North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: How do you stop outgoing spam?
- From: Rafi Sadowsky
- Date: Mon Sep 09 20:36:24 2002
## On 2002-09-09 17:15 -0700 Eliot Lear typed:
EL> Paul Vixie wrote:
EL> > per-destination host AND port egress rate shaping. if someone tries to send
EL> > more than 1Kbit/sec to all port 80's, or more than 1Kbit/sec to any single
EL> > IP address, then you can safely RED their overage. this violates the whole
EL> > peer-to-peer model but there's no help for that in the short term. if some
EL> > internet cafe has a CuCme camera setup then you can find a way to let that
EL> > traffic off-net without rate shaping. this will be the exception.
EL> Please be aware that this could have unintended consequences, and should
EL> be used in very constrained ways. In particular, there are any number
EL> of applications, including VPN applications that use port 80. I would
EL> recommend that only specified destinations get such treatment, if you
EL> apply it at all.
Maybe I'm missing something obvious but do how you get rate-limiting per
TCP *flow* with Cisco IOS ?