On Tue, Mar 26, 2013 at 6:43 PM, Jay Ashworth <j...@baylink.com> wrote:
> ----- Original Message ----- >> From: "Mark Andrews" <ma...@isc.org> > >> If you are with a ISP that does not practice BCP 38 are you willing >> to risk your neck that you won't be subject to a "aiding and abetting" >> charge? All of us here know that spoofing address like this is a >> criminal activity. We are all experts in the field and the courts >> apply higher standards to us than they do to Joe Blogs. We know >> machines get compromised. We know how to block spoofed traffic >> from compromised machines. > > Careful: source address spoofing, like using a name you don't have on your > driver license *is not inherently a crime*. *Fraudulent behaviour which > is advanced thereby* makes it an additional crime. > > SAS is sometimes necessary for testing. > An argument could be made that "...fraud is fraud, is fraud, is fraud..." and should vigorously discouraged. :-) - ferg -- "Fergie", a.k.a. Paul Ferguson fergdawgster(at)gmail.com
