is there a ready-made list of non-US ip addresses?

hello,

looking for a ready-made list of non-us ip addresses... either in csv format for import or straight text (ip tab subnet, per line).  this is for importing into a spam filter.

our company doesnt currently do any business with anyone who should be sending from an oversea mail server, and we're ok taking the risk that one or two legit emails will be blocked (we can retrieve it later).

we're using ORF from www.vamsoft.com  and i'm sick of going thru the log by hand, just to find that 90% of the spam that still gets thru, is from other countries.

a sample straight text file that could be imported is like this:

8.10.16.0      255.255.255.0
24.180.20.70      255.255.255.255
24.199.183.0      255.255.255.0
24.199.183.106      255.255.0.0
61.0.0.0      255.0.0.0

the formatting may look messed up here, but its   ip [tab] subnet [enter]

i'm ok understanding subnetting, ranges, etc... and i'm ok blocking 18 million ip addresses too...  is there something i can just copy/paste rather than sit on www.dnsstuff.com all day and look up every range?

it gets complicated doing that because 84.24.0.0 might be US, but 84.23.0.0 might be taiwan.  i wish it was more organized, where the first octet indicated country... or something... but i realize how not possible that really is.

thanks!

p.s. i understand that not all overseas people or ISPs send spam... but most of what we get is from overseas and i'm ok blocking all non-us servers.  if thats prejudicial, whatever... to each his own...

LVL 4
hack-4-goodAsked:
Who is Participating?
 
pseudocyberCommented:
(From MY post in another thread):

Here are the blocks of addresses assigned to the other Regional Regestries for Internet Numbers - other meaning "non-American".  Note, these won't block ALL "foreign" traffic, but most of it.  There's nothing you could do to prevent a hacker from getting a global dial up service, dialing into a US provider, and having a "US" IP address.

I think this is as close to what you are asking for as you're going to get.

041/8     AfriNIC
058/8     APNIC
059/8     APNIC
060/8     APNIC
061/8     APNIC
121/8     APNIC
122/8     APNIC
123/8     APNIC
124/8     APNIC
125/8     APNIC
126/8     APNIC
202/8     APNIC
203/8     APNIC
210/8     APNIC
211/8     APNIC
218/8     APNIC
219/8     APNIC
220/8     APNIC
221/8     APNIC
222/8     APNIC
062/8     RIPE NCC
080/8     RIPE NCC
081/8     RIPE NCC
082/8     RIPE NCC
083/8     RIPE NCC
084/8     RIPE NCC
085/8     RIPE NCC
086/8     RIPE NCC
087/8     RIPE NCC
088/8     RIPE NCC
089/8     RIPE NCC
090/8     RIPE NCC
091/8     RIPE NCC
193/8     RIPE NCC
194/8     RIPE NCC
195/8     RIPE NCC
212/8     RIPE NCC
213/8     RIPE NCC
217/8     RIPE NCC
189/8     LACNIC
190/8     LACNIC
200/8     LACNIC
201/8     LACNIC
0
 
pseudocyberCommented:
Not sure if you realize what these mean, for instance the first one 041/8 means anythig in the classful "A" notation - 41.0.0.0 255.0.0.0 would be allocated from the Africa authority.

So, you could use Excel to replace "/8" with ".0.0.0 255.0.0.0"
0
 
pseudocyberCommented:
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
Rob WilliamsCommented:
pseudocyber, why don't you post a link to this question on the following :
http://www.experts-exchange.com/Networking/Q_21773565.html
Excellent answer above to that question and hardly seems fair for me to steal the credit, especially where I was advocating it wasn't possible.
--Rob  (RobWill)
0
 
pseudocyberCommented:
Rob, I didn't know about that question.  I just remembered the list I compiled a little while ago and went to find it.  Then I was discussing with my ccie wannabe coworker and he was telling me abou the bogon list.

Don't understand your excellent answer comment - are you referring to your link or my comments?

:)
0
 
pseudocyberCommented:
Oh, now I understand ... Thanks Rob. :)
0
 
hack-4-goodAuthor Commented:
guys, thanks... this is exactly what i was looking for...

thanks again
0
 
Rob WilliamsCommented:
>>"Don't understand your excellent answer comment"
pseudocyber, guess you figured out but I was referring to your comments above. I thought they were very good, and would be useful to tabmpierce in the other question. I didn't want to steal the credit. Would be embarrassing if I was awarded points for your answer.  :-)
--Rob
0
 
pseudocyberCommented:
No problem, Rob.  Thanks for the compliment.  :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.