|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How do you stop outgoing spam?
Paul Vixie wrote: Please be aware that this could have unintended consequences, and should be used in very constrained ways. In particular, there are any number of applications, including VPN applications that use port 80. I would recommend that only specified destinations get such treatment, if you apply it at all.per-destination host AND port egress rate shaping. if someone tries to send more than 1Kbit/sec to all port 80's, or more than 1Kbit/sec to any single IP address, then you can safely RED their overage. this violates the whole peer-to-peer model but there's no help for that in the short term. if some internet cafe has a CuCme camera setup then you can find a way to let that traffic off-net without rate shaping. this will be the exception. Eliot
|