From: /dev/rob0 (no email)
Date: Thu Sep 01 2005 - 00:59:30 EDT
On Tuesday 2005-August-30 13:38, Mark Nernberg wrote:
> On 8/30/05 2:25 PM, "Sheldon T. Hall" <> wrote:
> > Start with your firewall. Some parts of the 'net are notorious
> > sources of spam and other abuse; if you don't expect any valid mail
> > from them, just block 'em. This goes for countries, ISPs, domains,
> > whatever.
>
> I recommend everything in APNIC (especially: China, Korea, Taiwan,
> Hong Kong), everything in AFRNIC (Africa, everywhere), plus blocking
> France (who needs the French anyways?), and everywhere in South
> America. I also find that 95% of random port-scanning attacks come
> from China, Taiwan & Hong Kong, so simply denying ALL traffic from
> these places is a big help.
This is a bit of a pet peeve for me, and I've been around about it on
SPAM-L quite a bit.
Yes, it is true that many people and companies can safely bet that they
will never miss any mail from any particular country. However, if you
participate on global forums such as this, you *will* eventually lose
real mail with that strategy.
Is that a loss in the sense of missing something important? Who knows?
My choice is to remain open so I can find out. Most email I get from my
own country wouldn't be a real loss to miss out on, frankly.
My main objection to country-level blocking is the lack of efficacy.
There is no objective evidence to support the idea that blocking APNIC
et al will do much to reduce spam. There IS objective evidence that by
far the most spam in the world comes from the USA.
Targeted country-level blocking, aimed at countries with notable,
serious spam problems (I'm thinking .kr), might catch a few extra
spams, but not likely much that regular RBL's would have missed.
The problem as I see it is made much worse by people who don't
understand the spam issue but are implementing blocking features
anyway. (I don't consider Sheldon a member of that group, BTW.)
The dream, if you will, is for email to be a global communications
medium. Spam has spoilt that. I'd like to see more administrators
working to restore it. As many of us know, it is possible: if not to
eliminate spam altogether, at least to minimise its impact on the end
user. With HELO checks, RBL's (policyd-weight) and greylisting leading
the way, my users are no longer plagued by spam as they once were.
That's with no country blocking and conservative RBL choices. Most of
my sites do no significant content filtering. One uses Sophie and
another uses Trophie virus scanning. (They catch very little, quite
unworthy of their high cost.)
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
|
|
|