[BC] IP address blocking
Craig Healy
craig.healy at hotmail.com
Sun May 11 18:04:53 CDT 2008
> Since most wanted traffic originates from dynamic IP's, and nearly all
> unwanted traffic originates from dynamic IP's, you can not in any
practical
> way, keep the baby should you choose to implement such a flawed idea
> in the first place.
What if you simply don't care about anything that comes from China? For
example, 210.xxx.xxx.xxx 211.xxx.xxx.xxx 219.xxx.xxx.xxx 220.xxx.xxx.xxx and
221.xxx.xxx.xxx all seem to be assigned to China. If I block those, why
would I care? Dynamic addresses still are included within assigned blocks.
All the more reason to block groups instead of individual addresses.
Right now at another place I block any incoming email to two domains from
those IP addresses, plus some other questionable ones. In the several years
I've done that, not once has there been a problem.
What would be good would be to set the router to do that instead of two
steps later on an email filter. And it would also block a good percentage
of hack attacks.
To be honest, this client would prefer to just whitelist US and probably
Canadian addresses, and some Europeans and Australians as well. Block the
rest of the world.
Why is it flawed to block a range of addresses from which most of the spam
and attacks originate? Seriously, if there is some plausible reason I'll
bring it to this client and try to convince them.
For what it's worth, the particular SMTP server I use at one location
requires all email addresses to be configured. If an address isn't found,
it refuses the mail. Approximately 98% of the incoming mail is blocked,
according to the logs. All spam.
Craig Healy
Providence, RI
More information about the Broadcast
mailing list