[Mimedefang] Soliciting opinions on filtering based on bad MX records
Stephen Smoogen
smoogen at lanl.gov
Thu Sep 11 18:33:01 EDT 2003
On Thu, 2003-09-11 at 15:55, Michael Sims wrote:
> > It's a method of getting back at spammers...
> > spammers try to mail my server which rejects them, so they figure
> > they'll try my next MX record which points back to them. Hehehe. Fun.
>
> In my experience, domains that have an MX record that points to loopback
> usually are direct spam sources, or they don't want to receive ANY mail.
> See my reply to Kenneth Porter's post for my reasoning. Pointing one of
> your own MX's to loopback might be fun, but it could cause you to lose
> legitimate mail, IMHO...
>
Going through a long list of bounced SPAM email this week.. I would have
to agree with you. A good many of them have 127.0.0.1 as their MX so
that at least postmaster will get the email. The second thing is that
some of the bugs I have looked at do not use MX records at all to send
out their spam. They seem to parse through mboxes to look at relays that
have been used in the past to try and forge emails back.
--
Stephen John Smoogen smoogen at lanl.gov
Los Alamos National Labrador CCN-5 Sched 5/40 PH: 4-0645 (note new #)
Ta-03 SM-1498 MailStop B255 DP 10S Los Alamos, NM 87545
-- So shines a good deed in a weary world. = Willy Wonka --
More information about the MIMEDefang
mailing list