nanog mailing list archives
RE: Barracuda Networks Spam Firewall
From: Brian Battle <nanog () confluence com>
Date: Wed, 19 May 2004 20:14:47 -0400
Eric,
There's one rule that will wipe out ~90% of spam, but nobody seems to have written it yet. if URL IP addr is in China then score=100 support for a generic lookup list of cidr blocks would get another 9%
I agree that geographically classifying the URL's embedded in the spams would be pretty slick, using the china.blackholes.us and cn-kr.blackholes.us RBLs has been pretty effective at reducing our spamload, as a supplement to the standard lookup services. They do not descriminate between legit mails and spam mails from china. Everything from those IP blocks gets classified as spam. Luckily we don't ever get any client emails from those countries at this point and can use these filters without worrying about false-positives. (I think the doubleclick.blackholes.us is pretty funny too) There are others at: http://www.blackholes.us/ Is anyone else out there using these blackholes? I wonder how often they get updated. Brian Battle Confluence
Current thread:
- Re: Barracuda Networks Spam Firewall, (continued)
- Re: Barracuda Networks Spam Firewall Per Gregers Bilse (May 18)
- Re: Barracuda Networks Spam Firewall Todd Vierling (May 18)
- backscatter hosts Chris Edwards (May 18)
- Re: backscatter hosts Steven Champeon (May 18)
- Re: backscatter hosts Christopher X. Candreva (May 18)
- Re: backscatter hosts Steven Champeon (May 18)
- Re: backscatter hosts John Capo (May 19)
- Re: Barracuda Networks Spam Firewall Christopher X. Candreva (May 18)
- Re: Barracuda Networks Spam Firewall Christopher X. Candreva (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)