Technology

[UPDATE 10.30.06] Due to improvements in technology, I don't really have a need to do this any longer. On the other hand, I'll leave this post up for posterity - a look back at just how bad things were getting. I still get a ton of background noise from these bums, but it's really just that anymore. No more email spam, no more referral spam (nor a referral block), and most importantly, no more database thrashing trying to keep up with the deluge. Good riddance!

It's hard to be happy about doing this, but at this point, I've reached a limit. I've heard the debate rage about which networks generate the most spam, and perhaps it's different for large organizations. I don't know. What I do know is that about 80% of the email and blog spam I've been getting is coming from APNIC address space. I also get a fair amount from the Carribean.

[More:]

These are advanced countries. Why do their network users make such willing and effective spam zombies? These are not questions that I have enough information to answer. I do know that by setting iptables to DROP on the following list, I get a massive reduction in spam.No, these aren't all APNIC spaces. Note: this is a huge swath of the internet. If you depend on your website for making money, and you get a lot of international traffic, consider wisely what you want to block.

81.176.0.0/15
60.191.38.0/24
58.240.0.0/15
195.131.0.0/16
221.0.0.0/8
59.0.0.0/8
210.0.0.0/7
220.0.0.0/8
85.206.224.0/21
81.213.128.0/17
222.0.0.0/8
216.76.0.0/14
212.248.0.0/17
205.188.0.0/16
200.0.0.0/8
195.93.0.0/17
159.148.0.0/16
81.8.0.0/17
218.0.0.0/8
219.0.0.0/8
202.0.0.0/7
61.0.0.0/8
165.228.0.0/15
80.68.240.0/20
194.67.0.0/18