Top Ten Tips to Make Attackers’ Lives Hell
Subject:   3. Filter Outbound ICMP Type 3 Messages
Date:   2004-04-19 10:03:36
From:   dave bruce
Don't do this. This is terrible advice. Denying all ICMP type 3 messages will result in you breaking path MTU discovery.

You must be more selective in your filtering than this. ICMP type 3 code 4 must be allowed to pass!

See the many references available on pMTUd and the fun that happens when you block all ICMP type 3 messages.