Here's a piece which uses the MIT ANA data to assert that the job is mostly done already.
Unless I'm very much mistaken, it appears that a large percentage of the failed BCP 38 spoofing tests listed in that data are actually due to customer side NAT routers dropping packets... which is of course egress filtering rather than ingress filtering, and thus doesn't actually apply to our questions. Am I interpreting that correctly? http://www.senki.org/everyone-should-be-deploying-bcp-38-wait-they-are/ (Oh, and bcp38.info is now the number 2 Ghit for "bcp38"; thanks to 5 new contributors for signing up to help so far this week.) Cheers, - jra -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
