[Mimedefang] OT: Blocking because of MX to 127.0.0.1

Paul Murphy pmurphy at ionixpharma.com
Tue Mar 9 10:30:54 EST 2004


> I can't email anyone at SBC as the mail bounces back because 
> my lowest pref MX record points to localhost.
> Are they being stupid or am I?

Using the DNS to impose punitive processing on remote systems is OK in theory,
but in practice it only works where you have multiple valid MX hosts followed by
a dead one, or where the last one is a valid system which has no mail server
listening.

As you've found, ISPs who see exponential growth in their logs and bounced
messages because someone has given localhost as their fallback MX host are
likely to take action, and in the same way I'd expect that in time other
non-standard uses of DNS will suffer from similar detection and prevention
methods.

Instead, point the secondary MX to another IP you own, but which is either
unused or which doesn't have an SMTP server running.  Spammers will get a RESET
packet and give up, while ISPs will get a RESET, queue the mail, and try the
primary MX when it is available again.  Alternatively, it may be worth trying
the private address ranges, 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 as per
RFC1918, especially the 192.168 range, as ISPs are highly unlikely to use
private addresses, or if they do, will use the Class A address for scalability.
These are likely to be unrouteable, so will fail without even the single packet
exchange which my scheme uses.

Best Wishes,

Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA

Tel. 01223 433741
Fax. 01223 433788

_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they
are addressed.  If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________ 



More information about the MIMEDefang mailing list