[NTLUG:Discuss] Trying to block all China/KoreaIPs ingreylisting
. Daniel
xdesign at hotmail.com
Wed Jun 13 12:37:23 CDT 2007
I finally discovered RelayCountryPlugin and have made some attempt at
implementation. We'll see how it goes.
It's just a damned frustrating problem and it's easy to be tempted to use
extreme measures to block spam.
>If you do want to completely block these hosts, do you really want to do
>it in your greylist?
>
>You probably want to block them directly in sendmail with a dnsbl like:
>
>http://countries.nerd.dk/
>
>You can also do it in spamassassin:
>
>http://wiki.apache.org/spamassassin/RelayCountryPlugin
>
>If you REALLY want to do it in relaydelay, here is a perl script that
>will convert your list of ip ranges into octects (like relaydelay
>wants). You'll need Net::CIDR install though.
>
>#!/usr/bin/perl
>
>use Net::CIDR ':all';
>
>while (<>) {
> next if (/^#/);
> my ($s, $e) = split(/[\s-]+/);
> my @list;
> eval {@list = range2cidr("$s-$e")};
> print join("\n", cidr2octets(@list)), "\n" if @list;
>}
>
>
>You'd run it something like:
>./block.pl < sinokorea.txt > blacklist.txt
>
>Of course, I think this is all a really bad idea, but there you go.
>
>. Daniel wrote:
> > I would be happy if I could somehow specify which countries. I would
> > select China, Korea, Brazil, Russia and Romania for starters but I
wouldn't
> > likely stop there.
> >
> >> Are you trying to completely block all mail coming from certain
> >> countries or only selectively greylist them?
> >>
> >>
> >> . Daniel wrote:
> >>> I have the list from the following URL:
> >>>
> >>> http://www.okean.com/sinokorea.txt
> >>>
> >>> I can parse just the first field easily enough with:
> >>>
> >>> cat sinokorea.txt | awk '{ print $1 }'
> >>>
> >>> The greylist (relaydelay in this case) wants to see block ranges as
> >>> incomplete octets if that makes sense. For example, if I wanted to
> > block
> >>> 218.232.x.x, I would simply add a block to "218.232" It is my
> >>> understanding that it would take 218.232.0.0 literally and would only
> > block
> >>> that IP address (yes, I know it's not valid).
> >>>
> >>> I have tried adding " | sed /.0.0.0// " to the previous command line
> > but I
> >>> do not get the results I seek... it doesn't make sense. I'm guessing
> > that
> >>> expressions in sed for matching have some special meaning when a "."
> >>> character is used.
> >>>
> >>> And perhaps I am barking up the wrong tree entirely, but my end
purpose
> > is
> >>> to make entries in my relaydelay blacklist table to block out all of
> > china,
> >>> korea and ultimately any country outside of the US that I care to.
> > (The
> >>> business I work for has no business need to receive email from
outside
> > of
> >>> the state, let alone outside of the country... so it's presumed to be
> > spam
> >>> when it originates from outside of the USA.)
> >>>
> >>> Anyone know any special magic incantations to achieve this end? I
had
> >>> heard someone mention spamassassin rules that would elevate risk by
> > country
> >>> of origin, but I cannot find anything on the net to document this
yet...
> >
> > _________________________________________________________________
> > Office ストーリー連載開始。豪華プレゼントあり!
> > http://go.microsoft.com/?linkid=6696410
> >
> >
> > _______________________________________________
> > http://www.ntlug.org/mailman/listinfo/discuss
>
>_______________________________________________
>http://www.ntlug.org/mailman/listinfo/discuss
_________________________________________________________________
地球温暖化防止啓発に向けた世界規模コンサート「LIVE EARTH」のサイトがMSN内に
OPEN! http://liveearth.jp.msn.com/
More information about the Discuss
mailing list