Practical limit on the number if IPFW rules
I'm running a small web and email server on 32-bit FreeBSD version 9.0.
I just moved my email domains from another internet service provider, who had really great spam blocking. Now I'm seeing a lot of spam traffic coming from outside the United States. My first reaction is to block everything outside of the U.S., but that seems to be the most rule intensive, so I found a list of the U.S. IP addresses, which would require 42,445 rules. Would that size rule set be too much? If, so, does anyone have a better way?