On Thu, 13 Jun 2013, Alex wrote:
There's anecdotal reports that spammers focus on backup MX hosts in the
hopes they are less-well-protected. You might also try changing the MX
weighting and see if that causes the spam to concentrate on a specific MX
host. That might give you a little more positive control over it.
Yes, I've also heard that before, but thought it was typically based
on MX weight, not just based on the name of the host.
"MX weight" is what I was referring to. The spammers may be using rDNS or
IP sorting or some other method not under your control to pick from a pool
of equally-weighted MX hosts to focus on.
I don't have control over the DNS for this zone, and not sure any one
server could take the bulk of the mail instead of the round-robin load
balancing trying to be achieved with equal weighting.
Assuming the anecdotes are correct, setting one server to a slightly
higher weighting would tend to shift legitimate mail to the other hosts
and spam to that host. "tend to" meaning you'll still get legitimate mail
at the "backup" MX host and spam at the pool of primary MX hosts, ths
balance might just shift some. I wouldn't say this would focus the *bulk*
of your mail on one host, unless you're getting a *lot* more spam than ham
and that spam isn't trivially blockable using Zen or greylisting, both of
which are fairly lightweight.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Yet another example of a Mexican doing a job Americans are
unwilling to do. -- Reno Sepulveda, on UniVision reporters asking
President Obama some pointed questions about
the BATFE Fast and Furious scandal.
-----------------------------------------------------------------------
5 days until SWMBO's Birthday
