[NTLUG:Discuss] All non-US IP list?

. Daniel xdesign at hotmail.com
Tue Jul 3 14:06:00 CDT 2007 

You may be right in that I don't want to do it in greylisting.  I'll just 
put this away until my level of frustration bests my desire to not learn 
anything new. :)  Then I'll try to do it the enhdnsbl way.

Tell ya what though... I really hate spam... really hate it.


>You really don't want to do this in the greylist config.  You want to
>use the dnsbl lookups in sendmail.  Ideally you would want to say,
>reject anything that does not hit us.countries.nerd.dk (I couldn't
>figure out blackholes.us).  I don't use sendmail so I'm not sure if it
>that is feasible.
>
>The standard way would be to block each country individually.
>
>FEATURE(`enhdnsbl',`zz.countries.nerd.dk',`"554 Rejected "
>$&{client_addr} " found in Afghanistan"', , `127.0.0.4')dnl
>
>. Daniel wrote:
> > It didn't work for me the first time, but it worked when I did a page
> > reload.  I read on their page that they need a secondary DNS server... 
that
> > probably has something to do with it.
> >
> > Okay so now I just need to get these IPs imported into greylisting and 
so I
> > need to process the list somehow.  Now where did I put that Perl coding
> > expert?  I had him around here somewhere....
> >
> > In any case, the data I seek is here:
> >
> > http://www.blackholes.us/zones/countries/countries.rbl
> >
> > Now I just need a way to parse it... Perl is such a powerful 
language...
> > it's just so hard to look at!  *WAY* back in the day, I used to write C
> > code... actually 6809 assembler, BASIC of many flavors, Basic09 and C.
> > Never got into C++ or anything object oriented... that broke my mind.
> >
> >
> >
> >> Odd, I guess there was a glitch somewhere.  Its up here.
> >>
> >> Stuart Johnston wrote:
> >>> As I mentioned before, you can use a dnsbl like those from
> >>> http://countries.nerd.dk/ to block them at connection time.  This is
> > the
> >>> same idea as Ken's suggestion but blackholes.us doesn't seem to be
> >>> available.
> >>>
> >>> . Daniel wrote:
> >>>> This is something of a follow-up on the previous discussion of
> > blocking all
> >>>> chinese and korean IPs at the greylist filter.
> >>>>
> >>>> I have followed the advice of list members here suggesting that I 
use
> >>>> spamassassin and rank the values of emails from certain countries
> > higher.
> >>>> And that has certainly helped in one regard: The email is trapped 
and
> >>>> scanned on my MailScanner machine.  But let me tell you, while that 
is
> >>>> certainly effective, it's not enough.
> >>>>
> >>>> Recently, I have been seeing emails coming from more countries than 
I
> > can
> >>>> list in that particular set of rules.  Further, the sheer amount of
> > email
> >>>> coming in and being processed is simply killing my server.  (Yes, I
> > need a
> >>>> bigger server... maybe one day but not today.)  At some point, the 
box
> >>>> simply stops sending email on to my exchange server for reasons I 
have
> > been
> >>>> unable to detect.  The sendmail queue just says "sending" and 
nothing
> > is
> >>>> sent.  Rebooting the machine clears it up until the next time it 
gets
> >>>> congested like that.
> >>>>
> >>>> Previously someone wrote a little perl script for me to parse 
through
> > some
> >>>> IP addresses for china and korea in a way that is suitable for
> > relaydelay.
> >>>> Obviously, this will help but isn't going to fix the larger problem.
> > Where
> >>>> before the majority of such traffic was coming from those two areas,
> > now
> >>>> it's coming from all of Europe and South American countries.
> >>>>
> >>>> I've been googling for lists of non-US IP addresses and there is no
> >>>> shortage of discussion on the topic.  (A lot of people offering what 
a
> > bad
> >>>> idea it is and all that but without stating WHY it's a bad idea... 
not
> >>>> offering a scenario where it could be bad.)  In my case, this is a
> > business
> >>>> that does business exclusively in Texas and exclusively for schools.
> > There
> >>>> is absolutely no business reason for incoming mail from outside 
Texas,
> > let
> >>>> alone outside of the U.S.
> >>>>
> >>>> If only I could get a list of non-US IP addresses, I would be a
> > happier man.

_________________________________________________________________
7月7日、世界中のLIVE EARTHをネットで無料配信するのはMSNだけ! 
http://liveearth.jp.msn.com/

More information about the Discuss mailing list