SPAM Level Status - And why not stop the peering with lame ISPs
Michael Loftis
mloftis at wgops.com
Fri Feb 10 20:47:38 UTC 2006
--On February 10, 2006 11:29:36 AM -0500 Todd Vierling <tv at duh.org> wrote:
>
> On Fri, 10 Feb 2006, Suresh Ramasubramanian wrote:
>
>> And then a few other well chosen blocklists (not the "block all traffic
>> from a country" variety at all)
>
> These days, a lot of smallish ISP's are blocking CNNIC and/or KRNIC space
> wholesale.
>
> As for CN, the truth of the matter is, the Golden Shield is a very
> internally oriented (not just xenophobic) filter. CN cares a whole bunch
> what the rest of the world does to its people. CN doesn't care nearly at
> all what its people do to the rest of the world. Quite the double
> standard.
>
> The social problem will not be fixed in the foreseeable future, so we have
> to settle for an imperfect technical solution -- for now. For some
> operations, the spew level is so high that blanket blocking CNNIC is the
> only reasonably maintainable option.
I'm not (yet) blanket blocking the entire IP space in those countries, but
I am blocking huge swaths at the mailserver. Not network wide though. It
won't be long before they collectively earn such large blocking at the
mailservers I control. On the larger of them we reject anywhere from 6-20k
attempts/day per inbound server. Almost all of them do exact numbers of
attempts (15, 20, and 50 are very common per ip number attempts).
I haven't looked into it any further but we haven't heard any customer
complaints.
More information about the NANOG
mailing list