nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Barracuda Networks Spam Firewall

From: "Eric A. Hall" <ehall () ehsco com>
Date: Wed, 19 May 2004 18:24:03 -0500


On 5/19/2004 6:19 PM, James Couzens wrote:


On Wed, 2004-05-19 at 15:28, Eric A. Hall wrote:



Going through the spam that I've got access to (and it is a substantial
amount allbeit not in the millions of spam per day) I can't seem to
associate the spam with chinese urls, and certainly not to the extent
that you indicate (90%).


extract hostname from url, dig on hostname, whois on addr, and nine times
out of ten the host is in a CN netblock. that's from the spam that gets
into my mailbox.

let me state AGAIN that what I really want is a plugin that allows for
cidr match-lists so that I can also include the handful of non-enforcing
hosters in Russia, New York, Florida, etc. One responder also suggested
ASN matchlists but I'm not that mad.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/
Previous By Date Next
Previous By Thread Next

Current thread: