Re: Reject Chinese mail
On 21-11-19 6:42, Reto wrote: Apparently you also don't speak English properly. Do you want people to spam block the full .de domain because of that? Idiot -- With both feet on the ground you can't make any step forward
Re: Reject Chinese mail
On 26 Nov 2019, at 19:00, 황병희 wrote: >> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i >> think. >> >> I disagree. It often labels mailing list email as spam, [...] > > Personally i read public mailing lists' messages by Gmane. Ugh. Just about the only reason I still use email at ALL is to avoid *!#%&$ web-based garbage like gmane. -- Polexia: Let's deflower the kid.
Re: Reject Chinese mail
on 2019/11/27 10:00, 황병희 wrote: Personally i read public mailing lists' messages by Gmane. There is example screenshot [0]. So i have no problem about that. For customized spam policy, I found Tuffmail has a flexible interface. Regards.
Re: Reject Chinese mail
Hello Jeffrey again^^^ > How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i > think. > > I disagree. It often labels mailing list email as spam, [...] Personally i read public mailing lists' messages by Gmane. There is example screenshot [0]. So i have no problem about that. Sincerely, [0] https://gitlab.com/soyeomul/Gnus/blob/master/ss/IMG_20191127_104651_resized_20191127_104806025.jpg -- ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
Hello Jeffrey, > I don’t get the logic of this statement. [...] There are my several cousin brothers, friends over the world. So i can't block any regions. The word money is not money in the statement. Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
> I don't block based on country but I do add some weighting in Spamassassin > for [...] Absolutely i agree with you Dominic, thanks^^^ Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
On Sun, 24 Nov 2019 at 07:24, Jeffrey 'jf' Lim wrote: > On Sat, 23 Nov 2019 at 10:00, 황병희 wrote: > >> merr...@fn.de writes: >> >> > [...] do you think if it is possible to reject all mails from China? >> Thanks >> >> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i >> think. > > > I disagree. It often labels mailing list email as spam, even though I’ve > been subscribed to them for ages. And have a filter for labelling said > messages as well. > > > Plus don't block China. Blocking China is blocking money. >> >> Sincerely, > > > I don’t get the logic of this statement. Do you mean you get money for > every single email you get from China? > > I don't block based on country but I do add some weighting in Spamassassin for countries that I have found to be significant spam sources, and not sources of ham. However I also subtract weighting for mails from mailing lists. I agree that Gmail sometimes puts mailing list mails in spam. Mostly it gets it right, but not always. It's only human after all ;-)
Re: Reject Chinese mail
On Sat, 23 Nov 2019 at 10:00, 황병희 wrote: > merr...@fn.de writes: > > > [...] do you think if it is possible to reject all mails from China? > Thanks > > How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i > think. I disagree. It often labels mailing list email as spam, even though I’ve been subscribed to them for ages. And have a filter for labelling said messages as well. Plus don't block China. Blocking China is blocking money. > > Sincerely, I don’t get the logic of this statement. Do you mean you get money for every single email you get from China? > -- -- He who settles on the idea of the intelligent man as a static entity only shows himself to be a fool.
