-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Good evening,
On Saturday 01 March 2003 07:09 pm, Scott St. John wrote: > My question would be 1)Is that practical 2)Is the proper way to block an > entire network this: > > iptables -A INPUT -s 209.8.161.0/24 -j DROP > > I added this, however traffic from this network is still reaching my mail > server. I want to block EVERYTHING from that network as they are sending > porn mail to my clients. iptables -A INPUT -s 209.82.110.17/16 -j DROP will work to drop *everything* from 209.82.110.x, regardless of the the fourth digits in the network address. Unless I've gotten it backwards again (it's past my bedtime) 24 only drops the 0 of your address, which might possibly be the gateway, depending upon how they have configured their system. I use the firewall to block undesirable IP's as needed, and it has proven, time and again, to substantially reduce my spam loads. Also, if you want more targets, go to http://www.iana.org/assignments/ipv4-address-space and look up the IP blocks assigned to the primary sources of most pornographic spam. Then block them by country. You'd be surprised at how spam levels will drop. Dave - -- Dave Laird ([EMAIL PROTECTED]) The Used Kharma Lot / The Phoenix Project Web Page: http://www.kharma.net updated 01/20/2003 Usenet News server: news.kharma.net Musicians Calendar and Database access: http://www.kharma.net/calendar.html An automatic & random thought For the Minute: He asked me if I knew what time it was -- I said yes, but not right now. -- Steven Wright -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+Yaa4aE1ENZP1A28RAgtLAKCzyc9kduGt7GT7Uqczdh64w3KcRACgvwCS zgXZN1S9BSQzRNCT/f9d2ns= =CGbQ -----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
