On 06.11.2011 17:54, Wietse Venema wrote:
Julien Vehent:
Also for this last query, it looks like 65% of the IPs cannot be
linked
to a country (XX = unknown). I'm not very familiar with the way
geo-ip
databases gather their data, is that normal numbers for zombies ?
This is not my experience.
A few times a year I do a one-time purchase from a high-quality
geopIP provider, to prepare nice spam-by-time-of-day and
pregreet-delay
charts by country for an upcoming Postfix presentation.
With these databases I seem to have no problems identifying
countries,
as long as I use a current database snapshot.
Indeed, I just tried with the GeoLiteCity from MaxMind
http://www.maxmind.com/app/geolitecity
And the results are much better.
5301 clients
=== Blocked IPs per country ===
United States 398
India 149
Russian Federation 128
Indonesia 88
Pakistan 83
Vietnam 75
China 56
....
I'm happy with that :)
Julien