Re: Reject Chinese mail
> By the way, you can find ASIA NETBLOCK on the internet and block them all > easily. My Postfix is running on Google Compute Engine's Ubuntu 18.04. Actually i do not block anyone, any clients, any ip addresses. #+BEGIN_SRC sh soyeomul@bionic190316003:~$ cat ~/.forward soyeomul+...@gmail.com #+END_SRC All incoming spams go to Gmail's Spam folder so i have no stress with spam things. Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
On 20 Nov 2019, at 21:51, merr...@fn.de wrote: > We did get a lot of spam messages from Chinese providers. We speak not > Chinese, do you think if it is possible to reject all mails from China? > Thanks This is what I do: In crontab for root: @reboot bash -c 'pfctl -t badguys -T add $(cat /usr/local/etc/cn.zone)’ (I also do this for ru.zone) This doesn’t necessarily block emails in Chinese, but not blocks a lot of spam from Chinese servers, though not as many as the Russia block does). I do see mails from people who have Chinese names or Chinese characters in their signatures, and I have no interest in blocking those. I vary rarely see Chinese spam any more. The reason I block at the firewall is that many attacks agains SSH or other ports come from IP addresses in these netblocks, and I see no legitimate connections from them. Other people’s server will, of course, have different experiences. I don’t see this as any different from blocking an ISP because they allow criminal activity from their network, it’s just at a wider scale. -- 'They say that whoever pays the piper calls the tune.' 'But, gentlemen,' said Mr Saveloy, 'whoever holds a knife to the piper's throat writes the symphony.' --Interesting Times
Re: Reject Chinese mail
+1 E10. A colleague has dealt with them directly on technical/product and process issues and their business and product ethics when compared to ours, leave a lot to be desired. "blocking China is blocking money" => sell ones soul to the devil. On Sat, Nov 23, 2019 at 6:35 AM Rafael Azevedo wrote: > I've blocked the entire ASIA netblocks in my ASN. > We don't exchange any information with that part of the world, neither any > of our customers. > All we get from that part of the world is DDoS attacks, brute force > attacks and spam. > Sorry for those who don't agree with me, its ok, but I got tired of being > attacked and having this old type of thought "blocking China is blocking > money" or maybe "There are good people there as well". > Over 20 years working with internet and the only thing that came to me > from China is my Macbook. > Good people always end up paying for the bad ones. That's how world works. > By the way, you can find ASIA NETBLOCK on the internet and block them all > easily. > Good luck. > BR, > > Em sex., 22 de nov. de 2019 às 23:00, 황병희 escreveu: > >> merr...@fn.de writes: >> >> > [...] do you think if it is possible to reject all mails from China? >> Thanks >> >> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i >> think. Plus don't block China. Blocking China is blocking money. >> >> Sincerely, >> >> -- >> ^고맙습니다 _地平天成_ 감사합니다_^))// >> >
Re: Reject Chinese mail
Hello, There is a DNSBL maintained by bit.nl that allows you to block countries with relative ease. URL: https://noc.bit.nl/dnsbl/ascc/ IE: cn.ascc.dnsbl.bit.nl This zone contains data regarding the ISO3166 countrycode and BGP Autonomous System for any given IPv4 or IPv6 address. Every wednesday, RIR allocation statistics are downloaded for the RIPThis zone contains data regarding the ISO3166 countrycode and BGP Autonomous System for any given IPv4 or IPv6 address. Every wednesday, RIR allocation statistics are downloaded for the RIPE, ARIN, APNIC, LACNIC and AFRINIC regions and this data is combined with a route-dump of the default free zone, as seen from AS12859.E, ARIN, APNIC, LACNIC and AFRINIC regions and this data is combined with a route-dump of the default free zone, as seen from AS12859. Thanks, Matthew On 11/20/2019 10:51 PM, merr...@fn.de wrote: We did get a lot of spam messages from Chinese providers. We speak not Chinese, do you think if it is possible to reject all mails from China? Thanks
Re: Reject Chinese mail
Or maybe block them by ESP? I saw there is a Perl module listing those big providers in China. https://metacpan.org/pod/Data::ChineseESP regards On Sat, Nov 23, 2019, at 7:33 PM, Rafael Azevedo wrote: > I've blocked the entire ASIA netblocks in my ASN. > We don't exchange any information with that part of the world, neither any of > our customers. > All we get from that part of the world is DDoS attacks, brute force attacks > and spam. > Sorry for those who don't agree with me, its ok, but I got tired of being > attacked and having this old type of thought "blocking China is blocking > money" or maybe "There are good people there as well". > Over 20 years working with internet and the only thing that came to me from > China is my Macbook. > Good people always end up paying for the bad ones. That's how world works. > By the way, you can find ASIA NETBLOCK on the internet and block them all > easily. > Good luck. > BR, > > Em sex., 22 de nov. de 2019 às 23:00, 황병희 escreveu: >> merr...@fn.de writes: >> >> > [...] do you think if it is possible to reject all mails from China? >> Thanks >> >> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i >> think. Plus don't block China. Blocking China is blocking money. >> >> Sincerely, >> >> -- >> ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
