Stardotstar
asked on
SPAM Mail
Using spam assassin via c-panel, how do I block the the full range of an ISP's IP numbers? The net range below?
For instance, I am get spam from 162.251.238.92, the ownership is:
NetRange: 162.251.232.0 - 162.251.239.255
CIDR: 162.251.232.0/21
NetName: FHUB-NET-9
NetHandle: NET-162-251-232-0-1
Parent: NET162 (NET-162-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS53340, AS62956
Organization: VegasNAP, LLC (VEGAS-3)
RegDate: 2014-01-15
Updated: 2014-01-15
Ref: https://whois.arin.net/rest/net/NET-162-251-232-0-1
OrgName: VegasNAP, LLC
OrgId: VEGAS-3
Address: 1110 Palms Airport Dr.
Address: Suite 110
City: Las Vegas
StateProv: NV
PostalCode: 89119
Country: US
RegDate: 2009-11-09
Updated: 2011-09-24
Ref: https://whois.arin.net/rest/org/VEGAS-3
So how do I setup a new rule for it to cover their full range of IP addresses? I know how to do an individual IP address, but I cant keep adding single IP's as they change.
Thanks
Thanks
For instance, I am get spam from 162.251.238.92, the ownership is:
NetRange: 162.251.232.0 - 162.251.239.255
CIDR: 162.251.232.0/21
NetName: FHUB-NET-9
NetHandle: NET-162-251-232-0-1
Parent: NET162 (NET-162-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS53340, AS62956
Organization: VegasNAP, LLC (VEGAS-3)
RegDate: 2014-01-15
Updated: 2014-01-15
Ref: https://whois.arin.net/rest/net/NET-162-251-232-0-1
OrgName: VegasNAP, LLC
OrgId: VEGAS-3
Address: 1110 Palms Airport Dr.
Address: Suite 110
City: Las Vegas
StateProv: NV
PostalCode: 89119
Country: US
RegDate: 2009-11-09
Updated: 2011-09-24
Ref: https://whois.arin.net/rest/org/VEGAS-3
So how do I setup a new rule for it to cover their full range of IP addresses? I know how to do an individual IP address, but I cant keep adding single IP's as they change.
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Try __VegasNAP__ in a header rule.
Spammers do not use constant IP addresses but subject and body are often constant.
Spammers do not use constant IP addresses but subject and body are often constant.
Also , look up the email header information and see what is in Message ID to assist you.
Also, get the Message ID and post it here. You may be surprised.
I have an email that says it came from Google, my email ISP (Spamassassin) rejected it, but my forwarding ISP accepted it. I have blacklisted it at my forwarding ISP.
Here is the Message ID
<562342454.72218.146965960 6934.JavaM ail.zimbra @sequislif e.co.id
I blacklist *.id
Here is the Message ID
<562342454.72218.146965960
I blacklist *.id
ASKER
blacklist_from *.ru
and
*.ru
Neither worked.