Since T265288 is done, WMCS is considered a customer.
But a customer that still have to advertise 172.16.0.0/21 to us.
Unfortunately we re-advertise customer prefixes to the world without any sanitizing, which means we're curently re-advertising 172.16.0.0/21.
Similarly to what we do in the border-out{4,6} firewall filter we need to at least discard prefix-list-filter special-ranges{4,6}.
Even though we could apply a big part of BGP_sanitize_in` I'd prefer to keep BGP_outfilter lightweight. And for example apply BGP_sanitize_in to our customer interfaces when able.