I've blocked the entire ASIA netblocks in my ASN. We don't exchange any information with that part of the world, neither any of our customers. All we get from that part of the world is DDoS attacks, brute force attacks and spam. Sorry for those who don't agree with me, its ok, but I got tired of being attacked and having this old type of thought "blocking China is blocking money" or maybe "There are good people there as well". Over 20 years working with internet and the only thing that came to me from China is my Macbook. Good people always end up paying for the bad ones. That's how world works. By the way, you can find ASIA NETBLOCK on the internet and block them all easily. Good luck. BR, Em sex., 22 de nov. de 2019 às 23:00, 황병희 escreveu: > merr...@fn.de writes: > > > [...] do you think if it is possible to reject all mails from China? > Thanks > > How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i > think. Plus don't block China. Blocking China is blocking money. > > Sincerely, > > -- > ^고맙습니다 _地平天成_ 감사합니다_^))// >
Re: Reject Chinese mail
I totally agreed with you @Rafa. btw, is there any good reputation, strict standard email hosting for suggestions? I currently use fastmail, it is good for personal usage, but I heard some privacy problems for commercial use. thanks. On Sat, Nov 23, 2019, at 6:35 PM, Jaroslaw Rafa wrote: > Dnia 23.11.2019 o godz. 10:59:24 황병희 pisze: > > > > How about moving to Gmail(Google Apps)? > > If someone is running their own mail server, do not ask them to move to > Gmail. That's what the big players like Google want - that everyone uses > their service and there are no more small, independent servers on the > Internet. We should defend the de-centralized Internet, not help big players > to make it more centralized. > -- > Regards, > Jaroslaw Rafa > r...@rafa.eu.org > -- > "In a million years, when kids go to school, they're gonna know: once there > was a Hushpuppy, and she lived with her daddy in the Bathtub." >
Re: Reject Chinese mail
Dnia 23.11.2019 o godz. 10:59:24 황병희 pisze: > > How about moving to Gmail(Google Apps)? If someone is running their own mail server, do not ask them to move to Gmail. That's what the big players like Google want - that everyone uses their service and there are no more small, independent servers on the Internet. We should defend the de-centralized Internet, not help big players to make it more centralized. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: Reject Chinese mail
merr...@fn.de writes: > [...] do you think if it is possible to reject all mails from China? Thanks How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i think. Plus don't block China. Blocking China is blocking money. Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))//
Re: Reject Chinese mail
SA (Spamassassin) is good idea, I saw most people running their own mail servers are using it. On Sat, Nov 23, 2019, at 4:35 AM, Ralph Seichter wrote: > * merr...@fn.de: > > > We did get a lot of spam messages from Chinese providers. We speak not > > Chinese, do you think if it is possible to reject all mails from > > China? > > SpamAssassin, which is often used in combination with Postfix, has a > plugin called "RelayCountry" that allows you to change the spam score of > email. It uses GeoIP and is therefore not always accurate, but overall > it can help. > > There is also the "TextCat" plugin that attempts to determine the > language of email bodies, and it allows you to adjust spam scores based > on wanted/unwanted languages. > > Personally, I think that hard blocks based on these plugins are not a > good idea, but if your business is not set up to handle communication > written in language X (e.g. because none of your employees speak X), > adjusting the spam score seems reasonable. > > -Ralph >
Re: Reject Chinese mail
* merr...@fn.de: > We did get a lot of spam messages from Chinese providers. We speak not > Chinese, do you think if it is possible to reject all mails from > China? SpamAssassin, which is often used in combination with Postfix, has a plugin called "RelayCountry" that allows you to change the spam score of email. It uses GeoIP and is therefore not always accurate, but overall it can help. There is also the "TextCat" plugin that attempts to determine the language of email bodies, and it allows you to adjust spam scores based on wanted/unwanted languages. Personally, I think that hard blocks based on these plugins are not a good idea, but if your business is not set up to handle communication written in language X (e.g. because none of your employees speak X), adjusting the spam score seems reasonable. -Ralph
Re: It's all about risk and risk mitigation Re: Reject Chinese mail
One more thing... On Thu, 21 Nov 2019, Fred Morris wrote: Since I run my own mail servers I'm probably not a good person to ask. I don't find it particularly hard work. I set account limits, provide some tools and also disincentives to make safety and privacy the easier course and at the end of the day it's my servers, my rules. Note to people who are not management who are attempting this: it's the /server's/ fault. You set up the server's configuration, but blame the server. Always blame the server. That's the way it is. It sounds cynical, and it shamelessly is, but it creates objectivity around the problem and separates it from your own ego. Is the server "misbehaving"? How is that? What about these benefits? How about dangers to others? Have fun! -- Fred
