So in cases like this where the community appears to agree that there's
a consistently bad apple, what's preventing everyone from simply
nullrouting the netblocks in question and imposing the death penalty?
Sorry if this seems naive, but if no legitimate purpose is shown it
seems like the obvious thing to do. Maybe they could still *send*
packets, but nothing would ever get back to them.
So in cases like this where the community appears to agree that there's
a consistently bad apple, what's preventing everyone from simply
nullrouting the netblocks in question and imposing the death penalty?
Sorry if this seems naive, but if no legitimate purpose is shown it
seems like the obvious thing to do. Maybe they could still *send*
packets, but nothing would ever get back to them.
legitimacy is in the mind of the beholder of course.
Geez Hobbit, I *know* you've been around long enough to know better than that
We can't get a clear majority of providers to do BCP38, you expect them to
apply a null route? And then to know to *remove* it once the problem withers
up?
Dunno - but something did occur to me this morning on the drive into work:
Maybe there's another approach to this problem. Maybe, rather than having the antispam/virus vendors do non-real world lab tests we could get them all to donate some kit to whomever is the unlucky transit-provider du jour and see how well it works providing a nice clean feed and who's better at it?