SPAM Level Status - And why not stop the peering with lame ISPs

Michael Loftis mloftis at wgops.com
Fri Feb 10 20:47:38 UTC 2006



--On February 10, 2006 11:29:36 AM -0500 Todd Vierling <tv at duh.org> wrote:

>
> On Fri, 10 Feb 2006, Suresh Ramasubramanian wrote:
>
>> And then a few other well chosen blocklists (not the "block all traffic
>> from a country" variety at all)
>
> These days, a lot of smallish ISP's are blocking CNNIC and/or KRNIC space
> wholesale.
>
> As for CN, the truth of the matter is, the Golden Shield is a very
> internally oriented (not just xenophobic) filter.  CN cares a whole bunch
> what the rest of the world does to its people.  CN doesn't care nearly at
> all what its people do to the rest of the world.  Quite the double
> standard.
>
> The social problem will not be fixed in the foreseeable future, so we have
> to settle for an imperfect technical solution -- for now.  For some
> operations, the spew level is so high that blanket blocking CNNIC is the
> only reasonably maintainable option.

I'm not (yet) blanket blocking the entire IP space in those countries, but 
I am blocking huge swaths at the mailserver.  Not network wide though.  It 
won't be long before they collectively earn such large blocking at the 
mailservers I control.  On the larger of them we reject anywhere from 6-20k 
attempts/day per inbound server.  Almost all of them do exact numbers of 
attempts (15, 20, and 50 are very common per ip number attempts).

I haven't looked into it any further but we haven't heard any customer 
complaints.



More information about the NANOG mailing list