Re: It's all about risk and risk mitigation Re: Reject Chinese mail
On Fri, 22 Nov 2019, Merrick wrote: On Fri, Nov 22, 2019, at 2:25 AM, Fred Morris wrote: I'll hazard that the reputation of particular domains whether they're TLDs or PseudoTLDs, registrars, or particular constellations of network infrastructure, is outside the scope of this list. There are lists for the discussion of such issues, although in my experience the useful ones are not public. -- Fred Morris Hello Fred If we choose not using big providers (google, MS etc), what mail service should be better to use? Setup a mail server is hard job, I am not sure every body can do that well. I'm not sure this is on-topic for this list either. I wasn't trying to say anyone's a bad person for using the big providers, but you do pick the neighborhood and the landlord. Honestly if they're serious about the reputational aspects of making "ESP" a thing, I'll praise them for it. You can have more than one, too, such as one which supports encryption, or DANE, or whatever. Is this a question about sending or receiving? What are the issues which concern you? There are also legal aspects of "data at rest"; there might be other aspects which I am unaware of in other jurisdictions. I suppose that's a segue to: on the receiving side you can use a provider as a forwarder, but do all of the storage and stuff locally: there are hybrid solutions. The degree of email protection thus provided is a sliding control, dial to the degree you're seeking to offload. On the sending side, use SPF, and don't make it so complicated you mess it up. Get some reputation data about your infrastructure neighborhood, or forward sending to someone who has a good reputation who is willing to relay for you. (If their reputation is any good, they probably pay attention to complaints. If their reputation is bad, there'll be plenty.) Keep an eye on DANE. Since I run my own mail servers I'm probably not a good person to ask. I don't find it particularly hard work. I set account limits, provide some tools and also disincentives to make safety and privacy the easier course and at the end of the day it's my servers, my rules. As for my employer's and correspondent's practices, their servers, their rules. -- Fred Morris
Re: It's all about risk and risk mitigation Re: Reject Chinese mail
On Fri, Nov 22, 2019, at 2:25 AM, Fred Morris wrote: > > > > I'll hazard that the reputation of particular domains whether they're > TLDs or PseudoTLDs, registrars, or particular constellations of network > infrastructure, is outside the scope of this list. There are lists for the > discussion of such issues, although in my experience the useful ones are > not public. > > -- > > Fred Morris > > Hello Fred If we choose not using big providers (google, MS etc), what mail service should be better to use? Setup a mail server is hard job, I am not sure every body can do that well. Thank you.
It's all about risk and risk mitigation Re: Reject Chinese mail
It's about risk versus reward. Never mind email. Let's say I'm an employer. They might all be perfectly fine people in Walmart land, but why do people on the network I control need to visit their web site? Is there any reason? Do we do business with them? I might not go to any great lengths to block them, but I might not miss them when they're gone. Maybe that seems a little silly. How about blocking certain web sites because they show ads from pwned ad networks? What if I block foreign media outlets, for this reason, because they're proven popular in watering hole attacks? You might say it's a lost cause, because smartphones, BYOD, whatever. I can block them from my network, whatever. But I'll raise you one: there are sites selling aggregate (if you're lucky) foot traffic info, and people are buying it to figure out how many people are at work at a particular location at a particular time; as an employer I have the right to ban carrying smartphones in the workplace, and this seems like a pretty reasonable reason if I need one. The relationship between email and domains is tenuous... or is it? Plenty of domains out there send email through gmail or outlook. Plenty of domains don't. The hosting you choose is your political voice. Let's say you decide to set up your domain, and email, through a privacy protected registrar, on privacy protected nameservers. Never mind whether I think people should have the right to anonymously spew email on the internet or not. Hrmmm... seems like a good idea to spammers too, apparently. In fact, there are spammers using the same nameservers. I think I'll block all mail from domains using those nameservers, because I can see because I keep records of such things, that I've never received legitimate mail from a domain using those nameservers. What about your domain? Really, I don't care. I'm not getting mail from anyone using those servers Q.E.D. Seems like a good choice to me. You made a bad choice, predicated on a right and freedom to send email which doesn't exist in the real world. By accident or design, you set up shop in a bad neighborhood. (Your registrar made what I would consider a bad choice as well, although they likely disagree.) People disagree on the definition of "newly observed (or registered or changed)", but one thing is clear: blocking email, or for that matter all resolution of new domains, is low risk... even if the benefits might vary with the situation or are inarticulable beforehand. I am well aware that along with the spammers, marketers are upset about this: they paid their money and registered a domain just for this marketing campaign, who are network administrators to get between them and their audience? Again, predicated on presumed rights and freedoms which are found not to be so absolute when tested in the real world. Long before NOD as a Thing, mail system administrators were mitigating spam by returning "spool full, try later" when the first mail from a domain shows up, and adding it to a whitelist so that when the sender retries in an hour or several the mail gets delivered. So, there's no historical precedent either. The perception of a right is simply in error. 