[NTLUG:Discuss] All non-US IP list?

[Chris Cox]

Leroy Tennison wrote:
...
> This may be a wild idea but I'm going to throw it out anyway (let's see 
> if I get shot at for doing so).  Rather than trying to block a large 
> (and possibly changing) list why not approach it from the opposite 
> direction: Accept only the address ranges you want and dump the rest.  
> You might even want to consider doing this at the network layer using 
> iptables.  If you can come up with a list of acceptable address ranges 
> then accept them and drop everything else.

Makes the problem simpler, but you lose a LOT of good email.

Easier to see an email and say "well, that's garbage" and then block
the whole net block (just my opinion).

I also use a text filter list as well that filters based on
subject lines and sender addresses and such.

And... of course, spam assassin on top of all of that... however
my primary email is filtered via postini first.  I really don't
get much spam on my primary email anymore... and anything
that I quarantine lately has ALWAYS been spam.

There's no good solution to all of this btw.  No silver bullet.
The problem will always center around probabilistic algorithms.
So as good as my blocking is... there is still a chance that
a "good" email will get quarantined.  However, under my current
scheme it would be extremely rare (if ever) that an email would
be deleted (bypassing quarantine and going straight to /dev/null)
when it should have been marked as being good.