How to Block Foreign Spam

  • 7019724
  • 24-Jun-2008
  • 07-Aug-2017


GWAVA 4 (all builds) for NetWare and Linux


Spam messages with foreign characters not being blocked


GWAVA will automatically block a lot of spam messages that use non-standard character sets (as of build 100), which will cut down on a lot of foreign spam.  Here are a few other options for blocking these messages:

1)  Blocking foreign IP ranges

Although GWAVA isn't currently able to block a range of IP addresses, many firewalls and gateways will.  You want to block IP address ranges from foreign countries that you don't do business with.  Many customers will block IPs using the GroupWise Internet Agent (GWIA).  Foreign IP ranges can be found on the internet.  A huge percentage of spam comes from Russia and China.  This would be a good place to start, then you can add other country ranges as appropriate for the spam that you're getting.

Blocking spam before GWAVA even gets it can reduce your system load dramatically

2)  Blocking foreign domain extensions

Source address filters are a good way to block spam where the domain name is constant (eg,, etc.).  With most modern spam, the domain name will vary, but a lot of foreign spam will use a foreign domain extension (eg - this is an example of a Russian domain).  Creating a source address filter for *.ru will block any message with that extension.  A list of domain extensions for other countries can be found on the internet.

3)  Blocking foreign character sets

Every message coming from the internet has a MIME file, which uses a particular character set.  US-ASCII is a common character set.  If you know the character set that is being used in the foreign spam, you can block it using a MIME filter in GWAVA.  Here is snippet from a MIME file as an example:

Subject: GWAVA message restriction digest
Date:  26 May 2008 10:00:04 BET
Content-Type: multipart/alternative;

This is a multi-part message in MIME format.

Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

In this example, the pertinent line is:  '...charset=US-ASCII'.  Check your spam.  If a foreign or obscure character set is being used, then block it with a MIME filter.  In this specific example, you could also implement Step 2 and create a source address filter for *.br

See also these related articles:

Training GWAVA 4 -

Additional Information

This article was originally published in the GWAVA knowledgebase as article ID 287.