1) It's all about the risk of mitigating certain annoyances or threats versus the risk of the loss of business and administrative overhead of dealing with false positives. 2) People are gonna do it and they're going to do it in the way that's easiest and least costly to them. By the way, mail from mailing lists comes from the mailing list; furthermore, this mailing list's archives are online. Send email from anywhere that the mailing list will accept it, my policies are of no concern. :-) I'll hazard that the reputation of particular domains whether they're TLDs or PseudoTLDs, registrars, or particular constellations of network infrastructure, is outside the scope of this list. There are lists for the discussion of such issues, although in my experience the useful ones are not public. -- Fred Morris
Re: Reject Chinese mail
On 11/21/19 2:57 AM, Jaroslaw Rafa wrote: Same as blocking an entire netblock or ISP because there are spammers within this netblock or using this ISP (but there are "good" senders there as well). Which is something a lot of email providers do, nevertheless. Given that ab...@example.com yields close-to-zero results in many cases, I tend to ACL netblocks. Now, there are only two reasons that I will add an entry into my ACLs: 1) extortion e-mail 2) excessive probes on 22/TCP This knee-jerk ACL insertion (at the edge, by the way) is tempered by the country in which the netblock is assigned. The A list -- China, India, and a couple others -- the netblock ACL goes in instantly. Others I'll send *one* notice to abuse@xxx from ad...@satchell.net and put the netblock on probation. If the abuse continues, they go into my ACL. I let the DNSBLs take care of the run-of-the-mill spam, plus I segregate spam that gets through into separate folders in my MUA. This shunts most spam into bins that I can process when priorities allow, and not dilute the "ham" in the traffic stream. The Internet, as currently developed, is not designed for wide public consumption. It assumed a BOFH was at each access point.
Re: Reject Chinese mail
Dnia 21.11.2019 o godz. 07:51:20 Reto pisze: > > Blocking based on geolocation / domain endings is something I seriously > despise. > Email is decentralized for a reason, blocking huge portions of it due to > spammers abusing a few *is* evil in my opinion. Same as blocking an entire netblock or ISP because there are spammers within this netblock or using this ISP (but there are "good" senders there as well). Which is something a lot of email providers do, nevertheless. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: Reject Chinese mail
On 21 November 2019 07:11:43 CET, Viktor Dukhovni wrote: >Blocking mail by language risks false-positives and should be generally >avoided, but it is not evil. Blocking based on geolocation / domain endings is something I seriously despise. Email is decentralized for a reason, blocking huge portions of it due to spammers abusing a few *is* evil in my opinion. I'm fed up with all those threads with people who want to block the most amount of people possible just because they personally happen to be lucky enough to live in a different country than the usual botnets come from or could still buy a .com or similar domain prior to the namespaces getting exhausted. The point I wanted to make is that we should not let the history repeat itself (yet again...) especially in the political climate we happen to be in. My intention wasn't to slur anyone, don't get me wrong there. I apologise if that was the case.
Re: Reject Chinese mail
On Thu, Nov 21, 2019 at 06:42:15AM +0100, Reto wrote: > Hm, didn't Germany learn its lesson yet somewhen in the 50s don't you > think? I don't think this is appropriate tone for the list[1]. Please refrain from similar ad-hominem in the future. Blocking mail by language risks false-positives and should be generally avoided, but it is not evil. -- Viktor. [1] My maternal grandfather died in occupied Kiev, probably Babi Yar, I am no apologist for Germany's war time atrocities.
Re: Reject Chinese mail
On 21 November 2019 05:51:56 CET, merr...@fn.de wrote: >We speak not Chinese, do you think if it is possible to reject all mails from >China? Apparently you also don't speak English properly. Do you want people to spam block the full .de domain because of that? Think hard before you block 1.5 billion people, some of which may participate on this list and could give you support if you weren't blocking them. Could you do that? Sure. Is it worth blocking by association due to where one grew up? Hm, didn't Germany learn its lesson yet somewhen in the 50s don't you think?
