Re: Barracuda Networks Spam Firewall

[James Couzens <jcouzens () 6o4 ca>]

On Tue, 2004-05-18 at 21:49, Eric A. Hall wrote:

> There's one rule that will wipe out ~90% of spam, but nobody seems to have
> written it yet.
>
>   if URL IP addr is in China then score=100

I beg to differ Eric A. Hall.  

According to statistics gathered by the Spamhaus Project
(http://www.spamhaus.com) who most certainly have garnered my respect
through their very satisfying services, (SBL, XBL, ROKSO) it is the
Yankee's who are out of responsible for the majority of the internet's
Spam.  Lets have a look:

Top 10 Spam Countries April 2004:
---------------------------------

1  United States
2  China
3  South Korea
4  Brazil
5  Taiwan
6  Argentina
7  Canada
8  Russia
9  Hong Kong
10 Italy

Top 10 Worst Spam ISPs April 2004:
----------------------------------

1  mci.com (United States)
2  savvis.net (United States)
3  kornet.net (Korea)
4  above.net (United States)
5  chinanet-gd (China)
6  chinanet-cq (China)
7  xo.com (United States)
8  interbusiness.it (Italy)
9  level3.net (United States)
10 pccw.com (China)

Top 10 ROKSO Spammers April 2004:
---------------------------------

1  Alan Ralsky (United States)
2  Scott Richter - Wholesalebandwidth (United States)
3  Alexey Panov - ckync.com (Germany)
4  John Grandinetti / 321send.com (United States)
5  Anthony ''Tony'' M. Banks (United States)
6  Eric Reinertsen (United States)
7  lmihosting.com (United States)
8  Webfinity/Dynamic Pipe (Canada)
9  Scott Richter - OptInRealBig (United States)
10 Eddy Marin - Oneroute (United States)

According to Spamhaus, 200 known Spam Operations are responsible for 90%
of your spam.  Of the list currently available on their site, 142 of the
known spammers are from a little country called THE UNITED STATES.

So contrary to what you said, perhaps I should just Null Route all email
originating from the USA?  ;)

If you reall wish to stop spam, first we need to stop forgery.  Then all
the spammers will have to resort to more legitimate means for sending
emails, but that being the case RHBL's become useful since because a
spammer would no longer be forging, using domain based black lists will
actually be useful.

How to stop spam:

#1 - Stop buying crap sold via spam!!!
#2 - Stop SMTP forgery
#3 - Raise the IQ of the average windows user/admin so they will be
physically cable of patching their OS who contrary to popular belief
isn't necessarily as crappy as everyone might think.

Implementing those above three steps is a healthy start.

Cheers,

James

-- 
James Couzens,
Programmer
-----------------------------------------------------------------
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://gpg.mit.edu:11371/pks/lookup?op=get&search=0x6E0396B3

Attachment: signature.asc
Description: This is a digitally signed message part