spamhaus drop list
Chris Adams
cmadams at hiwaay.net
Mon Jun 15 21:18:54 UTC 2009
Once upon a time, Fred Baker <fred at cisco.com> said:
> On Jun 15, 2009, at 1:16 PM, Quinn Mahoney wrote:
> >Or use this script which null routes the traffic (I guess it's not a
> >big deal getting the syn packets, as long as the mail won't send
> >because of the null route)
>
> I you are using uRPF, the SYN packets won't get through either,
> because they came from an interface other than the null interface. Not
> so helpful interddomain, but it protects your customers from each
> other (as BCP 38 does in other cases).
Not true for JUNOS; "discard" routes are still in the forwarding table
and are treated as a valid destination when it comes to loose-mode uRPF.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG
mailing list