Solved

SPAM Mail

Posted on 2016-07-27
6
57 Views
Last Modified: 2016-08-11
Using spam assassin via c-panel, how do I block the the full range of an ISP's IP numbers?  The net range below?

For instance, I am get spam from 162.251.238.92, the ownership is:

NetRange:       162.251.232.0 - 162.251.239.255
CIDR:           162.251.232.0/21
NetName:        FHUB-NET-9
NetHandle:      NET-162-251-232-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS53340, AS62956
Organization:   VegasNAP, LLC (VEGAS-3)
RegDate:        2014-01-15
Updated:        2014-01-15
Ref:            https://whois.arin.net/rest/net/NET-162-251-232-0-1


OrgName:        VegasNAP, LLC
OrgId:          VEGAS-3
Address:        1110 Palms Airport Dr.
Address:        Suite 110
City:           Las Vegas
StateProv:      NV
PostalCode:     89119
Country:        US
RegDate:        2009-11-09
Updated:        2011-09-24
Ref:            https://whois.arin.net/rest/org/VEGAS-3


So how do I setup a new rule for it to cover their full range of IP addresses?  I know how to do an individual IP address, but I cant keep adding single IP's as they  change.

Thanks

Thanks
0
Comment
Question by:Stardotstar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
6 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points
ID: 41732084
Better I think to blacklist the sender and perhaps set up an all headers rule for something in the subject or body of the email. I use the latter for spamassassin at my email ISP here.
0
 

Author Comment

by:Stardotstar
ID: 41732094
Thanks, but neither of those remain constant.  I tried a global blacklist like this, but it did not cath this one:

blacklist_from *.ru

and

*.ru

Neither worked.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41732099
Try __VegasNAP__ in a header rule.

Spammers do not use constant IP addresses but subject and body are often constant.
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 95

Expert Comment

by:John Hurst
ID: 41732100
Also , look up the email header information and see what is in Message ID to assist you.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41732113
Also, get the Message ID and post it here. You may be surprised.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41732183
I have an email that says it came from Google, my email ISP (Spamassassin) rejected it, but my forwarding ISP accepted it. I have blacklisted it at my forwarding ISP.

Here is the Message ID

<562342454.72218.1469659606934.JavaMail.zimbra@sequislife.co.id  

I blacklist *.id
0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question