Home page logo

nanog logo nanog mailing list archives

Re: SPAM Level Status - And why not stop the peering with lame ISPs
From: Michael Loftis <mloftis () wgops com>
Date: Fri, 10 Feb 2006 13:47:38 -0700

--On February 10, 2006 11:29:36 AM -0500 Todd Vierling <tv () duh org> wrote:

On Fri, 10 Feb 2006, Suresh Ramasubramanian wrote:

And then a few other well chosen blocklists (not the "block all traffic
from a country" variety at all)

These days, a lot of smallish ISP's are blocking CNNIC and/or KRNIC space

As for CN, the truth of the matter is, the Golden Shield is a very
internally oriented (not just xenophobic) filter.  CN cares a whole bunch
what the rest of the world does to its people.  CN doesn't care nearly at
all what its people do to the rest of the world.  Quite the double

The social problem will not be fixed in the foreseeable future, so we have
to settle for an imperfect technical solution -- for now.  For some
operations, the spew level is so high that blanket blocking CNNIC is the
only reasonably maintainable option.

I'm not (yet) blanket blocking the entire IP space in those countries, but I am blocking huge swaths at the mailserver. Not network wide though. It won't be long before they collectively earn such large blocking at the mailservers I control. On the larger of them we reject anywhere from 6-20k attempts/day per inbound server. Almost all of them do exact numbers of attempts (15, 20, and 50 are very common per ip number attempts).

I haven't looked into it any further but we haven't heard any customer complaints.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]