP is often the wrong solution, but
it is sometimes the right solution, too.

pointing default at someone is not unlike sending spam, in that both
are theft of service. i know that in the case of spam we try where
possible to make it useless to inject spam, but that our strongest
weapon has always been and will always be cancelling accounts, UDP'ing
whole domain names, and blackholing network blocks. a bad person ought
not be presented with "if i do this it may not work" but rather "if i
do this i will be wiped off the face of the 'net."

port filtering makes all the wrong assumptions and solves none of the
underlying problems. it is, however, easier than doing the right thing.