>From: Rob Gunther <[email protected]> >Sent: Sunday, March 5, 2017 12:32 AM >To: [email protected] >Subject: Yahoo - Can't figure out a server is down? >We have run our servers with a decoy, our MX records have been like >this for 10+ years:
>mx0.example.com >mx1.example.com >mx2.example.com You didn't give the real domain that is pointing to these mail servers or the MX priorities so we can't help much. There is no reason to obfuscate your domain or real mail servers since the spammers have very sophisticated ways to find this info and already know it. Plus this is not giving away any major secret anyway. >mx1 & mx2 are real servers. mx0 is nothing, it points to an IP address >that is controlled by us but there is no server. >The concept being that some spammers attempt that server, get >nothing and don't bother trying any other server. Common practice on a high MX. I do this too but I have a real mail server setup with a short delay then it always temp fails the message. >This has been fine for a decade. My mail relays have been doing temp fails too for a very long time on the high MX server but this is a little different since your mail server mx0.example.com apparently doesn't respond at all but we can't check for sure since you didn't give the real server names. Are you doing any greylisting on the real low priority mail servers? This can cause issues if using a high MX "honey pot" setup like this. I have my postfix configuration excluding certain sending IPs from greylisting. For example, Google mail servers send from different IPs all of the time when retrying so they must be excluded from greylisting. Dave
