I use Barracuda Spam Filter (Barracude ESG) as my spam-firewall for one of my customers.
It does good job but one of their e-mail’s was used for communication with China based client. Since then we receive hundreds spam e-mails per day only for this used e-mail. We do not receive e-mails to admin@…, postamster@…, office@… or any other easy to guess addresses. Just for this one.
Trying different settings for ESG but there was no “wow” effect.
Today I decided to look for China’s IP ranges and block it at router’s level and block all SMTP traffic from these addresses.
We have no clients in Chine so I do not harm our business. I have impleneted it circa at 11 am. Look at THE EFFECT.
I’m disappointed at the crappy level of service you provided to your clients until you implemented proper country blocking ;-p
Just kidding, nice touch!!
Bartosz, country blocking is one of the many value added security prongs in the MOAB service that one of our forum folk provides for his clients and recently made available to all.
You should check it out. http://forum.mikrotik.com/t/moab-mother-of-all-blacklists/122053/1
Barracuda ESG does good job .. it filters most of spam from China … most means 99% … but I was tired skipping whole pages of “dropped/blocked” entries and decided to not allow such e-mails to reach ESG
@Xtreamer:
Please check attachment. It is part of a bigger set of rules so you must to tailor it to your nedds as we have more than one WAN interface, more rules adding to RAWATTACK address list etc. These lines in the attachment are crucial ones china.rsc (346 KB)
Prepend “add list=US address=” to each subnet (in notepad++ do regex search for ^ replace with “add list=US address=”, or use the TextFX plugin to insert a clipboard value to the beginning of each line)
Add “/ip firewall address-list” as the first line of the file.
Save the file and copy it to the router.
Open a terminal window and type “import ”.
Use the address list as desired in the firewall rules.
