You can always do a country lookup from APNIC that will give you all of the IP's assigned to China (or any other country that regional registrar manages).

http://www.apnic.net/apnic-bin/ipv4-by-country.pl?country=CN

I wrote a script a while back that parses that list and creates an access-list for country blocking. Maybe I'll put it online one day.

At least that's how us network folk do it.

its not an absolute. but if you count on subdomains working for your users, you will be disappointed.

And if you think only spamming happens from China, you haven't compared the current account balances of the U.S. and China lately ;).