[AusNOG] qld transport contact

Heinz N ausnog at equisoft.com.au
Thu Dec 13 14:52:26 EST 2012


> I've been looking into either blocking or allowing certain countries IP
> addresses on the router for the mail server to prevent these attacks from
> reaching the mail server to begin with.  Everyone I have spoken to so far
> has said it could possibly be done, but they've never tried it.
>
> Anyone had any experience in doing this?  If so, how'd it turn out?

I believe a while ago that a bunch of American ISPs denied all SMTP from 
china because of the rampant spam. Apparently the chinese fixed the 
problem and the block was lifted. Maybe they have gone back to their lax 
ways.

It is hard to block if any of your clients do business with china. If 
however, you can block, it is well worth it. I have a blocklist of 2300+ 
subnets (mainly /16) of countries that I (or my clients) will never deal 
with. It works well but is a bit of a pain to maintain (I do it manually 
currently). However, apart from the spam problem, it has cut out heaps of 
other more insidious hacking attempts that seem to spew in from those 
'bad' countries (port 3389, 22, 23 etc).

This goes against the idea of a free internet, but it certainly reduces 
malicious stuff and makes one's network a much more peaceful place :-) 
Having any ports open anywhere is now just so stressful... I remember the 
the good old days of actually using telnet over the internet :-)

Regards,
Heinz N.



More information about the AusNOG mailing list