Craig Carriere wrote:
Matt wrote:
First - use dummy MX records. Real mail retries. Botnet and must
spammers don't. It's easier for them to try to spam someone else than to
fight your filter. MX config is as follows:
dummy - 10
real - 20
real-backups - 30
dummy - 40
dummy - 50
dummy - 60
Currently I have mail.mydomain.com as 10. Can I just change that to
20 and add mail5.mydomain.com as 10 but not have an IP associated with
mail5.mydomain.com or will that cause trouble?
Matt
Are you sure about this approach? Most of what hits our backup server,
listed at a higher MX record, is spam. I was, and am, under the
impression that many spambots are set to fire at higher MXs under the
assumption that admins might not spend as much time on the anti-spam
set-up of this servers.
Yes - the trick works two ways. If the spambots hit the high server then
there's nothing there and they go on. If they hit the lowest numbered
server they also get nothing and go on. A real server will hit the
lowest number MX and get nothing and then retry and get the second
lowest one which is real.
The trick relies on the idea that spambots unlike real server won't walk
the MX order looking for the real server. If I were a spammer I would
think it easier to move on to the next email address than to try to
fight a good spam filter.
