On 20 Nov 2019, at 21:51, merr...@fn.de wrote: > We did get a lot of spam messages from Chinese providers. We speak not > Chinese, do you think if it is possible to reject all mails from China? > Thanks
This is what I do: In crontab for root: @reboot bash -c 'pfctl -t badguys -T add $(cat /usr/local/etc/cn.zone)’ (I also do this for ru.zone) This doesn’t necessarily block emails in Chinese, but not blocks a lot of spam from Chinese servers, though not as many as the Russia block does). I do see mails from people who have Chinese names or Chinese characters in their signatures, and I have no interest in blocking those. I vary rarely see Chinese spam any more. The reason I block at the firewall is that many attacks agains SSH or other ports come from IP addresses in these netblocks, and I see no legitimate connections from them. Other people’s server will, of course, have different experiences. I don’t see this as any different from blocking an ISP because they allow criminal activity from their network, it’s just at a wider scale. -- 'They say that whoever pays the piper calls the tune.' 'But, gentlemen,' said Mr Saveloy, 'whoever holds a knife to the piper's throat writes the symphony.' --Interesting Times
