ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: Country numbers

2005-12-10 23:39:33
from [Walter Dnes] [Permanent Link] 
On Sat, Dec 10, 2005 at 02:08:48AM +0100, Frank Ellermann wrote

John Levine wrote:


By the way, what does any of this have to do with spam?


Some users try to block IPs "by country", a horrible idea
for various reasons.


  Hey, I resemble that remark.  From my main blocking filter (I'm a
customer of clss.net)...

###########################
PIREJECTTAIL 
ar,br,cl,cn,fr,gb,gt,hk,in,id,il,it,jp,kr,my,nl,ng,pl,ro,ru,su,sg,es,za,tw,uk 
Certain countries (pireject-tail) If yours was a legitimate email see 
http://www.waltdnes.org/bypass.html to bypass block.
SIREJECTTAIL 
ar,br,cl,cn,fr,gb,gt,hk,in,id,il,it,jp,kr,my,nl,ng,pl,ro,ru,su,sg,es,za,tw,uk 
Certain countries (sireject-tail) If yours was a legitimate email see 
http://www.waltdnes.org/bypass.html to bypass block.

[...deletia...]

# 0.32 = Argentina; 0.76 = Brazil; 0.152 = Chile 0.156 = China; 0.250 = France;
# 1.88 = Hong Kong; 1.100 = India; 1.104 = Indonesia; 1.120 = Isreal;
# 1.124 Italy; 1.136 = Japan; 1.154 = Korea, South; 1.202 = Malaysia;
# 2.16 = Netherlands; 2.54 = Nigeria; 2.104 = Poland; 2.131 = Russia;
# 2.190 = Singapore; 2.198 = South Africa; 2.212 = Spain; 0.158 = Taiwan;
# 3.58 = United Kingdom
REJECT zz.countries.nerd.dk A 
127.0.0.32,127.0.0.76,127.0.0.152,127.0.0.156,127.0.0.250,127.0.1.88,127.0.1.100,127.0.1.104,127.0.1.120,127.0.1.124,127.0.1.136,127.0.1.154,127.0.1.202,127.0.2.16,127.0.2.54,127.0.2.104,127.0.2.131,127.0.2.190,127.0.2.198,127.0.2.212,127.0.0.158,127.0.3.58
 %TXT% (zz.countries.nerd.dk) If yours was a legitimate email see 
http://www.waltdnes.org/bypass.html to bypass block.
###########################

  Those seem to be the main sources of spam (aside from the US, which I
can't really block) aimed at me.  YMMV.  For the US, I block 4/8, 12/8,
24/8, and use various heuristics.  I put the DNSbls last in the checking.
This...
  a) Allows whitelist entries to do their thing
  b) Allows heuristics to check for rejection first.  This, in turn,...
     - Reduces IP traffic for the ISP
     - Reduces load on the DNSbls

  The beautiful part about variable-return DNSbls is that they allow me
to filter umpteen countries *WITH JUST ONE DNS LOOKUP*.

-- 
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Re: A new (?) wrinkle on the spamming problem, gep2
Next by Date:  Re: [Asrg] draft-irtf-asrg-dnsbl-02.txt, Barry Shein
Previous by Thread:  [Asrg] Re: Country numbers, Frank Ellermann
Next by Thread:  [Asrg] Re: Country numbers, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]