Ken Leland put this into my mailbox:
sure thing Karl, but its a virtual requirement that zillions of nets are
ignoring, and getting 99.99 percent compliance will take serious time, if
it is even doable. Without very high compliance the smurfkids will have
readily available, low-bandwidth launch points that are the devil to
trace. We need interim solutions, and icmp-echo-reply filtering is
what we've got, *if* the backbones will continue to provide it.
I suspect the problem is that most nets were set up by consultants, and
the people working at these companies/schools/whatever were instructed
'not to touch the internet box'. The consultant, then, is either no longer
employed by the site or doesn't know about this (your average Novell CNE
probably doesn't subscribe to NANOG).
Perhaps if there were some sort of incentive; Ms. Hubbard and the InterNIC
could make even more money by imposing some sort of penalty for
noncompliance. They could even charge money for sites that don't read
(or have) postmaster@ e-mail, and perhaps charge penalties for domains
with out-of-date contact information, and make even more money.
(Sorry; I've got an enormous flame about ARIN bottled up just looking
for a venue; I promise I won't send it to NANOG.)
Seriously, though, if nobody comes up with an incentive so that it will
be harmful for sites NOT to implement these filters, folks can piss into
the wind all they like, and absolutely nothing will happen. Spoofing has
been a real problem for over a year now, and has shown no signs of going