125 votes
Framework: Location (GeoIP) Blocking
Implement a mechanism to allow definitions based on GeoIP/location, which can be worked with and referenced.. Allows for blacklisting in Mail by country, and blocking of certain types of traffic in the packetfilter. Eg, it might be used to automatically drop/block all traffic from "China&quo... more
Status:
planned
This is planned for ASG V8.000
weismanm
The greatest benefit will come from having the most flexibility.
I like Cameron's comments.
I need this feature to be flixible so that I can apply it to any service (smtp, http(s), ftp, etc.
I also like the suggestion about nested groups (i.e. asia, vs russia). If the logic follows the same set up as the NIC's (apnic, afinic, etc...) that would be great.
Mario Rossi
Nice feature, but in this way the time spent in geo-localization slow down the rules execution, isn't it?
wingman
is this planned for v7 or v8?
BarryG
I also feel this should not just be for anti-spam. I currently have definitions and rules to block http(s) from many countries as well.
BrucekConvergent
I have to agree w/ BarryG, the majority of my customer's ASGs deflected spam are originating from Europe, Korea, and China. Most of them don't do any business out of the U.S.
kwyrick
Just because SOME companies do business with Chine doesn't imply everyone wants to get attacked by them. The proposal wouldn't be limited to China, but could include ant country. My customers don't do business outside my state. Being able to block ANY or ALL other countries would be great for me.
Sascha Paris
Why is everybody here talking only about spam. Antispam feature of Astaro is IMO ok as it is. I would like to have the geo ip blocking option as simple way to block attacks to my network at low level, so that Astaro rejects or drops connection attempts from these sources. A lot of Intrusion attempts here are sourced by chinese, russian and some american servers. Because I don't have contact to most of these countries, it would be a simple and effective way to prevent attacks from such sources.
Alan Toews
People wishing to just stop email by country can do this now using RBLs. Just google for country code rbl and you should find a few hints.
Cameron Byers
Not necessarily just for spam control on the GeoIP. Many ecommerce sites are country specific and would like to limit the connections to their online shops to a specific country only. As such an IP range should be selectable for either allow or deny access to your webserver.
BarryG
BTW, my proposal below won't work well without nested groups (which is another feature request here).
Simon Shaw
I get a lot of spam from China and Eastern block, but USA is usually listed at #1
Anyhow, I just don't think it's that critical an item to be listed so high, but, thats my personal opinion and what voting points are for :) Cheers.
BarryG
Simon, I'm getting a LOT of spam from "Eastern Block" countries.
BarryG
ISTM the best way for Astaro to implement this would be to use the GeoIP data (already in Astaro for reporting), create an interface allowing countries to be checked... once they're checked, definitions and groups should be automatically added to Network Definitions.
Then, the user could create rules to block those countries using those defs.
*When GeoIP data is updated, the NetDefs should be automatically updated.*
Simon Shaw
Waste in my opinion, considering many businesses are now working with companies like China. Most spam seems to originate in the USA these days!