Chris and I have such public email addresses that I think we get more spam than 99% of the general population. Last week Chris was going through the spam, inspecting it headers, message, etc. The one thing about spam is that they all have a link. To get a response, they try to get you to a website. Well, at least from our own set of spam messages, it seems that a majority of the email either comes from or goes to China.
So we were thinking about quick ways to eliminate half our spam with this information. One idea is to scan messages and resolve the domain names of the links inside. If they go to China, then delete. We have the ability to convert IP addresses to geographic locations (post in the admin forum to see an example, or if you have a forum, your can check out your stats with the flash-based world map that plots it for you).
Then today, when using that same statistical plot of country data on a world map, we noticed that we have hardly any Chinese traffic this month. We have been officially censored and blocked! Yet the damn spam keeps coming! Just when our blood was about to boil, we got an idea. The block is on just an IP address. So we revered the IP address of our web and email servers.
Guess what? Now the half million Chinese can talk about whatever they want again. And China blocked a large chuck of our spam. Not the zombies across the USA, but a good chunk that actually came from China.
Now who want to write a Spamassassin 3.0 module that will delete messages with links that point to China (or anywhere else of your choosing)?
Welcome back our Chinese friends!
N54/Steven Roussey/My Weblog