So, why do we care about the IP addresses of SPAMMERS?
Simply put, SPAM is not just junk mail cluttering your email inbox, stealing your time as you sift out the important pieces. SPAM is vandalism, assault, and theft wrapped into one neat little package and deposited into your inbox, several thousand times a day. However, just like Prohibition, it is a phenomena too large for even an organization the size of the US government to adequately address.
So what to do about SPAM? The short answer is invest in quality, reliable Internet Security software as recommended back in January. Often, these packages come with some default setting to assist in trimming your SPAM right away. They even come with a “learning mode” that ask if some questionable emails are really legitimate. Of course, in the early days of this training mode, it can feel like having a three year old in your lap each time you check your mail. But take heart, eventually the programs progress to teenagers, stop asking questions and start doing what they darn well please.
So what about the IP addresses of SPAMMERS? Unfortunately, most consumer-based Internet Security software is designed around identifying SPAM based on the email alias that you recognize as “email@example.com”, or some variation thereof. Heartier SPAM filtering software identifies the offender by his IP address and learns or is taught to keep them away based on that IP address. Since the average PC user does not have a background in computer systems architecture and digital communications telephony, these programs tend to be run only by professional organizations. That does not mean you cannot use a SPAMMER's IP against him.
Taking the lesson from my column in Laura's January 28 newsletter, you know from where your favorite SPAMMER resides. He will have an address something like 22.214.171.124. Should you venture out to the website http://ws.arin.net/cgi-bin/whois.pl and plugged that number in for a search, you would get something like the following.
OrgName: RIPE Network Coordination Centre
Address: P.O. Box 10096
NetRange: 126.96.36.199 - 188.8.131.52
RIPE is a clearing house for assigning IP addresses to businesses in Europe and the Middle East. A complaint to them about a SPAMMER might get a shrug. There are similar sites for Southeast Asia, the African continent, and Central and South America. The important information is two fold. First, the message originated, or was routed, from overseas - this assumes your reading this from some place other than Europe or the Middle East. Second, the NetRange value of 184.108.40.206 – 220.127.116.11 tells from what neighborhood. You could go to the RIPE website and find the company to whom the IP address block is assigned, but, again, it serves no purpose.
For our purposes, we use the firewall networking settings that are part of our Internet Security software to ensure that he never invites himself into you computer, at least not from that neighborhood. Go into your computer's firewall settings and find the Networking Settings. Find the list of Restricted addresses and Add to it the IP range as listed above from NetRange. Once you have added this range of IP addresses to you firewall's list of bad addresses, you have effectively blocked any of the nearly 17 million computers from that neighborhood from tinkering with your PC. Of course, there are still over 4 billion more addresses, meaning you would need to add another 255 such entries to eliminate everyone. However, eliminating everyone is not as important as eliminating the SPAMMERS.
We put security systems in our homes, key locks on our houses and automobiles, passcodes on our electronic files, and our important papers and possessions go into vaults and safety deposit boxes. None of these precautions are a guarantee against loss of theft. Rather they are exercises in self protection. Configuring the your computer’s firewall is just another such exercise.