[AusNOG] qld transport contact
Heinz N
ausnog at equisoft.com.au
Thu Dec 13 14:52:26 EST 2012
> I've been looking into either blocking or allowing certain countries IP
> addresses on the router for the mail server to prevent these attacks from
> reaching the mail server to begin with. Everyone I have spoken to so far
> has said it could possibly be done, but they've never tried it.
>
> Anyone had any experience in doing this? If so, how'd it turn out?
I believe a while ago that a bunch of American ISPs denied all SMTP from
china because of the rampant spam. Apparently the chinese fixed the
problem and the block was lifted. Maybe they have gone back to their lax
ways.
It is hard to block if any of your clients do business with china. If
however, you can block, it is well worth it. I have a blocklist of 2300+
subnets (mainly /16) of countries that I (or my clients) will never deal
with. It works well but is a bit of a pain to maintain (I do it manually
currently). However, apart from the spam problem, it has cut out heaps of
other more insidious hacking attempts that seem to spew in from those
'bad' countries (port 3389, 22, 23 etc).
This goes against the idea of a free internet, but it certainly reduces
malicious stuff and makes one's network a much more peaceful place :-)
Having any ports open anywhere is now just so stressful... I remember the
the good old days of actually using telnet over the internet :-)
Regards,
Heinz N.
More information about the AusNOG
mailing list