We help IT Professionals succeed at work.

is there a ready-made list of non-US ip addresses?

hack-4-good
hack-4-good asked
on
Medium Priority
6,106 Views
Last Modified: 2008-08-05
hello,

looking for a ready-made list of non-us ip addresses... either in csv format for import or straight text (ip tab subnet, per line).  this is for importing into a spam filter.

our company doesnt currently do any business with anyone who should be sending from an oversea mail server, and we're ok taking the risk that one or two legit emails will be blocked (we can retrieve it later).

we're using ORF from www.vamsoft.com  and i'm sick of going thru the log by hand, just to find that 90% of the spam that still gets thru, is from other countries.

a sample straight text file that could be imported is like this:

8.10.16.0      255.255.255.0
24.180.20.70      255.255.255.255
24.199.183.0      255.255.255.0
24.199.183.106      255.255.0.0
61.0.0.0      255.0.0.0

the formatting may look messed up here, but its   ip [tab] subnet [enter]

i'm ok understanding subnetting, ranges, etc... and i'm ok blocking 18 million ip addresses too...  is there something i can just copy/paste rather than sit on www.dnsstuff.com all day and look up every range?

it gets complicated doing that because 84.24.0.0 might be US, but 84.23.0.0 might be taiwan.  i wish it was more organized, where the first octet indicated country... or something... but i realize how not possible that really is.

thanks!

p.s. i understand that not all overseas people or ISPs send spam... but most of what we get is from overseas and i'm ok blocking all non-us servers.  if thats prejudicial, whatever... to each his own...

Comment
Watch Question

Top Expert 2004
Commented:
(From MY post in another thread):

Here are the blocks of addresses assigned to the other Regional Regestries for Internet Numbers - other meaning "non-American".  Note, these won't block ALL "foreign" traffic, but most of it.  There's nothing you could do to prevent a hacker from getting a global dial up service, dialing into a US provider, and having a "US" IP address.

I think this is as close to what you are asking for as you're going to get.

041/8     AfriNIC
058/8     APNIC
059/8     APNIC
060/8     APNIC
061/8     APNIC
121/8     APNIC
122/8     APNIC
123/8     APNIC
124/8     APNIC
125/8     APNIC
126/8     APNIC
202/8     APNIC
203/8     APNIC
210/8     APNIC
211/8     APNIC
218/8     APNIC
219/8     APNIC
220/8     APNIC
221/8     APNIC
222/8     APNIC
062/8     RIPE NCC
080/8     RIPE NCC
081/8     RIPE NCC
082/8     RIPE NCC
083/8     RIPE NCC
084/8     RIPE NCC
085/8     RIPE NCC
086/8     RIPE NCC
087/8     RIPE NCC
088/8     RIPE NCC
089/8     RIPE NCC
090/8     RIPE NCC
091/8     RIPE NCC
193/8     RIPE NCC
194/8     RIPE NCC
195/8     RIPE NCC
212/8     RIPE NCC
213/8     RIPE NCC
217/8     RIPE NCC
189/8     LACNIC
190/8     LACNIC
200/8     LACNIC
201/8     LACNIC

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Top Expert 2004

Commented:
Not sure if you realize what these mean, for instance the first one 041/8 means anythig in the classful "A" notation - 41.0.0.0 255.0.0.0 would be allocated from the Africa authority.

So, you could use Excel to replace "/8" with ".0.0.0 255.0.0.0"
Top Expert 2004

Commented:
Top Expert 2004

Commented:
CERTIFIED EXPERT
Top Expert 2013

Commented:
pseudocyber, why don't you post a link to this question on the following :
http://www.experts-exchange.com/Networking/Q_21773565.html
Excellent answer above to that question and hardly seems fair for me to steal the credit, especially where I was advocating it wasn't possible.
--Rob  (RobWill)
Top Expert 2004

Commented:
Rob, I didn't know about that question.  I just remembered the list I compiled a little while ago and went to find it.  Then I was discussing with my ccie wannabe coworker and he was telling me abou the bogon list.

Don't understand your excellent answer comment - are you referring to your link or my comments?

:)
Top Expert 2004

Commented:
Oh, now I understand ... Thanks Rob. :)

Author

Commented:
guys, thanks... this is exactly what i was looking for...

thanks again
CERTIFIED EXPERT
Top Expert 2013

Commented:
>>"Don't understand your excellent answer comment"
pseudocyber, guess you figured out but I was referring to your comments above. I thought they were very good, and would be useful to tabmpierce in the other question. I didn't want to steal the credit. Would be embarrassing if I was awarded points for your answer.  :-)
--Rob
Top Expert 2004

Commented:
No problem, Rob.  Thanks for the compliment.  :)
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.