Lately, we have been running into this problem more and more. One of our upstreams AT&T buys transit from Teleglobe. Teleglobe it seems subscribes to the maps.vix.com realtime blackhole list via BGP. Now, I am all for limiting SPAM and such, but its starting to be an operational headache having to deal with customers asking our support staff why they cannot get to a certain web site. The one that hit our support lines the most was 24.0.0.200 which was members.home.com. It can be a challenge explaining the simplest of issues to end users, let alone upstream transit providers using bgp to blackhole a host. The customer just wants to get to the granny's knitting guild! At least with SMTP blocking, one end gets a message stating "their mail is unwelcome, see .... for details", where as when an intermediary is dropping all data, the end user just gets a vague error. My questions is, if you were buying transit from an upstream, and that upstream decided to partake in some sort of content filtering, how would you feel ? Do you think its right for transit providers to do so ? Its one thing if I choose to use this facility, but I feel a little helpless if two ASs away from me uses it... i.e. upstream says, "this way to 24.0.0.0/12", but then drops data going to 24.0.0.200/32. I dont want to have to fill me router with a bunch of /32s so I can exit out UUnet to get around this. Yes, sure I want a proactive upstream to stop network abuse... particularly abuse issues, where I need their cooperation such as smurf attacks and such. But on issues, where I have all the necessary tools and choice to deal with said issue (in this case SPAM), I would prefer it be left up to me on how I deal with foreign SPAM sites. ---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada *