On Tue, Sep 23, 2003 at 02:31:22PM +0200, Josip Rodin wrote: > On Mon, Sep 22, 2003 at 07:34:58PM -0400, H. S. Teoh wrote: > > I've resorted to blocking port 25 to subnets from which these spams > > originate. Currently I have about 45 subnets (/24 and a few /16) on my > > blacklist, and so far 409 connections have been dropped. > > The sad thing about this is that there are parts of the Internet that aren't > subnet'ed properly. My mail server happens to be in the same /16 as about > two hundred entirely different locations, so whenever someone gets one of > those from whatever lamer in some shithole 900km away from me, my IPs get > blocked as well. Our NOC, collateral damage, and life in general for that > matter, suck. :) [snip]
Which is why I've mostly refrained from /16's unless there are a lot of different addresses therein that have been infected. Although I admit to having a /8 for 212.* since there is just an amazing variety of addresses in that block that flood me with Swen. Ah, that ipv6 would be widely adopted soon... T -- LINUX = Lousy Interface for Nefarious Unix Xenophobes.