Le 03/02/2011 22:51, Adam Moffett a écrit : > >> That's good. The only useful list (BogusMX) can be discovered without >> querying rfc-ignorant anyway. Just get the MX records for the sending >> domain (which are almost certainly in cache) and make sure they resolve >> to real IP addresses. >> >> We reject domains that publish MX records in 127/8 or the RFC 1918 >> networks. Out of 3.7 million recent messages, we have rejected just >> over 26,000 for this reason. There may be FPs, but no-one has >> complained and anyone who publishes such an MX record IMO deserves >> to be banned. >> >> Regards, >> >> David. > > That's an interesting point of view. It was suggested on this list > fairly recently to publish a fake secondary MX as a way to reduce spam. > The stated reason being that some spamming software hits the backup MX > first and if that doesn't work will give up without trying any others. > > I realize that can be done without using a 127 or RFC 1918 address, but > some people are doing it that way. > > Out of curiosity, did you start blocking those because you saw that as a > pattern in spam email or is it more a matter of principle? >
I'd say both. we're in war against spammers. if non-spammers take a spammer attitude, then they are part of the problem. if you want to catch silly ratware, then - make your MX different from the A of your domain. some ratware will connect to your A record. - change your MX from time to to time. some rateware resolves the MX before deployment - setup a real "second" MX that defers all mail. sure you'll also block qmail, but is that really a problem?
