Some time ago I posted about my experience blocking one country and some ASNs directly via iptables from my mail serv...

Some time ago I posted about my experience blocking one country and some ASNs directly via iptables from my mail server. It seems like there’s an even better source of IPs and networks to block. The Spamhaus “Don’t Route Or Peer Lists (DROP)” lists. Currently my mail setup is configured to block everything from these lists. After that, failed login attempts are blocked using fail2ban. And both Postscreen and Rspamd are configured with the usual DNS block lists (like Spamhaus), but also with Abusix. So far I have received no single spam mail since moving to this new setup. Also, the number of logged spam delivery tries is greatly reduced. All the legitimate emails I wanted to receive the last days came through. Using simplemailservice.eu also still works great as my outbound relay. Fun fact: All the ASNs I manually blocked before are on the DROP list. I let AI write a small script that uses the bgp.tools table.txt to find the IPs for them. Interactions & Comments