Chinese Spam
Lately I’ve noticed a surge in spam from a website called wholesale-jewelry-shop.com
. According to the IP whois. The company behind it seems to be a company called VPS21 and has reserved several IP networks. Since obviously sale@wholesale-jewelry-shop.com is not a valid abuse reporting email and the hosting company does not respond to abuse complaints, I’m going to catalog the IP networks I got spam from here to include in a Postfix blacklist for everyone interested.
I honestly don’t care if a couple of emails from this companies’ legit customers (if there are any) might not be delivered to my server and my customers. I doubt anyone has any business with a business promoting and allowing spam.
# Block wholesale-jewelry-shop.com spams
/^199\.36\.72/ REJECT UCE black-listed
/^199\.36\.73/ REJECT UCE black-listed
/^199\.36\.74/ REJECT UCE black-listed
/^199\.36\.75/ REJECT UCE black-listed
/^199\.36\.76/ REJECT UCE black-listed
/^199\.36\.77/ REJECT UCE black-listed
/^199\.36\.78/ REJECT UCE black-listed
/^199\.36\.79/ REJECT UCE black-listed
/^199\.192\.152/ REJECT UCE black-listed
/^199\.192\.153/ REJECT UCE black-listed
/^199\.192\.154/ REJECT UCE black-listed
/^199\.192\.155/ REJECT UCE black-listed
/^199\.192\.156/ REJECT UCE black-listed
/^199\.192\.157/ REJECT UCE black-listed
/^199\.192\.158/ REJECT UCE black-listed
/^199\.192\.159/ REJECT UCE black-listed
Update (2016): As the problems with Chinese spammers and attackers escalated to a degree that one of my servers was using 80-90% of its resources only to deal with thousands of connections from bad actors located in China, I decided to just block all Chinese IPv4 ranges at the firewall level. The quantity of attacks on that server have now dropped to a couple of dozen per day, down from tens of thousands. I wonder how long it will take until a large portion of the internet will follow suit and block China wholesale.