Re: IP ranges used in North America, Hawaii, and Alaska?

In article <1135022984.734741.90890@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, prg wrote:
>
> If you are trying to cut down on spam, try SpamAssassin.
> http://spamassassin.apache.org/

Filtering is nice for cleaning up the stragglers that
get past the source-IP block list checking.
But there's no reason for most places to accept email
from IP ranges owned by spam houses. I don't care
if it's Python Video or Hanaro.net. If they sent it,
I'm absolutely sure my users don't want it, and there's
no reason to give it further CPU time.
*Filtering* all that crap would cost a lot more.

> The list you have might be somewhat useful (for something) if
> _everyone_ conformed to its intent. The ones you are trying to keep
> out are the ones who don't.

The sbl-xbl.spamhaus.org list (for example) is more than
"somewhat" useful. I don't care if "_everyone_ conformed"
(whatever that means), just that it meets my organizations'
needs.


> Packets are routed by _destination_ and _not_by_source_ addresses.
> Spam will 99.9999999999% of the time have a bogus IP return address

I'm not sure what you're talking about there. The source IP
is, as far as I know, the most difficult thing for the spammer
to forge. (Well, he can forge it, but he's got to be able to
collect your responses to the forged addreses, or he can't send
spam that way.) He's got to do some kind of asymmetric routing
trick. Rumor has it Alan Ralsky was doing that for a while.
His crap would seem to come from a throwaway dialup account,
but there was way too much of it for that to be true.
That trick became useless when lists of dynamically-assigned
IP ranges became available in DNSBL form. It's no use
pretending to be a dial-up if everybody's blocking those.


> Your "solution" has been proposed and tried by countless numbers of
> those unknowledgeable in the ways of routing across the net.

Blocking by source-IP is one of the most important techniques
for keeping spam out. I doubt there are many networks with more
than a few thousand mailboxes that *don't* do it, at least a
little, if only to reduce the load on their filtering machines.


Cameron

.

Relevant Pages

  • Re: Non English Spam
    ... Subject: Non English Spam ... encoded in one of the above character sets, ... You know all too well that filtering based on "Received" header ... language specific lists - if their message is not simply ignored. ...
    (freebsd-questions)
  • Re: An Amazing Fact
    ... > filtering approach as well. ... difference between spam and not spam. ... All they have to do is send an RAV to any address that tries to send mail. ... and I use it for mailing lists. ...
    (comp.os.linux.misc)
  • Re: IP ranges used in North America, Hawaii, and Alaska?
    ... >> If you are trying to cut down on spam, ... > *Filtering* all that crap would cost a lot more. ... > That trick became useless when lists of dynamically-assigned ... The larger the network -- and presumably the more likely employees will ...
    (comp.os.linux.security)
  • Re: VGER does gradual SPF activation (FAQ matter)
    ... filtering indicates that there is no such thing as "obviously bad ... SPF as a part of a fully configured anti-spam system has some use. ... spam from determined spammers. ... higher for these "problem lists". ...
    (Linux-Kernel)
  • Re: Bystander shot by a spam filter.
    ... Here is _all_ of the lists that spam bnc supports. ... >> product) are mislead about the probably of filtering the wrong mail. ... or spambouncer is eating my ...
    (FreeBSD-Security)