Sunday, September 14, 2008

Take a bite out of Spam - Firewall spam ridden countries

On average, my personal email address which I have had for close to a decade received about 500-800 spam emails per day.   On top of that, my blog generated about 40-50 spam comments a day.

I joined the IP's of all of the spammers, with the subnetworks found in ARIN, RIPE, APNIC, etc, aggregated the countries and found the far majority of spam originates from China, Korea, and various former Soviet east european countries.

Being an American, I dont have any need for contact with mainland east asia and I decided to block all frequent spam origination sources at the firewall level.  I found a list on the internet a while back that was called the "SinoKorean" firewall script, which the url I got it from has since gone offline.  I have also added the various subnetworks that I receive the most spam from to that list from.

The spam traffic to both my email server and my blog has been reduced close to 60% as a consequence of blocking these IP's

My Linux Iptables firewall script to block frequent spammers is located here:

No comments:

Post a Comment