|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Barracuda Networks Spam Firewall
On 5/19/2004 6:19 PM, James Couzens wrote: > On Wed, 2004-05-19 at 15:28, Eric A. Hall wrote: > Going through the spam that I've got access to (and it is a substantial > amount allbeit not in the millions of spam per day) I can't seem to > associate the spam with chinese urls, and certainly not to the extent > that you indicate (90%). extract hostname from url, dig on hostname, whois on addr, and nine times out of ten the host is in a CN netblock. that's from the spam that gets into my mailbox. let me state AGAIN that what I really want is a plugin that allows for cidr match-lists so that I can also include the handful of non-enforcing hosters in Russia, New York, Florida, etc. One responder also suggested ASN matchlists but I'm not that mad. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
|