[lug] Blocking spam by blocking partial IP
Bill Thoen
bthoen at gisnet.com
Mon May 9 08:33:13 MDT 2005
I have been getting about 200 spams a day, and finally decided to simply
block the two worst offenders by putting their partial IP's in my
/etc/mail/access file like so:
218.1 REJECT
222 REJECT
This worked great. Last night's log showed lots and lots of messages
from these turkeys that got turned back at the door.
However, I'm a bit concerned about blocking everything from IPs that start
with 222. When I check with whois, I can't get any details on who is
assigned to any of the subnets under 222. I don't mind blockng anybody
from China or Korea, but I don't want to block Japanese or Australian
email.
Is there any way to discover any more details on the 222 IP other than
it's managed by APNIC?
- Bill Thoen
More information about the LUG
mailing list