On Tue, Dec 15, 2009 at 7:46 AM, Eric J Esslinger wrote:
> So in any case, due to customer privacy concerns we feel we can't do that.
If you don't want to handle email for the long-obsolete customer
accounts, but just don't want to send that mail to anybody else, it's
pretty easy to run a teergru
mpany with about 150 mboxes, and I receive no
less than 1.5mill spam emails a month for it.
-Original Message-
From: Paul Vixie [mailto:vi...@isc.org]
Sent: Thursday, 17 December 2009 11:48 AM
To: na...@merit.edu
Subject: Re: DNS question, null MX records
Douglas Otis writes:
> If MX
On Thu, 17 Dec 2009, James Hess wrote:
> Other tricks may be more obscure, will be less obvious that you don't
> want mail, and may look like a mistake -- you might even get visitors to
> your domain contacting you to report the broken MX record.
I think that's true with the suggestions in the re
In message <6eb799ab0912172126g1eac7e49ve8f803552f6db...@mail.gmail.com>, James
Hess writes:
> On Thu, Dec 17, 2009 at 6:54 AM, Tony Finch wrote:
> > On Wed, 16 Dec 2009, Douglas Otis wrote: > more polite to use a nonexisten
> t name that you control, but that doesn't allow the source MTA to
On Thu, Dec 17, 2009 at 6:54 AM, Tony Finch wrote:
> On Wed, 16 Dec 2009, Douglas Otis wrote: > more polite to use a nonexistent
> name that you control, but that doesn't allow the source MTA to skip
> further DNS lookups
If you want to be kind, point the MX to an A record that resolves to
On 12/17/09 4:54 AM, Tony Finch wrote:
On Wed, 16 Dec 2009, Douglas Otis wrote:
To avoid server access and hitting roots:
host-1.example.com. IN A 192.0.2.0
host-10.example.com. IN A 192.0.2.9
example.com.IN MX 0 host-1.example.com.
example.com.IN MX 90 host-10.example.com.
This is
On Wed, 16 Dec 2009, Douglas Otis wrote:
>
> To avoid server access and hitting roots:
>
> host-1.example.com. IN A 192.0.2.0
> host-10.example.com. IN A 192.0.2.9
>
> example.com. IN MX 0 host-1.example.com.
> example.com. IN MX 90 host-10.example.com.
This is not very good from the point of vi
Douglas Otis writes:
> Agreed. But it will impact providers generating a large amount of bounce
> traffic, and some portion of spam sources that often start at lower
> priority MX records in an attempt to find backup servers without valid
> recipient information. In either case, this will not ca
On 12/16/09 4:48 PM, Paul Vixie wrote:
Douglas Otis writes:
If MX TEST-NET became common, legitimate email handlers unable to
validate messages prior to acceptance might find their server
resource constrained when bouncing a large amount of spam as well.
none of this will block spam. spamme
Douglas Otis writes:
> If MX TEST-NET became common, legitimate email handlers unable to
> validate messages prior to acceptance might find their server
> resource constrained when bouncing a large amount of spam as well.
none of this will block spam. spammers do not follow RFC 974 today
(since
On 12/16/09 4:08 PM, Joe Abley wrote:
On 2009-12-17, at 00:02, Douglas Otis wrote:
To avoid server access and hitting roots:
host-1.example.com. IN A 192.0.2.0
>> ...
>> host-10.example.com. IN A 192.0.2.9
example.com. IN MX 0 host-1.example.com.
>> ...
>> example.com. IN MX 90 host-10.
On 2009-12-17, at 00:02, Douglas Otis wrote:
> To avoid server access and hitting roots:
>
> host-1.example.com. IN A 192.0.2.0
> ...
> host-10.example.com. IN A 192.0.2.9
>
> example.com. IN MX 0 host-1.example.com.
> ...
> example.com. IN MX 90 host-10.example.com.
This will still cause DN
On 12/16/09 3:59 AM, Tony Finch wrote:
On Wed, 16 Dec 2009, Mark Andrews wrote:
Douglas Otis wrote:
One might instead consider using:
example.com.IN MX 0 192.0.2.0
IN MX 10 192.0.2.1
...
IN MX 90 192.0.2.9
Which wil
On 2009-12-16, at 20:44, Brian Dickson wrote:
> So, how about using sink.arpa. as a(n) MNAME?
That was another imagined use of SINK.ARPA.
> Or perhaps, one of the hosts listed in AS112?
My personal opinion is that there's an operational need for some people to
receive an explicit reply from A
I realize we're a bit off-topic, but to be tangential to the original topic,
and thus barely relevant:
(Presuming the "sink.arpa." thing succeeds, big presumption I realize...)
So, how about using sink.arpa. as a(n) MNAME?
Or perhaps, one of the hosts listed in AS112?
