FW: IP country block possible?
Res
res at ausics.net
Wed Jan 3 23:28:59 CET 2007
On Wed, 3 Jan 2007, mailscanner at aha4adsl.nl wrote:
> We mainly have Dutch and Belgium contacts and therefore want to block
> non-Dutch IP-ranges.
Thats crazy :) but if you insist, (we know people on this list are often
only carrying out company directives and it is not the place of anyone on
this lsit to try tell you not to do it) this is not a job for MailScanner,
it is the responsability of your MTA.
I have an ACL on a data center router here which takes out 3 asian
countries because of their assholish behaviours, and I can assure you that
acl for those 3 countries (since TLD blocking is a waste of time as many
admins are too lazy or clueless to configure DNS) is huge, these are not
single IP's but entire netmasks...
~# grep -c "access-list 183 deny" /backs/routers/bne/brd1-Wed
862
~#
Ok, thats blocking, you want to allow, but its much the same principle,
Your sendmail/postfix/qmail ACL "OK" lists will be very large to allow
only a couple of countries.
--
Cheers
Res
"So, you think you can tell Heaven from Hell?" - Roger Waters
More information about the MailScanner
mailing list