On Sat, 1 Mar 2003, Dave Laird wrote:
> iptables -A INPUT -s 209.82.110.17/16 -j DROP will work to drop *everything*
> from 209.82.110.x, regardless of the the fourth digits in the network
> address. Unless I've gotten it backwards again (it's past my bedtime) 24 only
> drops the 0 of your address, which might possibly be the gateway, depending
> upon how they have configured their system. 

So I would use /16 for a Class C network?

> I use the firewall to block undesirable IP's as needed, and it has proven,
> time and again, to substantially reduce my spam loads. Also, if you want more
> targets, go to http://www.iana.org/assignments/ipv4-address-space  and look
> up the IP blocks assigned to the primary sources of most pornographic spam.
> Then block them by country. You'd be surprised at how spam levels will drop. 

I am blocking now at the Sendmail level using access lists and I get the 
lists based on email that makes it past SpamAssassin, I read the headers 
and go block.  Most of my customers can deal with the printer ads, but it 
is the porn that bothers them most, especially when they have kids.

-Scott


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to