Zitat von Daniel L'Hommedieu <dlhommed...@gmail.com>:
On Aug 23, 2009, at 8:08, Byung-Hee HWANG wrote:
At Sat, 22 Aug 2009 08:56:28 -0700,
Security Admin (NetSec) wrote:
[1 <text/plain; us-ascii (quoted-printable)>]
Could someone provide links to sites where IP addresses are
grouped by country? ASNs would work too but would prefer IP lists
that I could put in a file that my postfix mail gateway could
read. Obvious countries like China and Brazil I would like to
block wholesale. Thanks in advance!
[2 <text/html; us-ascii (quoted-printable)>]
Please don't do that. There are many open source committers in Asia
and Brasil. You need time to think about that seriously.
I block netblocks wholesale, if the netblock is outside the USA,
when I get a single spam from the netblock. I used to dig deeper
into APNIC or AFRINIC or BRNIC or LACNIC or RIPE (or... or ...) to
block only the offending ISP, but then I realized that I and the
people using my mail server have essentially no need to communicate
directly with anyone outside the USA. Also, I have found that
nearly 100% of my spam originates from APNIC and BRNIC netblocks.
After implementing this sort of filtering, I have watched my spam
load drop from 1,000+ spams a day to a few dozen, sometimes as low
as only 5 or so spams a day.
As to what I do, I use iptables to drop all packets from offending
networks. In addition to not being able to connect to my Postfix
server, they can't ping me or see my web server either.
If I ever need to communicate directly with someone outside the USA,
I'll open it back up, but so far all it has done has been to
essentially eliminate my spam.
It is funny that most of the "country blockers" seam to be in the USA
where most of the world wide spam is orginating too.
After all mail was invented for world wide communication and not to
speak with your neighbour.
But your server, your rules...
Andreas
