Why not use whois.arin.net and determine their IP ranges for example, if you
want to block videotron.ca get one of their IP addresses from a spam message
then do an arin lookup on it and you would get the following info:
Le Groupe Videotron Ltee VL-2BL (NET-24-200-0-0-1)
24.200.0.0 - 24.203.255.255
Videotron Ltee VL-B-BB-18C9F300 (NET-24-201-243-0-1)
24.201.243.0 - 24.201.243.255
add those IP subnets to your smtp access list
www.arin.net maintains the International IP allocations
http://www.arin.net/tools/index.html
Rick Davidson
National Systems Manager
North American Title Group
-
----- Original Message -----
From: "Spaminator " <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, April 28, 2004 2:29 PM
Subject: Re: [IMail Forum] ANNOUNCEMENT FROM IPSWITCH - Update on 8.11
> I wholeheartedly agree with this request!
>
> Specific to the url-domain-bl.txt file, I'd like to be able to filter out
domains like *hosting.com. I know it's dangerous to use wildcards, but it's
sometimes worth the risk. For example, I get tons of spam from
1001hosting.com, 2001hosting.com, 9001hosting.com, etc., and they're all
from different IPs that rotate daily and the emails themselves have nothing
consistent to filter on. It's horrible. Even adding whole IP ranges to the
SMTP ACL is ineffective. The only thing that would work well is by adding
that wildcard domain to the url-domain-bl.txt file, because that "pattern"
is the only consistent thing about this spam. I must have 30 variants of
this domain there now...
>
> Also, I'd love a weighted filter for mail sent from international TLD's
(determined by a reverse lookup so as to eliminate forged mail-froms). We
almost never get legitimate mail from non-US mail servers. I wish I could
break down the stats of the countries that send to us, but I don't have a
tool to do that (suggestions?).
>
> Brett
>
> ---------- Original Message ----------------------------------
> From: "Doug White" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Wed, 28 Apr 2004 10:42:53 -0500
>
> Feature request:
>
> Support for partial domain name in the access list.
>
> as an example, if I wanted to block all mail from Mexico, I would only
have to
> enter mx or dotmx in the access list. example"mx REJECT"
>
> In the Linux mail systems, entering the mx in the access table for Postfix
will
> block all domains ending with that string. Example
> 1.2.3.4.adsl.monstermail.universidad.mx
> With Sendmail, the DOT is required.
>
> another example would be "videotron.ca" which would then block all email
from
> any videotron origin, even though the domain string is much longer than
that.
>
> Did I express this clearly enough?
>
> Doug
>
>
> ======================================
> We can get rid of spam on your domain! , Anti-spam solutions
> http://www.clickdoug.com/mailfilter.cfm
> For hosting solutions http://www.clickdoug.com
> ======================================
>
>
> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
> List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
>
>
>
> To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
> List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
> Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
>
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
