Not to sound like a commercial for Cisco, but their IDS stuff does rewrite ACL's based upon signatures. Bil Herd -----Original Message----- From: J.D. Falk [mailto:jdfalk@cybernothing.org] Sent: Thursday, March 25, 2004 4:30 PM To: nanog@merit.edu Subject: Re: Redirecting mail (Re: Throttling mail) On 03/25/04, Valdis.Kletnieks@vt.edu wrote:
On the other hand, it's probably more effective to find some way of making the Cisco gear block outbound 25 from abusive machines.
Inbound also. The spammers have been using triangular routing for a while. (They dial in someplace, get an IP, and use a broadband connection to send packets with a forged source address of that dialup IP.) -- J.D. Falk "be crazy dumbsaint of the mind" <jdfalk@cybernothing.org> -- Jack Kerouac