So I've been fighting spam at work for a little while now trying to get ahead and, until recently, I hadn't had much luck. It seemed like a losing battle.

I'm sure most of you hear the same thing from your end-users... "I received a ton of spam mails today!" Come to find out, they received a whopping 4 in their inbox when they got in this morning. It apparently kills them to click the delete button this many times, so they feel the need to complain to IT.

On our end, we typically just ignore it, and point them to their junk box which typically contains thousands of junk emails for the past 30 days that didn't get to their inbox.

Yet still, they just don't seem to comprehend how much spam is actually blocked. I know at our company, for the past few months our spam filter has recorded blocking upwards of 5 million spam emails per month. We're not that big of a company, so I can't imagine what others must see.

We had added all of the possible updates to our spam filter, turned up the aggressiveness, and still we were receiving complaints. I attempted to try and block the top spammers at our firewall, but this was a pretty crappy task and made me want to pull my hair out each day sitting and recording all the new IPs. Finally I thought I had a great idea... since we don't do business in country X, why don't I just add all the network ranges for that country into the firewall instead.

This worked out pretty well... until I found out the firewall has a limit to how many I could add. So, I thought my battle against spam was over... Spam 1, Bill 0.

Enter PeerGuardian2 by Phoenix Labs

A co-worker stumbled upon this little utility called PeerGuardian and said that it could block both inbound and outbound traffic by simply giving it a list of IP addresses or ranges. Awesome!

With a little help of countryipblocks.net, I had a pretty good list of IP ranges for every country.

I installed this utility, gave it my list, and it immediately went to work blocking IP addresses from China, Russia, Spain, etc. The only problem at this point was that it stopped running as soon as I logged out. Not a problem. A quick search and there are some perfect instructions for installing as a service.

Our spam filter intake has decreased from an average of 10-15K spam emails/hour, to under 1K an hour, and still decreasing. I continue to find new IPs not listed on countryipblocks.net, but as soon as I do, I toss it into my list and easily block the whole range.

Anyway, it's a great little tool (though no direct relation to hacking) and I'm just excited that I've finally got a better handle on the inbound spam. Sorry for such a long post

BillV

edit: forgot to note that this is a free, open-source utility and supported on Windows 98, ME, 2000, XP, and 2003, in 32-bit and 64-bit.

No problem

If your intent is to block spam then you'll want to put it higher up the chain. In my case, our mail works as follows...

Internet -> Firewall -> Spam Filter -> Exchange Server

I installed PeerGuardian onto the Spam Filter server. This way, it doesn't even get to the Exchange server, so much less processing of junk