This sounds great in principle, but it breaks down in practice. From the article, 27% of ISPs still allow spoofing on their networks. This is mostly due to them being smaller, regional ISPs without the expertise or staff to figure out how to do this.
I hear you saying "just blackhole them until they figure it out," but it's not that easy. In many cases, the small regional ISP is the customer of a larger ISP, who is the customer of an even larger global ISP that you are connected to. You just see XXXgbps of traffic coming from your ISP, and have no idea which one (or more) of their customer's customer's are sending the traffic.
This would be like saying "just don't let the one guy that's going to pee in the pool swim." How do you know which of the 200 people in the pool actually peed?
Well you know the pee is coming from 1 of 3 (or maybe all 3) guys. You just threaten to kick them all out if they don't figure out which one is doing it.
This is a serious problem and it should be treated with serious consequences.
I hear you saying "just blackhole them until they figure it out," but it's not that easy. In many cases, the small regional ISP is the customer of a larger ISP, who is the customer of an even larger global ISP that you are connected to. You just see XXXgbps of traffic coming from your ISP, and have no idea which one (or more) of their customer's customer's are sending the traffic.
This would be like saying "just don't let the one guy that's going to pee in the pool swim." How do you know which of the 200 people in the pool actually peed?