Petri Helenius writes on 12/4/2003 5:36 PM:
Yup. The model can be extended to "if no rDNS, and if spamtrap hits or other spammish behavior noted from more than X IPs per /24, then block the /24".And why would blocking the /24 be appropriate instead of matching the registry?
I would refer you to the huge number of netblocks out there that stay at /16 or larger size, with the upstream not SWIP'ing or otherwise delegating netblocks in APNIC (or wherever, such as an rwhois server) as they provision IPs.
srs -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
