If I were running an ISP I might be hesitant to
implement some of the
measures, simply due to support issues alone.
Perhaps. It might help to spin it as something other than an anti-spam
measure....
A good example
is sleep-before-banner. [...]
That, however, is a good idea. Might do that
myself.
Another suggestion which is remarkably effective in my experience is to
do an identd lookup, not for the usual reasons but rather because quite
a number of the zombie-army machines are running toy identds to satisfy
things like IRC servers, and they exhibit certain protocol errors. The
one that's most effective as an anti-spam measure is probably to demand
that the port numbers in the response match those in the query.
(Another common error is to claim a UNIX userid containing characters
that UNIX userids don't contain, but even now, over a decade after 1314
obsoleted 931, I still see a lot of otherwise legitimate hosts running
931-format daemons, claiming UNIX usernames that, from a 1314
perspective, contain whitespace.)
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse(a)rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B