Milter-greylist

d d wrote:
 > Dropping the following in firewall:
 > 
 > 187.0.0.0/8
 > 189.0.0.0/8
 > 200.0.0.0/8
 > 201.0.0.0/8

That list is incomplete.  Please have a look at this list:

http://www.iana.org/assignments/ipv4-address-space/

It seems you want to block all LACNIC networks.

 > eliminated 80% of SPAM connections. I have no business in Brasil or
 > from Brasil, so I will keep these iptables rules. These are nasty
 > spam depots, blocking class C's did not help at all since they tried
 > to send the same email from different /16's -- and even /8's.
 >
 > Is this the right way? I don't really care. Works for me. Sorry for
 > friends in Brasil.

Well, it's your decision to do that.  If you don't have any
users that care, then go for it.

However, blocking hole /8 networks is not a good idea in
general.  Those networks that you mentioned above are
handled by LACNIC, so most of their blocks are assigned
to South American and Latin American countries (Mexico,
Argentina, Colombia, Brazil etc.).  You're definitely
*NOT* blocking Brazil only, but a whole continent.

Also note that assignments can change at any time.
When IPv4 addresses for a certain RIR run short, blocks
from a different RIR that still has enough space might
be used.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Gesch\ufffdftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht M\ufffdn-
chen, HRB 125758,  Gesch\ufffdftsf\ufffdhrer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"C++ is to C as Lung Cancer is to Lung."
        -- Thomas Funke