Results 1 to 15 of 15
  1. #1
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Rant: blocking entire countries from e-mail

    Somebody in Korea is spoofing our domain and sending e-mail (so it looks like it is coming from our domain - even though it is a nonsense e-mail like 234klkjsdk@our-domain). I have done the IP lookup for the actual sender (reading the e-mail header, obviously) and have tried several times to contact the abuse@ e-mail for the offending ISP in Korea. The contact info listed for that ISP is fake and my e-mails get bounced back to me. Um, as an ugly American, is there some way I can block entire IP ranges (e.g. countries) from e-mail? I know this is a bit of an over-reaction, but this has been going on for over a year. Perhaps if enough of us block entire countries from e-mail, we might get better monitoring of spam? The horribly ironic thing is that recently I read that the US is the biggest sender of spam. Going back to my rant - the countries with the most spoofing of our domain are in order: Korea, Turkey, Poland. Anything I can do? At this point our domain has been on and off several spam lists as a sender of spam - which we are not, but the stupid lists don't consider spoofing of e-mail addresses.......... AAAAAAAaaaaaaaaaaaaaaa!!!!
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

  2. #2
    Platinum Lounger
    Join Date
    Feb 2002
    Location
    A Magic Forest in Deepest, Darkest Kent
    Posts
    5,681
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Rant: blocking entire countries from e-mail

    Hi Eric

    We have had a similar question in here just recently but the guy who asked was being an awfully decent English chap and just blocking one particular IP address...not a whole darn country <img src=/S/grin.gif border=0 alt=grin width=15 height=15>.. <img src=/S/whisper.gif border=0 alt=whisper width=29 height=17> I can say that about the Englishman 'cos I am one too <img src=/S/grin.gif border=0 alt=grin width=15 height=15>


    Yep, I feel for you but these spammers/ hoaxers/spoofers are clever little chaps and have a habit of not having a fixed IP address but the methods discussed recently is updating your site using the .htaccess file to block IP addresses.

    If you have the IP range you could put a block range in but it maybe a big job anyway have a look at <!post=Banning Ip address from website,613364>Banning Ip address from website<!/post> with the associated links in the thread, it's a start but wow a whole country <img src=/S/flee.gif border=0 alt=flee width=25 height=25>
    Jerry

  3. #3
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    Thanks - I am familiar with the .htaccess file, however that only prevents them from visiting the website - I believe they can still e-mail --TO-- the website, can't they? If not, then that is what I will do. My point is to get these IP ranges to tighten up how they run things -- I know it is probably a few people causing problems for the many, but still - having a fake or inactive email for the IP range contact ("for abuse contact") is either sloppy or devious... <img src=/S/burnup.gif border=0 alt=burnup width=31 height=31>
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

  4. #4
    Platinum Lounger
    Join Date
    Feb 2002
    Location
    A Magic Forest in Deepest, Darkest Kent
    Posts
    5,681
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Rant: blocking entire countries from e-mail

    Sorry Eric, I get your point, that will teach me to scan read too quickly.

    Personallay I think you are on to a hiding for nothing if you are going to try and do this yourself... I think the company will have to spend a little money and get some software to do this for them. My company is inundated with spoof/phish/spam etc on a daily basis. We use Mimesweeper as our preferred choice. You probably know that suspect mails get quarantined and each user on the domain gets a summary email of the quarantined mails daily or they can check ad hoc and educate the system to accept specific domain names.

    We use a big company name because they can go off and collect the bad list of dodgy IP addresses and we just update regularly. All known emails get automatically dumped and the system has a maintenance program to delete it...no response from domain tends to stop the messages after a while.....
    Jerry

  5. #5
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Rant: blocking entire countries from e-mail

    We have a rather nice spam-checker on our Exchange Server called Hexamail Guard, and I have no qualms at all about blocking .ru and .biz, since we would never ever get anything relevant from these domains. <img src=/S/whisper.gif border=0 alt=whisper width=29 height=17> <small>Now about .com...</small>

    It also uses the SpamHaus black-list of spammers...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  6. #6
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    When you say you want to "block entire IP ranges (e.g. countries) from e-mail" are you saying you want to block emails coming into your domain, or you want to stop them from sending emails in the first place? If the former, and you have your own mail server, that is where you would block it. If not, or the latter, I think you need to take it up with your ISP or a higher authority - I think it is beyond us mere mortals to (legally) prevent emails being sent from a remote IP address, however much in the wrong they may be.

