[Mimedefang] MX ->

Les Mikesell les at futuresource.com
Tue Sep 13 08:31:59 EDT 2005

On Tue, 2005-09-13 at 07:07, Kenneth Porter wrote:

> > Well, the same effort in to detect "bad" MX hosts can be performed by
> > ratware, hence, this technique can last for short while only, perhaps the
> > usefullness is gone by now.
> The 2nd best solution is to use "black hole space" for the last MX, IP 
> space guaranteed to not have a host. This ensures that the spammer has to 
> time out the connection. But it means that the timeout is only as long as 
> the stock TCP SYN timeout.
> An even better solution is to point to a host that tarpits port 25 
> connections. Such a host accepts the connection, but then turns the TCP 
> feed into a trickle, effectively forcing the spammer to tie up the 
> connection forever. (You can install a netfilter module on Linux called 
> "TARPIT" for this purpose.)

Those are slightly more reasonable.  It is bound to happen that some
machines attempting to send to you will have cached the DNS lookups
but temporarily lose their internet connectivity even if your
MX hosts are always up and available.  They'll still find  Still, I doubt if it is worth the trouble.  Serious
spammers won't run out of resources.

  Les Mikesell
     les at futuresource.com

More information about the MIMEDefang mailing list