On Mon, Mar 29, 2004 at 06:07:23PM -0500, John Leslie wrote:
IMHO, we need several sets:
- known-good IPs -- these are fully authenticated;
- believed trustworthy -- OK if a known-good is in the Receved headers;
- believed-bad IPs -- recommend discarding.
I think a fourth category may be needed: Unknown -- IPs that are untrusted,
but not necessarily bad.
Otherwise, we risk falling into the mindset that anything not explicitly
permitted is to be dropped.
--
Mark C. Langston Sr. Unix SysAdmin
mark(_at_)bitshift(_dot_)org
mark(_at_)seti(_dot_)org
Systems & Network Admin SETI Institute
http://bitshift.org http://www.seti.org