[68304] in North American Network Operators' Group
Re: Source address validation (was Re: UUNet Offer New Protection
daemon@ATHENA.MIT.EDU (Paul Vixie)
Mon Mar 8 01:38:03 2004
To: nanog@merit.edu
From: Paul Vixie <vixie@vix.com>
Date: 08 Mar 2004 06:35:16 +0000
In-Reply-To: <404C07F0.4010601@kdmd.net>
Errors-To: owner-nanog-outgoing@merit.edu
ken@kdmd.net (Ken Diliberto) writes:
> Where do you draw the line between large and not large? Does a
> university with a /16 count as large? We do both SAV and a version of
> uRPF. It makes our network run better, saves us money (reduces the
> amount of time we spend on support and makes troubled / distressed / evil
> / mean / nasty boxes easier to track down) and reduces backbone
> congestion making the network run better. Another benefit is it improves
> the world (betcha' were wondering if I'd squeeze all that in).
>
> We're now blocking all SMTP traffic leaving the campus from non-blessed
> sources (read mail servers). The first day doing this we had comments
> about less junk mail traffic. We block traffic we consider harmful that
> shouldn't leave the campus. We're trying to do our part.
>
> Any suggestions how we can do better?
yes. contact the nanog program committee so you can come to san francisco
and tell the rest of us how you did it -- both in the ones and zeros, and
in the dollars and cents.
--
Paul Vixie
