Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

SPAM Mail

Posted on 2016-07-27
6
Medium Priority
?
67 Views
Last Modified: 2016-08-11
Using spam assassin via c-panel, how do I block the the full range of an ISP's IP numbers?  The net range below?

For instance, I am get spam from 162.251.238.92, the ownership is:

NetRange:       162.251.232.0 - 162.251.239.255
CIDR:           162.251.232.0/21
NetName:        FHUB-NET-9
NetHandle:      NET-162-251-232-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS53340, AS62956
Organization:   VegasNAP, LLC (VEGAS-3)
RegDate:        2014-01-15
Updated:        2014-01-15
Ref:            https://whois.arin.net/rest/net/NET-162-251-232-0-1


OrgName:        VegasNAP, LLC
OrgId:          VEGAS-3
Address:        1110 Palms Airport Dr.
Address:        Suite 110
City:           Las Vegas
StateProv:      NV
PostalCode:     89119
Country:        US
RegDate:        2009-11-09
Updated:        2011-09-24
Ref:            https://whois.arin.net/rest/org/VEGAS-3


So how do I setup a new rule for it to cover their full range of IP addresses?  I know how to do an individual IP address, but I cant keep adding single IP's as they  change.

Thanks

Thanks
0
Comment
Question by:Stardotstar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
6 Comments
 
LVL 98

Accepted Solution

by:
John Hurst earned 2000 total points
ID: 41732084
Better I think to blacklist the sender and perhaps set up an all headers rule for something in the subject or body of the email. I use the latter for spamassassin at my email ISP here.
0
 

Author Comment

by:Stardotstar
ID: 41732094
Thanks, but neither of those remain constant.  I tried a global blacklist like this, but it did not cath this one:

blacklist_from *.ru

and

*.ru

Neither worked.
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 41732099
Try __VegasNAP__ in a header rule.

Spammers do not use constant IP addresses but subject and body are often constant.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 98

Expert Comment

by:John Hurst
ID: 41732100
Also , look up the email header information and see what is in Message ID to assist you.
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 41732113
Also, get the Message ID and post it here. You may be surprised.
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 41732183
I have an email that says it came from Google, my email ISP (Spamassassin) rejected it, but my forwarding ISP accepted it. I have blacklisted it at my forwarding ISP.

Here is the Message ID

<562342454.72218.1469659606934.JavaMail.zimbra@sequislife.co.id  

I blacklist *.id
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

671 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question