Often I hear that one should block spam email based on content match rather than IP match. Sometimes even that blocking Chinese ranges in particular is prejudiced and racist. Allow me to debunk that after I've been looking at traffic on port 25 with tcpdump for several weeks now, and got rid of most of my incoming spam too.

There are these spamhausen that communicate with my mail server as much as every minute.
- biz-smtp.com
- mailing-expert.com
- smtp-shop.com

All of them are Chinese. They make up - rough guess - around 90% of the traffic that hits my edge nodes, if not more.

The network ranges I've blocked are apparently as follows:
- 193.106.175.0/24 (Russia)
- 49.64.0.0/11 (China)
- 181.39.88.172 (Ecuador)
- 188.130.160.216 (Russia)
- 106.75.144.0/20 (China)
- 183.227.0.0/16 (China)
- 106.75.32.0/19 (China)
.. apparently I blocked that one twice, heh
- 116.16.0.0/12 (China)
- 123.58.160.0/19 (China)

It's not all China but holy hell, a lot of spam sure comes from there, given how Golden Shield supposedly blocks internet access to the Chinese citizens. A friend of mine who lives in China (how he got past the firewall is beyond me, and he won't tell me either) told me that while incoming information is "regulated", they don't give half a shit about outgoing traffic to foreign countries. Hence all those shitty filter bag suppliers and whatnot. The Chinese government doesn't care.

So what is the alternative like, that would block based on content? Well there are a few solutions out there, namely SpamAssassin, ClamAV and Amavis among others. The problem is that they're all very memory intensive (especially compared to e.g. Postfix and Dovecot themselves) and that they must scan every email, and keep up with evasion techniques (such as putting the content in an image, or using characters from different character sets t̾h̾a̾t̾ ̾l̾o̾o̾k̾ ̾s̾i̾m̾i̾l̾a̾r̾).

But the thing is, all of that traffic comes from a certain few offending IP ranges, and an iptables rule that covers a whole range is very cheap. China (or any country for that matter) has too many IP ranges to block all of them. But the certain few offending IP ranges? I'll take a cheap IP-based filter over expensive content-based filters any day. And I don't want to be shamed for that.

Long time stalker, but I finally signed up! Maybe I have dragged it out to not get too addicted, but it seems like that plan has failed.. ;)

Now for the question:
Can anyone recommend a VPN provider (well, functionally proxy) that works in (South) China these days? Because of the holidays the CCP is blocking everything they can to ensure that.. well let's not get political.

Priorities: Reliability > Privacy > Cost (trial or guarantee would be great though)

Thanks :)

I threw some random android adware i found into a virtual device on my laptop (while swapping like a motherfucker, ofc) and it turns out, aside from the Draw over Other Apps, Install Apps, Location, and Storage permissions, and the blank name/icon, it's an honest-to-God working global ad blocker via VPN. It's shipping your traffic to China and filling your device full of more malware, but it's blocking ads too, so...? Is it worth gutting to remove the bullshit? (Can Android Studio do that?)

when one tool says your site is 200 from chinese IPs, but another says its 403 for the same IPs...

which one is it?

Ok this is either my code, socket.io or China. So I wrote DApp for my crypto project but for some reason our Chinese users have problems using it... So i dig through our code for HOURS! and finally resort to making an AJAX call from the client to a hideous PHP script for logging and what do i find?

For some reason the WebSocket cannot connect. I haven't mapped this so it's only conjecture but I think the GFW is blocking my users connections? (Also using a VPN seems to fix it)

Anyone else had this issue?