John Rudd wrote:
mouss wrote:
Kai Schaetzl wrote:
Rense Buijen wrote on Wed, 22 Aug 2007 16:43:19 +0200:
I didn't know that a backup MX can lead to more trouble then having
just one
Unfortunately, backup MXes attract spammers :-(. You could at least
add some more backup MXs (that don't exist) on top of that, that may
help to reduce the influx on the real one.
Using bogus MX records is a very bad idea. Google for bogusmx and for
check_sender_mx_access.
So, how exactly does "using bogus MX records" differ from "nolisting"?
Because, the latter does seem to generally be thought of as a rather
good anti-spam technique (it only catches spammers and a few very odd
non-RFC compliant MTAs that don't check all MX records). If you have
a one or more valid MX records, and one or more non-responsive MX
records, then only non-RFC complaint MTAs will have a problem with
that. We shouldn't care about the cases which break non-RFC compliant
MTAs, as they're only used by morons.
Further, how does check_sender_mx_access differ from Sender Address
Verification (SAV)? (where SAV is an INCREDIBLY bad idea, and a blight
upon the internet)
(meaning: if check_sender_mx_access is just the postfix name for SAV,
then we not only shouldn't avoid techniques that break
check_sender_mx_access, we should all openly adopt techniques that
break check_sender_mx_access as a means to further remove the SAV
blight from the internet)
I have to disagree. Sender Address Verification works very well and is
definitely not a blight on the Internet. I welcome it on my servers. If
someone is sending email using one of my domains I want people verifying
the sender addresses. That way spam that is spoofing my domains won't
get delivered.
