Solved

SPAM Mail

Posted on 2016-07-27
6
55 Views
Last Modified: 2016-08-11
Using spam assassin via c-panel, how do I block the the full range of an ISP's IP numbers?  The net range below?

For instance, I am get spam from 162.251.238.92, the ownership is:

NetRange:       162.251.232.0 - 162.251.239.255
CIDR:           162.251.232.0/21
NetName:        FHUB-NET-9
NetHandle:      NET-162-251-232-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS53340, AS62956
Organization:   VegasNAP, LLC (VEGAS-3)
RegDate:        2014-01-15
Updated:        2014-01-15
Ref:            https://whois.arin.net/rest/net/NET-162-251-232-0-1


OrgName:        VegasNAP, LLC
OrgId:          VEGAS-3
Address:        1110 Palms Airport Dr.
Address:        Suite 110
City:           Las Vegas
StateProv:      NV
PostalCode:     89119
Country:        US
RegDate:        2009-11-09
Updated:        2011-09-24
Ref:            https://whois.arin.net/rest/org/VEGAS-3


So how do I setup a new rule for it to cover their full range of IP addresses?  I know how to do an individual IP address, but I cant keep adding single IP's as they  change.

Thanks

Thanks
0
Comment
Question by:Stardotstar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
6 Comments
 
LVL 94

Accepted Solution

by:
John Hurst earned 500 total points
ID: 41732084
Better I think to blacklist the sender and perhaps set up an all headers rule for something in the subject or body of the email. I use the latter for spamassassin at my email ISP here.
0
 

Author Comment

by:Stardotstar
ID: 41732094
Thanks, but neither of those remain constant.  I tried a global blacklist like this, but it did not cath this one:

blacklist_from *.ru

and

*.ru

Neither worked.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 41732099
Try __VegasNAP__ in a header rule.

Spammers do not use constant IP addresses but subject and body are often constant.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 94

Expert Comment

by:John Hurst
ID: 41732100
Also , look up the email header information and see what is in Message ID to assist you.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 41732113
Also, get the Message ID and post it here. You may be surprised.
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 41732183
I have an email that says it came from Google, my email ISP (Spamassassin) rejected it, but my forwarding ISP accepted it. I have blacklisted it at my forwarding ISP.

Here is the Message ID

<562342454.72218.1469659606934.JavaMail.zimbra@sequislife.co.id  

I blacklist *.id
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 3 91
How to determine if "name@domain.com" is being blocked as a spammer? 6 84
spamming  on Hosted svrs? 6 103
Spam Filter 5 84
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question