Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SPAM Mail

Posted on 2016-07-27
6
Medium Priority
?
71 Views
Last Modified: 2016-08-11
Using spam assassin via c-panel, how do I block the the full range of an ISP's IP numbers?  The net range below?

For instance, I am get spam from 162.251.238.92, the ownership is:

NetRange:       162.251.232.0 - 162.251.239.255
CIDR:           162.251.232.0/21
NetName:        FHUB-NET-9
NetHandle:      NET-162-251-232-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS53340, AS62956
Organization:   VegasNAP, LLC (VEGAS-3)
RegDate:        2014-01-15
Updated:        2014-01-15
Ref:            https://whois.arin.net/rest/net/NET-162-251-232-0-1


OrgName:        VegasNAP, LLC
OrgId:          VEGAS-3
Address:        1110 Palms Airport Dr.
Address:        Suite 110
City:           Las Vegas
StateProv:      NV
PostalCode:     89119
Country:        US
RegDate:        2009-11-09
Updated:        2011-09-24
Ref:            https://whois.arin.net/rest/org/VEGAS-3


So how do I setup a new rule for it to cover their full range of IP addresses?  I know how to do an individual IP address, but I cant keep adding single IP's as they  change.

Thanks

Thanks
0
Comment
Question by:Stardotstar
  • 5
6 Comments
 
LVL 99

Accepted Solution

by:
John Hurst earned 2000 total points
ID: 41732084
Better I think to blacklist the sender and perhaps set up an all headers rule for something in the subject or body of the email. I use the latter for spamassassin at my email ISP here.
0
 

Author Comment

by:Stardotstar
ID: 41732094
Thanks, but neither of those remain constant.  I tried a global blacklist like this, but it did not cath this one:

blacklist_from *.ru

and

*.ru

Neither worked.
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 41732099
Try __VegasNAP__ in a header rule.

Spammers do not use constant IP addresses but subject and body are often constant.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 99

Expert Comment

by:John Hurst
ID: 41732100
Also , look up the email header information and see what is in Message ID to assist you.
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 41732113
Also, get the Message ID and post it here. You may be surprised.
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 41732183
I have an email that says it came from Google, my email ISP (Spamassassin) rejected it, but my forwarding ISP accepted it. I have blacklisted it at my forwarding ISP.

Here is the Message ID

<562342454.72218.1469659606934.JavaMail.zimbra@sequislife.co.id  

I blacklist *.id
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question