1 sept 2006

60% of the spam I receive originates from China and Korea.
I used to drop SMTP packets from these countries using a netfilter
patch I wrote on my linux server.

Now things are different. I have switched to FreeBSD, and I wanted a
scoring system. I run policyd-weight since a week or so, and have been
very happy with its results. But still, I wanted to give rates
according to the country of origin of each email.

So I used GeoIP (www.maxmind.com) "GeoLight Country" (free), and wrote
the following patch.

Instructions for installing GeoIP are very straightforward, and I
think most linux/*BSD distrib will have them in packages or ports.

FreeBSD: cd /usr/ports/net/p5-Geo-IP ; make install clean    (installs
in a few seconds...)

I included a few examples in policyd-weight.conf.GeoIP.patch , just
make sure you use ISO -3166 country codes. You can find the official
list here : Iso.org

Caution : it has only been tested on a low-volume mail server, yet.
Don't put it on a big production server without test.

Give it a try, remarks and critics are welcome.

UPDATE: 02 Aug 2007: updated the patch to the current policyd-weight.
UPDATE: 13 Oct 2008: updated the patch to the current (and probably last) policyd-weight.

PS: it works on Linux Ubuntu. You must install libgeoIP beforehand : 
  aptitude install libgeo-ip-perl libgeoip-dev geoip-bin

Boris HAJDUK