Category Archives: the mallet

tee…

i’ve recently taken to blocking great swaths of IP addresses in foreign countries, which only send me spam.

she has HUGE… tracts of land…

i have undertaken this policy because using a utility that automatically blocks IP addresses from foreign countries costs money (😒) and using a utility would only work on hybridelephant dot com, and nowhere else.

so, i learned about CIDR, learned how to identify host countries based on IP addresses, and learned how to block IP addresses based on CIDR numbers…

now, instead of blocking a single IP address — which is pointless, because spammers know that a single IP address only works until the spamees figure it out and block it, so they move on to the next one — i block entire swaths of IP addresses: the most common are the /24 range, which blocks 256 (28) IP addresses, and the /16 range, which blocks 65,536 (216) addresses.

and i can block spam from those IP addresses on ALL of my domains, not just hybridelephant dot com. 😉

which brings me to the point of this post: i recently blocked the third IN A SERIES of IP addresses from bangladesh: now i have 185.222.56.0/24, 185.222.57.0/24, AND 185.222.58.0/24 blocked.

which, technically, means that i could block 185.222.56.0/23 and 185.222.58.0/24 with the same effect, because 185.222.56.0/24 plus 185.222.57.0/24 equals 185.222.56.0/23

i love that i am able to do this.

i also love that i am able to understand this as much as i do… which is not very much, but enough that i have been successful in reducing the amount of spam i get by a SIGNIFICANT amount, and not affected my legitimate mail in the slightest degree. 😈

seriously…

i put a notice on hybrid elephant’s contact form, a few months ago:

PLEASE NOTE: This contact form is solely for the use of Hybrid Elephant customers who need to get in contact with us. Every message that is sent with this form includes a unique IP address in the header, which identifies the computer from which the message was sent. If you use this form to spam us, all you will accomplish is to put your IP address on the list of IP addresses which are PERMANENTLY BANNED from accessing Hybrid Elephant for any reason. Please DO NOT USE THIS FORM to send us advertisements or solicitations. It WILL NOT WORK! You have been warned!

this morning i received spam from the contact form, which said “my apologies for reaching out cold like this, just trying to see who I can help.”

if you’re really interested in helping, there’s a snail-mail address, AND a phone number posted on the same page as the contact form — which contains the warning mentioned previously. there’s absolutely no reason why you could not have called me on the phone, or written me a snail-mail message, instead of using our contact form SPECIFICALLY for something that i have warned you NOT to use it for.

not only that, but the header indicates that you’re one of those suckers who bought into the spam that has been going around recently, which says that you can send your spam through contact forms, because they’re already approved. i know this because your return address is to a server in scottsdale, arizona, but the message was sent through 105.235.192.0/21, which is located in nigeria. not only that, but the domain name you registered is hosted by microsoft, and registered at godaddy, both of which are known, notorious spam havens, despite what they may say in their advertisements… so your domain name also goes into my spam filter.

congratulations, spammer: you have successfully participated in BLOCKING yourself, your domain, and a /21 range (2,048 individual IP addresses) in nigeria. you will never again be able to access any of my domains, for any reason, any email that you send to me will go unread, and there is absolutely NO WAY i will ever use your “instagram marketing” service… primarily because i do not now, and never have had an instagram account, and i do not intend to open one in the future.

which you could have found out just as easily over the telephone, and you wouldn’t have blocked yourself. spam doesn’t work. give it up.

🤬

spam update

as of 190729, the following IP addresses, and top-level domains are BLOCKED from my web sites, for egregious spamming behaviour:

