barton@gnaps.com ("Barton F Bruce") writes:
A twist we saw spammers using on dialup accounts in Miami could come to cyber cafes and could be ugly.
They were dialing in and then using the IP address to send spam out some other connection elsewhere where RPF wasn't in use. The return packets all came back on their dialup into us, but bypassed our filters that were then only on outbound packets.
this has been going on for some time. the example you gave of an OC3 used for outbound-only tcp streams is noncontrived and has been seen more than twice. it's been a year or so, so i'll renew my question. is anybody, anywhere, including as a term of their peering agreement things like "must have a responsive abuse@ mailbox and act credibly to prevent spammers from becoming or remaining customers" or "must filter both bgp advertisements and ip source addresses from all customers, and require them to do likewise"? and if not, why not, and how long do you think it's going to take before we use economic methods to solve this scourge? -- Paul Vixie