It's been nearly a decade since I ran another forums, and I have to say the change in the spam landscape has been... interesting.
I mean, I know colocrossing is a den of dirtbags run by some of the biggest dirtbags out there, but to have to mass ban ALL of their assigned address range is absurd. Given that these sleazy scum actually seem to have around 8% off the entire IPv4 address space to themselves, who and why hasn't the IANA taken action to deny these assclowns the use of IP addresses altogether?
In any decently run society, these clowns would be out on their arse.
The past week in particular has been a massive case of whack-a-mole. I've now got almost 18% of the ENTIRE range of available IPv4 addresses blocked at the IPTables level. That shouldn't be a thing, and it speaks not to the amount of dirtbags out there, but a general lack of policing and responsibility on the part of the IANA, ARIN, RIPE, and all the other agencies responsible for who gets an IP address.
Also makes me wish I could just ban by "origin". Tell all these sleazy ****'s -- ColoCrossing, FranTech, QuadraNet, Vortex, Irida Telecom, etc, etc -- to go plow themselves via a dozen entries like "AS8100" instead of needing over 2900 lines of IP ranges.
Would be possible, but all those RDNS / Whois lookups every time a new IP accessed the server would drag performance down too far.
Still, sorry if we've been spam heavy the past week. Tightening the noose on the sleaze even tighter. Thankfully I've got certain triggers set up in SMF's error logs now that messages me when something fishy happens.
Hard to spend time on though when I've got three paying clients I'm working on at once.