[115261] in North American Network Operators' Group
Re: spamhaus drop list
daemon@ATHENA.MIT.EDU (Fred Baker)
Mon Jun 15 16:45:34 2009
From: Fred Baker <fred@cisco.com>
To: "Quinn Mahoney" <quinn@activehost.com>
In-Reply-To: <8685783A8C22C640AD1361E78659B7D76975FF@ahex02.activehost.local>
Date: Mon, 15 Jun 2009 13:44:41 -0700
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jun 15, 2009, at 1:16 PM, Quinn Mahoney wrote:
> Or use this script which null routes the traffic (I guess it's not a
> big deal getting the syn packets, as long as the mail won't send
> because of the null route)
I you are using uRPF, the SYN packets won't get through either,
because they came from an interface other than the null interface. Not
so helpful interddomain, but it protects your customers from each
other (as BCP 38 does in other cases).
