As promised, an anonymized summary: I asked:

* Does anyone actually do build filters without running their own complete database mirror, i.e. do they rely real time on a database working. If so, which one?

* Does anyone let this config their routers automatically? To peers customers, transits, or all three? Or do you rely on humans to reinstall the lists once autogenerated?

* If it's just a fact of life that occasionally this thing turns up duff data, and if people are in general doing automatic installation, what data validation heuristics are used?

A good few responses. 1. I was foolishly using version 4 which relies on RPSL servers which are not yet in production, rather than version 3 which uses RIPE-183. Currently all users who mentioned it use version 3 tools, and whois.ra.net as a serer, except one who uses RIPE and 'internal databases'. Noone mentioned running a mirror server. 2. Everybody claimed they sanity checked the output from peval, either manually, or automatically. Substantial changes in length were mentioned as indicators to 'pass to manual processing'. Some respondants also suggested that when automatically updating routers, substantial config-length changes were also detected, and caused a passing to manual processing. Some reasonable algorithmic detail was documented, which differed substantially between respondants. Amusingly there were also differences between two staff members of the same ISP. 3. In general, filtering was restricted to customers or customer-like entities. Some respondants suggested they used the same technology for small peers or ones they couldn't trust. 4. Noone suggested their techniques (including whatever level of human validation) were sufficiently fallible to cause increased chance of 'fact of life' breakages. Thanks to all who responded. -- Alex Bligh GX Networks (formerly Xara Networks)