5.104.108.0/24 – germany
5.188.210.0/24 – russia
5.226.136.0/21 – UK
23.19.0.0/19 – russia
23.82.128.0/22 – VIRGINIA, USA
31.13.191.0/24 – sweden
37.120.135.0/24 – italy
37.120.159.0/24 – UK
45.12.176.0/22 – india
45.81.0.0/22 – UK
51.15.0.0/18 – france/belgium
51.38.157.0/26 – poland
51.89.30.128/26 – denmark
77.81.105.0/24 – romania
77.81.106.0/24 – romania
80.211.253.0/24 – aruba/italy
85.25.236.0/22 – germany
85.204.49.0/24 – romania
85.204.50.0/24 – romania
85.206.165.8/29 – lithuania/canada
85.254.72.0/24 – latvia
86.109.170.0/24 – spain
88.201.208.0/20 – russia
88.247.0.0/18 – turkey
88.247.64.0/20 – turkey
89.36.224.0/25 – romania
89.44.138.0/23 – romania
89.238.128.0/18 – UK
92.101.192.0/22 – russia
93.125.99.0/24 – belarus/canada
95.37.128.0/17 – russia
95.216.0.0/15 – finland
103.39.132.0/22 – india
103.62.92.0/22 – india
103.76.22.0/23 – indonesia
103.113.3.0/24 – indonesia
103.138.238.0/24 – india
104.245.144.0/22 – canada
105.174.0.0/15 – angola
109.93.128.0/17 – serbia
109.158.0.0/16 – UK
109.175.96.0/19 – bosnia and herzegovina
109.245.80.0/21 – serbia
118.107.180.0/24 – hong kong
133.0.0.0/8 – japan (this represents 16,777,216 individual IP addresses, the largest block allocated by the IANA 🤬)
134.90.149.176/29 – norway
139.99.0.0/17 – singapore
142.59.228.0/22 – canada
150.95.104.0/21 – vietnam
151.106.10.154/31 – china/france
151.106.12.240/28 – romania
157.157.87.0/24 – iceland
168.196.0.0/22 – argentina
176.9.0.0/16 – bulgaria
177.36.246.0/24 brazil
178.17.160.0/21 – moldova
178.17.168.0/21 – moldova
178.162.208.0/21 – germany
178.162.220.0/22 – germany
178.175.128.0/18 – moldova
181.214.60.0/22 – brazil
181.215.96.0/19 – brazil (london, columbia, chicago)
182.50.128.0/19 – singapore
182.52.0.0/15 – japan/thailand
182.56.0.0/14 – india
183.80.144.0/20 – vietnam
183.89.0.0/16 – thailand
185.9.147.0/24 – russia
185.93.3.0/24 – UK
185.94.189.128/27 – romania
185.103.110.0/24 – finland
185.125.32.0/22 – turkey
185.128.27.0/24 – italy
185.156.173.0/24 – france
185.206.224.0/24 – denmark
185.220.101.0/25 – germany
185.222.58.0/24 – bangladesh
185.230.127.0/24 – germany
185.234.0.0/22 – ireland/UK
188.209.52.0/24 – macau
193.56.28.0/24 – UK
193.201.224.0/22 – ukraine
195.181.166.0/24 – UK
199.249.230.0/24 – TEXAS, USA
200.40.96.0/24 – uruguay
201.138.46.0/24 – mexico
203.113.160.0/19 – vietnam

.bid – auctions
.br – brazil
.casa – “house”
.cf – central african republic
.club – groups, organizations, assemblies, communities, general
.cn – china
.date – online dating
.direct – general
.do – dominican republic
.download – technology
.es – spain
.faith – religion and churches
.fun
.gq – equatorial guinea
.hk – hong kong
.host – network companies
.icu – entrepreneurs and business owners
.life
.live
.loan – banks and lenders
.md – moldova
.moda – “fashion”
.mp – northern mariana islands (and anyone using mailchi.mp)
.ms – montserrat
.ooo
.online
.party – nightclubs and social gatherings
.pro – professions/professionals
.racing – racing
.review – public reviews
.ru – russia
.site
.space – as a creative space
.store – stores
.stream
.top
.trade – businesses
.webcam – web cam shows and video sharing
.website
.win – games, micro$oft windoesn’t
.world
.xyz
.za – south africa

if you recognise your IP address, or if you are one of the unfortunates whose web sites have one of the preceding TLDs, i’m sorry, but it had to be done… maybe if you contacted your ISP and complained, they might do something about it. 😒

HAHAHAHAHAHAHAHAHA!!! 🤪🤣

last year i switched away from my then-new host provider after a very short period of time because it turned out that they were a spam-haven.

before i switched, it got so bad that i set up a monitor at MXToolbox to check whether or not my IP address had been listed at any blacklists.

the host provider was incensed at this, and swore up and down that they had robust anti-spam policies that were enforced with an iron fist, but i switched away from them shortly afterwards, anyway.

today i got a notice from the monitor. apparently 69.162.87.36 is running an open relay and has a poor reputation

so much for “robust anti-spam policies enforced with an iron fist”. 🤣🤣🤣🤣🤣

anti-spam

the following is a list of the TLD names that i have blocked from sending email to any email address at Hybrid Elephant:

.bid
.br – Brazil
.cf – Central African Republic
.club
.cn – China
.date
.direct
.do – Dominican Republic
.download
.es – Spain
.faith
.fun
.gq – Equatorial Guinea
.hk – Hong Kong
.host
.icu
.live
.loan
.ooo
.online
.party
.pro
.racing
.review
.ru – Russia
.space
.store
.stream
.top
.trade
.webcam
.win
.world
.xyz
.za – South Africa

if you are from any of these TLDs, you might as well give up on the idea of sending email to me.

related post