Maybe a new AS112 entry t
In message <167cab40-71d7-4bf9-988a-1a188b433...@hopcount.ca>, Joe Abley writes
:
>
> On 2009-12-15, at 19:09, Tony Finch wrote:
>
> > On Tue, 15 Dec 2009, Florian Weimer wrote:
> >> * Eric J. Esslinger:
> >>=20
> >>> I found a reference to a null MX proposal, constructed so:
> >>> example.com
On Wed, 16 Dec 2009, Mark Andrews wrote:
> Douglas Otis wrote:
> >
> > One might instead consider using:
> >
> > example.com.IN MX 0 192.0.2.0
> > IN MX 10 192.0.2.1
> > ...
> > IN MX 90 192.0.2.9
>
> Which will expand to:
>
> exam
On 2009-12-15, at 19:09, Tony Finch wrote:
> On Tue, 15 Dec 2009, Florian Weimer wrote:
>> * Eric J. Esslinger:
>>
>>> I found a reference to a null MX proposal, constructed so:
>>> example.comINMX 0 .
>>
>> I think this is quite controversal.
>
> My impression from discussions on vari
On 2009-12-15, at 15:45, Dave Sparro wrote:
> On 12/15/2009 10:17 AM, Eric J Esslinger wrote:
>> I found a reference to a null MX proposal, constructed so:
>> example.comINMX 0 .
>>
>> Question: Is this a valid dns construct or did the proposal die? I don't
>> want to cause people probl
On Tue, 15 Dec 2009 11:51:29 -0600, Eric J Esslinger wrote:
> B. Set spf -all, for those who bother to check that to stop inbound
> mail from your domain.
You might as well also add a DKIM ADSP policy with "dkim=discardable".
Similar to your SPF policy, it announces that no unsigned mail (or
no ma
In message <4b284376.3000...@mail-abuse.org>, Douglas Otis writes:
> On 12/15/09 8:06 AM, Andy Davidson wrote:
> > Eric J Esslinger wrote:
> >> I have a domain that exists solely to cname A records to another domain's
> websites.
> > [...]
> >> I found a reference to a null MX proposal, construct
On 12/15/09 8:06 AM, Andy Davidson wrote:
Eric J Esslinger wrote:
I have a domain that exists solely to cname A records to another domain's
websites.
[...]
I found a reference to a null MX proposal, constructed so:
example.comINMX 0 .
[...]
Question: Is this a valid dns construct or
I disagree. There was considerable concern with a misuse of a mechanism and its
effect on various systems. That, from discussion on the IETF mailing list I was
on when it was discussed there. There was no rough consensus that I could see.
On Dec 15, 2009, at 2:09 PM, Tony Finch wrote:
> On Tue
On Tue, 15 Dec 2009, Florian Weimer wrote:
> * Eric J. Esslinger:
>
> > I found a reference to a null MX proposal, constructed so:
> > example.comINMX 0 .
>
> I think this is quite controversal.
My impression from discussions on various IETF lists is that most people
think it is a good ide
A. Use a valid domain mapped to an unroutable or loopback instead of the .
I've decided to use 127.0.0.1
B. Set spf -all, for those who bother to check that to stop inbound mail from
your domain.
Already had that in place
C. Donate the spam to someone who would use it.
I can't donate the existing
Eric J Esslinger wrote:
> I have a domain that exists solely to cname A records to another domain's
> websites.
[...]
> I found a reference to a null MX proposal, constructed so:
> example.comINMX 0 .
[...]
> Question: Is this a valid dns construct or did the proposal die?
It's "valid", b
I've had a couple of off-list comments already about using it as/donating it to
a spam trap; That is a good idea and I actually thought of that.
However, the address was formerly used for email addresses for our customers
and for our business (some 10 years ago it was registered, but has not ha
On 12/15/2009 10:17 AM, Eric J Esslinger wrote:
I found a reference to a null MX proposal, constructed so:
example.comINMX 0 .
Question: Is this a valid dns construct or did the proposal die? I don't want
to cause people problems but at the same time, I don't want any of this crap to
e
On Dec 15, 2009, at 10:17 AM, Eric J Esslinger wrote:
> I have a domain that exists solely to cname A records to another domain's
> websites. There is no MX server for that domain, there is no valid mail sent
> as from that domain. However when I hooked it up I immediately started
> getting bou
* Eric J. Esslinger:
> I found a reference to a null MX proposal, constructed so:
> example.comINMX 0 .
I think this is quite controversal. The best approach still seems to
be an SMTP rejecter on a dedicated IP address.
--
Florian Weimer
BFK edv-consulting GmbH ht
Hello,
You could use:
Local.example.com. IN A 127.0.0.1
Example.com.IN MX 10 local.example.com.
This way systems shouldn't deliver it at your system.
What you did mention is something we don't allow our customers to do (if I
am correct).
With kind regards,
Ma
31 matches
Mail list logo
