The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking spam from countries

Discussion in 'General Discussion' started by pubwvj, Mar 15, 2005.

  1. pubwvj

    pubwvj Active Member

    Joined:
    Mar 15, 2004
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    In the Mountains of Vermont
    I want to be able to easily block certain countries from:
    1) email - preferably at the SMTP connection level.
    and sometimes also:
    2) web access - HTTP, HTTPS, FTP, etc.

    I have done an IP block on a lot of IP's that I found as listed for China (from this forum) because we were getting huge graphic filled spams from China and we have no business with that country. Those spams were so huge they bypassed SA which doesn't look at anything bigger than about 250KB.

    There are some other countries that we never deal with but we get a lot of spam from. One of them I found sucking our web site. I would like to be able to block these. Is there a list of the IP addresses somewhere that correspond with each country?

    Is there an easier way?

    Ideally it would be great if there were a page in CPanel or WHM that listed all the countries and even gave a % spam seen from them and then the option for each of Allow all, Allow email/Block Web, Allow Web/Block email, Block All. Something like this:

    Country Spam% Allow -Web -Email BlockAll
    -------- ------- ----- ----- ------ --------
    Canada 10% [x] [ ] [ ] [ ]
    China 99% [ ] [ ] [ ] [x]
    Ireland 2% [x] [ ] [ ] [ ]
    Korea 74% [ ] [ ] [x] [x]
    Russia 92% [ ] [x] [ ] [ ]
    USA 50% [x] [ ] [ ] [ ]

    The Spam% could be calculated by looking at the incoming mail to some trap mailboxes and counting what percent of the mail from that country is spam. This is something CPanel could keep track of centrally and would not require very frequent updating. It would simply be a helpful guide for users of CPanel. Then if they have contacts in that country they would select Allow. If they wanted to block just email they would select -Email. If they wanted to block all they would select BlockAll. To block web access to their site from that country they would select -Web. [The above example is not designed to pick on any one country - it is simply my observation of spam I've seen... Real numbers will appear further away in the mirror.]

    Cheers,

    -Walter
    in Vermont on a very snowy day
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Add an RBL ACL using the lists from http://blackholes.us

    Code:
      deny message = Message rejected - $sender_fullhost is in an RBL, see $dnslist_text
              !hosts = +relay_hosts
              !authenticated = *
              dnslists = china.blackholes.us : korea.blackholes.us
    Pretty crude way to reduce spam, though.
     
  3. pubwvj

    pubwvj Active Member

    Joined:
    Mar 15, 2004
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    In the Mountains of Vermont
    Yes. But it has it's use. We were getting a _lot_ of spam from China that was coming through as huge messages (>250KB) and as a result SpamAssassin didn't run on them. Since we do _no_ business with China and have _no_ correspondants in China the simplest thing to do is block the entire country which we did by IP blocking. Since then we've not been having this particular pesky problem. It is a very effective solution.
     
Loading...

Share This Page