    I'll move this thread to the Security Forum which I think may be slightly more appropriate - see <post:=603,091>post 603,091</post:> for a similar issue.

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Rant: blocking entire countries from e-mail

    I very much doubt you can identify the actual sender. At best you can trust the header information for the destination mail server and the immediately previous relay. Any skillful spammer will have forged everything else.

    In the old days, spam generally was delivered through unsecured email servers (open relays) which could be blocked by most ISPs. Unfortunately, with the spread of spam-bots into home, office, and university networks, there are now orders of magnitude more "mail servers" on the 'net. I still believe the long-run solution is a tax imposed on the telecom companies that operate the "backbone" of the network serving the United States. By imposing a simple charge per SMTP transaction traversing the net, we can gradually push the cost out to ISP subscribers (like mobile phone text message plans with the first so many free each month). I would like to reach the point that indiscriminate spamming is uneconomical, or at least no more economical than paper junk mail. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

    (Won't innocent victims of botnets lose out in this scenario? ISPs will need to provide customers with solutions to that problem, like local phone companies handle complaints about calls to "900" numbers: an ISP-level block on outbound SMTP transmissions other than to the ISP's own mail servers.)

  8. #8
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Rant: blocking entire countries from e-mail

    > an ISP-level block on outbound SMTP transmissions other than to the ISP's own mail servers

    Interestingly, my ISP has just implemented this. I received an email from them saying that they believe it is the only way to avoid getting black-listed themselves and if it causes me problems then I should raise a ticket with them.

    StuartR

  9. #9
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    John, I need to check into Hexamail Guard -- sounds like you are doing what we are talking about -- I hate to say it, but we get nothing useful from Korea, Russia, etc. Man, I never thought I would be the "protectionist" type, but this is just @#$!% me off. If Korea et al can't get their e-mail under control -- we'll just block them.
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

  10. #10
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    Of course I'm not talking about blocking the sending of e-mail -- I would like to put something in place that anything coming from a particular IP range is refused.
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

  11. #11
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Rant: blocking entire countries from e-mail

    Eric,

    Just to make sure: you can use a filter to ensure that your PC or server won't let through e-mails from a certain IP range. But this won't prevent someone in Korea from sending out e-mails to others spoofing your name/e-mail address as sender. As has already been pointed out, there is nothing you can do do against that directly.

  12. #12
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    I know, I know -- I guess I'm being a bit of a socialist (???) or such by thinking that if several organizations started blocking irresponsible IP ranges, at some point, those IP ranges would be irrelevant...
    .
    It really sucks that you can have somebody impersonating your organization -- and likewise tarnishing your name -- and there does not seem to be anything you can do about it. As I stated earlier, I have tried to contact the ISP of these IP ranges, but the contact info is bogus. That's what got me all (over-reacting, I know) annoyed...
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

  13. #13
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Rant: blocking entire countries from e-mail

    I sympathize! Last year, I sent out a mailing from my private e-mail address to universities all over the world, including some in Russia. A few days later, I got reports that I was spreading a virus. Turned out that someone in Russia was spoofing my e-mail address to send out e-mails with viruses <img src=/S/burnup.gif border=0 alt=burnup width=31 height=31>
    Fortunately, this stopped by itself after a few days (without action from me)

  14. #14
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Rant: blocking entire countries from e-mail

    Feel lucky at least you are NOT at the top of most peoples address book, it appears that the first enties get sent a lot of email but the others tend to be the ones sending the emails <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  15. #15
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Chicago, Illinois, USA
    Posts
    177
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rant: blocking entire countries from e-mail

    Agreed - and I love the quote in your signature - you made my day! <img src=/S/clapping.gif border=0 alt=clapping width=19 height=23>
    <font color=blue>Eric A. Spanitz</font color=blue>
    Quality, Project, Management * Training * Consulting
    http://www.spanitz.com * http://www.synergest.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •