[NTLUG:Discuss] All non-US IP list?
. Daniel
xdesign at hotmail.com
Tue Jul 3 14:06:00 CDT 2007
You may be right in that I don't want to do it in greylisting. I'll just
put this away until my level of frustration bests my desire to not learn
anything new. :) Then I'll try to do it the enhdnsbl way.
Tell ya what though... I really hate spam... really hate it.
>You really don't want to do this in the greylist config. You want to
>use the dnsbl lookups in sendmail. Ideally you would want to say,
>reject anything that does not hit us.countries.nerd.dk (I couldn't
>figure out blackholes.us). I don't use sendmail so I'm not sure if it
>that is feasible.
>
>The standard way would be to block each country individually.
>
>FEATURE(`enhdnsbl',`zz.countries.nerd.dk',`"554 Rejected "
>$&{client_addr} " found in Afghanistan"', , `127.0.0.4')dnl
>
>. Daniel wrote:
> > It didn't work for me the first time, but it worked when I did a page
> > reload. I read on their page that they need a secondary DNS server...
that
> > probably has something to do with it.
> >
> > Okay so now I just need to get these IPs imported into greylisting and
so I
> > need to process the list somehow. Now where did I put that Perl coding
> > expert? I had him around here somewhere....
> >
> > In any case, the data I seek is here:
> >
> > http://www.blackholes.us/zones/countries/countries.rbl
> >
> > Now I just need a way to parse it... Perl is such a powerful
language...
> > it's just so hard to look at! *WAY* back in the day, I used to write C
> > code... actually 6809 assembler, BASIC of many flavors, Basic09 and C.
> > Never got into C++ or anything object oriented... that broke my mind.
> >
> >
> >
> >> Odd, I guess there was a glitch somewhere. Its up here.
> >>
> >> Stuart Johnston wrote:
> >>> As I mentioned before, you can use a dnsbl like those from
> >>> http://countries.nerd.dk/ to block them at connection time. This is
> > the
> >>> same idea as Ken's suggestion but blackholes.us doesn't seem to be
> >>> available.
> >>>
> >>> . Daniel wrote:
> >>>> This is something of a follow-up on the previous discussion of
> > blocking all
> >>>> chinese and korean IPs at the greylist filter.
> >>>>
> >>>> I have followed the advice of list members here suggesting that I
use
> >>>> spamassassin and rank the values of emails from certain countries
> > higher.
> >>>> And that has certainly helped in one regard: The email is trapped
and
> >>>> scanned on my MailScanner machine. But let me tell you, while that
is
> >>>> certainly effective, it's not enough.
> >>>>
> >>>> Recently, I have been seeing emails coming from more countries than
I
> > can
> >>>> list in that particular set of rules. Further, the sheer amount of
> > email
> >>>> coming in and being processed is simply killing my server. (Yes, I
> > need a
> >>>> bigger server... maybe one day but not today.) At some point, the
box
> >>>> simply stops sending email on to my exchange server for reasons I
have
> > been
> >>>> unable to detect. The sendmail queue just says "sending" and
nothing
> > is
> >>>> sent. Rebooting the machine clears it up until the next time it
gets
> >>>> congested like that.
> >>>>
> >>>> Previously someone wrote a little perl script for me to parse
through
> > some
> >>>> IP addresses for china and korea in a way that is suitable for
> > relaydelay.
> >>>> Obviously, this will help but isn't going to fix the larger problem.
> > Where
> >>>> before the majority of such traffic was coming from those two areas,
> > now
> >>>> it's coming from all of Europe and South American countries.
> >>>>
> >>>> I've been googling for lists of non-US IP addresses and there is no
> >>>> shortage of discussion on the topic. (A lot of people offering what
a
> > bad
> >>>> idea it is and all that but without stating WHY it's a bad idea...
not
> >>>> offering a scenario where it could be bad.) In my case, this is a
> > business
> >>>> that does business exclusively in Texas and exclusively for schools.
> > There
> >>>> is absolutely no business reason for incoming mail from outside
Texas,
> > let
> >>>> alone outside of the U.S.
> >>>>
> >>>> If only I could get a list of non-US IP addresses, I would be a
> > happier man.
_________________________________________________________________
7月7日、世界中のLIVE EARTHをネットで無料配信するのはMSNだけ!
http://liveearth.jp.msn.com/
More information about the Discuss
mailing list