Unfortunately it is very common. Not only on IPIP tunnels but also on other connections we have (OpenVPN, IPsec tunnels, radio access points). Some weeks ago I mentioned it on the list, the sender claimed he would act on it, but it just continues. Unfortunately not many users understand iptables well enough to just block invalid traffic on their own gatewat and even fewer are actively monitoring their equipment so they would notice they are sending stuff like this and receiving "prohibited" replies all the time :-( I would recommend amprnet operators starting a network analyzer on your network (like wireshark) every time you have made a configuration change, added some equipment, or just have a few minutes of time to spend. It will teach you a lot and make the other operators happy. Rob