Outlook 2003 Spam Filter | Stop Spam Outlook           

spam filter download   
Latest Update:  
SpamButcher 2.1  

spam blocker awards 

 SpamButcher Anti Spam Filter
Cutting Edge Spam Elimination

SpamButcher is a powerful anti-spam program that can stop over 97% of unwanted email.

Free Anti-Spam Download - Click Here!

How to Block all Email, Web or any other Traffic from a Given Country using Iptables (Linux)


This document provides general information about how to configure a Linux email server to reject SMTP requests (and hence email) from IP addresses based in certain countries. The most likely reason for wanting to make this configuration change is to provide a way of stopping spam email sent from those countries.

A similar document is available for Windows XP and Windows Server 2003.

If you're using Apache and just want to block web traffic - this article can tell you how to block countries using .htaccess.

Disclaimer:
We at SpamButcher aren't advocating anything described on this page - we're just passing on information.

This page is only intended for use by experienced Linux system administrators. SpamButcher makes no claims that anything described here will work, or even that it won't screw up your system.

These instructions were tested on Ubuntu 6 - small changes may be needed for other Linux distributions.

As an example - this script file contains iptable entries to block most SMTP traffic from China, Russia and South Korea. It could hypothetically be deployed on a server by following just steps 4 and 5 listed below.

SpamButcher makes no warranties about the content of this file or its suitability for any purpose.

1. Figure out what country or countries you want to block

Think hard about this. While eliminating email from countries you don't do business with can substantially reduce spam - you also may be cutting yourself off from support and services you weren't even aware originated from them. Like most spam filtering, there are some risks involved.

2. Figure out what networks belong to those countries

Blackholes.us has a pretty good geolocation database, and is used in the example below. Software77.net's geolocation database seems more complete, but is a little trickier to use.

Find the countries you're interested in - and put their networks in a text file.

$DATASET ip4set nn  @				
:127.4.9.2:mc
127.4.9.2:127.0.0.2:Republic of Narnia
211.192.0.0/10				(from here on down are the actual networks)
211.32.0.0/11
210.96.0.0/11
203.224.0.0/11
125.128.0.0/11
Due to the large number of small networks - you may want to remove any entries ending with "/21" to "/24."

This will allow a small amount of traffic through - but it can significantly reduce how long it takes to load the rule set, and minimize any impact on server performance.

3. Create a script file

This part is pretty simple. Just create a series of entries like the examples below using the list of networks you've generated. A spreadsheet program may help with this task.

#Republic of Narnia
iptables -A INPUT -p tcp -s 211.192.0.0/10 --dport 25 -j DROP
iptables -A INPUT -p tcp -s 211.32.0.0/11 --dport 25 -j DROP
iptables -A INPUT -p tcp -s 210.96.0.0/11 --dport 25 -j DROP
iptables -A INPUT -p tcp -s 203.224.0.0/11 --dport 25 -j DROP
iptables -A INPUT -p tcp -s 125.128.0.0/11 --dport 25 -j DROP
This tells iptables to "drop" any incoming traffic on port 25 from the network listed.

Changing the port number to 80 would let you block all web traffic from listed networks.

Any entry like the following would block all traffic from the specified address space:

iptables -A INPUT -s 125.128.0.0/11 -j DROP
If you're doing a number of commonly blocked countries - the file will likely be over 1000 lines long.

Save the file under a logical name - such as "countryblock."

Important Note - if you're creating this file on a Windows system - be sure that the file is saved in "Unix Format." Win32Pad is an excellent free notepad replacement - that specifically supports this.

4. Upload, set as executable and test

Upload the file you've created above to your Linux email server.

Use the following command to set the script file as executable: 

chmod +x countryblock
Now - run the script!

./countryblock
This may take a minute or two - and generally won't give any results (errors or otherwise).

You can verify if the tables really loaded with the following command:

iptables -n -L
If all looks good - proceed to the next step.

If you're concerned something got screwed up - you can issue the command "iptables --flush" to clear everything out (just be aware this will flush any rules iptables has loaded).

5. Set the script to run on bootup

These instructions should work for Ubuntu / Debian. If you're using another Linux distribution - you may want to do a little research to figure out what's appropriate.

First, copy the file to /etc/init.d:

cp countryblock /etc/init.d
Then, update Linux's startup scripts:

update-rc.d countryblock defaults
And that's it!

Back





Over 300,000 Downloads!



"enjoying no less than a 99% (spam) filtering success"
  -Cynthia