I have in the last two days watched hundreds of connections come in to my smtp server, all of which comes from an ISP in Taiwan.

I am progressivly just blocking large chunks of their address space.

If I had the time or the knowledge of where to find the info I would block the entire reagon. (Why can't they see the We don't relay without authentication and leave?) This can be done. There are sites such as cluecentral.net that supplies list of IPs by country (or by originating AS as well) and even talk about how you can implement such blocks. They have the IPs

On Sat, 3 May 2003, Patrick Quinn-Graham wrote: listed, taking your taiwanese users as an example, in a group like tw.rbl.cluecentral.net. Anyway for more info etc check out http://www.cluecentral.net/rblcheck/ regards lin

Below is a response I received after one of my customers complained about being unable to reach http://www.usace.army.mil . Note that the "China net class A network" reffered to is 203.x.x.x . Note also that this was received twelve months ago and access has since been restored. Regards, Phill.

Phillip, Based on the information we have there is currently no justification to open that network. The China net Class A network was blocked several months ago due to very high volumes of malicious traffic that threatened the security of our army networks. If you can provide a specific reason to access the Corp of Engineer site then we can re-evaluate your request. If you can have the USACE folks contact us and verify your need, that can help to further justify your requirement. At this point, there is no reason for us to open the Chinanet host to our networks.

John L King Team Leader, Current Operations RCERT-CONUS Com (520) 538-2482 DSN 879-2482 Ft. Huachuca, AZ

I esecially liked this comment that appeared in the middle of the email trail as it was forwarded from person to person;

-----Original Message----- From: Cartagena, Adelina USANETA Sent: Thursday, March 14, 2002 3:30 PM To: Ludwig, David E USANETA Subject: FW: http://www.usace.army.mil

Dave:

Another one.

Jeff Williams wrote:

Patrick and all,

Well thank you for posting here regarding this seemingly ongoing problem stemming it seems from APNIC allocation policy changes of late. I have recently forwarded these postings from Nznog along to APNIC for their attention as I an CC'ing this one as well.

Patrick Quinn-Graham wrote:

...

I have in the last two days watched hundreds of connections come in to my smtp server, all of which comes from an ISP in Taiwan.

I am progressivly just blocking large chunks of their address space.

If I had the time or the knowledge of where to find the info I would block the entire reagon. (Why can't they see the We don't relay without authentication and leave?)

Granted, however, this is blocking them from wasting my mailservers time deciding to reject their relay attempts. I can certainly understand the frustration that people would get.

Sorry if this is off topic... I don't post here often, and will probably not again for a while.

Cheers, Patrick.

On Tue, 29 Apr 2003, Joe Abley wrote:

...

Date: Tue, 29 Apr 2003 19:35:10 -0400 From: Joe Abley To: nznog(a)list.waikato.ac.nz Subject: [nznog] people blocking "all APNIC space"

There's recurring wisdom on other lists that people outside the Asia Pacific region routinely block "all APNIC space" in order to reduce the amount of spam they receive (the most recent example was on NANOG, when someone inferred that APNIC address space was useless because it is so regularly blocked).

I've run MTAs numbered within 202/8 and 203/8 before, and I've never noticed a problem; if the practice of blocking all APNIC space was that commonplace, I would have expected to have noticed. Maybe I was just lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in "all APNIC space".

Anybody here noticed widespread blocking of any APNIC ranges by ISPs elsewhere in the world?

Joe

_______________________________________________ Nznog mailing list Nznog(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

_______________________________________________ Nznog mailing list Nznog(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Regards,

-- Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 129k members/stakeholders strong!) ================================================================ CEO/DIR. Internet Network Eng. SR. Eng. Network data security Information Network Eng. Group. INEG. INC. E-Mail jwkckid1(a)ix.netcom.com Contact Number: 214-244-4827 or 214-244-3801

_______________________________________________ Nznog mailing list Nznog(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog