North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: How do you stop outgoing spam?
Rafi Sadowsky wrote:
There is something called flow-based RED (FRED) but it consumes a whole lot of memory because you have to keep track of lots more state. I don't know about that code. At the least what you can do is use the rate-limit command and rate limit *all* outbound TCP/80 traffic (or for that matter all access-list captured traffic). Now, doing so will make any but the most trivial outbound TCP/80 absolutely painful, and will cause tail drop. See Cathy Wittbrodt's work in this space, which was presented at NANOG some time ago.Maybe I'm missing something obvious but do how you get rate-limiting per TCP *flow* with Cisco IOS ?
Note, I'm not saying you should *do* this. It may be going a bit too far for anti-spam.