On Tuesday 28 September 2004 17:17, Karsten M. Self wrote: > I've been working with ASN and CIDR data associated with spam > received via my ISP account. While the specific findings I've got > may be interesting, the methods are of more general use. > > Short answer: you can classify incoming mail using its IP into its > network of origin, with a DNS query. [snipped a lot of interesting stuff] may I ask you if you can provide a simple way of looking up the legal mailservers of those networks and put them on a whitelist? I surely only want to block dialup / DSL / Cable accounts of homeusers with bot infected Windoze machines, but allow regular users who use the companies' legal mailservers. If you would block / filter whole networks without those whitelist, you would block more legal users than you want. The top asian networks on your list are those providers with the vast majority of users here in Asia. I'm very aware of the fact that they don't give a shit about spammers. But batting off whole provider networks without letting the legal mailservers pass is IMHO not The Right Way (TM). And those providers' networks are huge, simply because they are the biggest providers in Asia. And they have multiple hundred legal mailservers scattered across the subnets. Just my 2 cents. Cheers Arne -- Arne Götje (高盛華) <20030910antispam@gmx.net> (Spam catcher. Address might change in future!) PGP/GnuPG key: 1024D/685D1E8C Fingerprint: 2056 F6B7 DEA8 B478 311F 1C34 6E9F D06E 685D 1E8C Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
Attachment:
pgpViOCd5wBbJ.pgp
Description: PGP signature