Topic: 10DenyList recipe Aisa/Eurpe

[Richard Emory]

Below is a recipe that I am using to deny SMTP connections from Asia/Europe and others as I find them.  I believe that others could benifit from this list, but I would like someone experienced in this stuff to review the list before I post it in the general users forum.  This is to help eliminate/reduce SPAM.  If there are shortcuts, corrections or advice against posting there please reply to this forum.

Thanks
JREJR
>>>>>>>>>>cut>>>>>>>>>>
#
#Begin Aisa/Pacific Deny (APNIC) http://www.apnic.net/db/RIRs.html
#
deny:24.192/14:ALL:ALL
deny:169.208/12:ALL:ALL
deny:61/8:ALL:ALL
deny:202/7:ALL:ALL
deny:210/7:ALL:ALL
deny:218/8:ALL:ALL    
#
#End APNIC Deny
#

#
#Begin Europe Deny (RIPE) http://www.apnic.net/db/RIRs.html
#
deny:24.132/14:ALL:ALL
deny:62/8:ALL:ALL
deny:139.20/14:ALL:ALL
deny:139.24/14:ALL:ALL
deny:139.28/15:ALL:ALL
deny:141.0/10:ALL:ALL  
deny:141.64/12:ALL:ALL
deny:141.80/14:ALL:ALL
deny:141.84/15:ALL:ALL
deny:145.224/12:ALL:ALL
deny:145.240/13:ALL:ALL
deny:145.248/14:ALL:ALL
deny:145.252/15:ALL:ALL
deny:145.254/16:ALL:ALL
deny:149.202/15:ALL:ALL
deny:149.204/16:ALL:ALL
deny:149.206/15:ALL:ALL
deny:149.208/12:ALL:ALL
deny:149.224/12:ALL:ALL
deny:149.240/13:ALL:ALL
deny:149.248/14:ALL:ALL
deny:150.254/16:ALL:ALL
deny:151.13/16:ALL:ALL
deny:151.14/15:ALL:ALL
deny:151.16/12:ALL:ALL
deny:151.32/11:ALL:ALL
deny:151.64/12:ALL:ALL
deny:151.80/15:ALL:ALL
deny:151.3/16:ALL:ALL  
deny:151.4/15:ALL:ALL  
deny:151.82/16:ALL:ALL
deny:151.91/16:ALL:ALL
deny:151.92/15:ALL:ALL
deny:151.95/16:ALL:ALL
deny:160.216/14:ALL:ALL
deny:160.220/16:ALL:ALL
deny:160.44/14:ALL:ALL
deny:160.48/12:ALL:ALL
deny:163.156/14:ALL:ALL
deny:163.160/12:ALL:ALL
deny:164.0/11:ALL:ALL  
deny:164.32/13:ALL:ALL
deny:164.40/16:ALL:ALL
deny:164.128/12:ALL:ALL
deny:171.16/12:ALL:ALL
deny:171.32/15:ALL:ALL
deny:192.106.196/23:ALL:ALL
deny:192.162/16:ALL:ALL
deny:192.164/14:ALL:ALL
deny:192.71/16:ALL:ALL
deny:193/8:ALL:ALL
deny:194/8:ALL:ALL
deny:195/8:ALL:ALL
deny:198.17.117/24:ALL:ALL
deny:212/8:ALL:ALL
deny:213/8:ALL:ALL
deny:217/8:ALL:ALL    

#
#End RIPE Deny
#

#
#Begin Specific country Deny
#
deny:*.ko:ALL:ALL
deny:*.kr:ALL:ALL
deny:*.tw:ALL:ALL
deny:*.sg:ALL:ALL
deny:*.ru:ALL:ALL
deny:*.de:ALL:ALL
#
#End specific country deny
#
 
#
#Begin Specific Server Deny
#
deny:216.18.85.38:ALL:ALL
#
#End specific Server deny
#

#
#Begin Domain Deny
#
deny:*.naver.com:ALL:ALL
deny:*.ukey.net:ALL:ALL
deny:*.co.kr:ALL:ALL
deny:*.warrantygold.com:ALL:ALL
#
#End Domain Deny
#

[Luke Drumm]

How does this differ from the various 'dynamic black list's available?

Regards,
Luke

[Richard Emory]

I do not know.  If I understand how this works, this is written to deny connections from other mail servers.  Thereby reducing the bandwidth of downloading an e-mail and then trashing it.  You deny a connection from the mail server.  You only process e-mail thru junkfilter/procmail from possible good servers.  I also hope that it ties up the mail server waiting for a connection while NOT using my bandwidth.  One could only hope.

Most of this is conjucture on my part.  I would like an expert to step in here.

[Luke Drumm]

You might find some useful info over at the Realtime Blackhole list ( http://www.mail-abuse.org/rbl/ ) as they offer a service that you may be interested in.

Regards,
Luke

[Nathan Fowler]

Richard, this information was very helpful, I've been looking for ways to deny RIPE but was never able to find the assigned network numbers.  Thank you.