OT: spammers using temporary dns?
Antony Stone
Antony at SOFT-SOLUTIONS.CO.UK
Mon Dec 29 16:11:31 GMT 2003
On Monday 29 December 2003 3:59 pm, Furnish, Trever G wrote:
> I have a feeling that this is an ignorant question and my mind is just in a
> stupor from the holidays, but I'm still stumped so I'll go ahead and ask
> it...
>
> Anyone noticed spammers using temporary dns records? By "temporary", I
> mean *really* temporary - ie only a few minutes of existance.
I can't say I've noticed this myself, but as you say, it takes a fairly
specific setup at your end of the system to be able to notice it...
> Besides, I'm not sure what the
> motivation would be for the spammer - if you can successfully get the dns
> records created for your sender domain, why bother making them short-lived?
Sounds to me like they're trying to come up with a mechanism which passes the
"does DNS seem to work okay" tests, but which can't be (easily) blacklisted
because names and/or IPs keep on changing. If they don't do the DNS
records, they'll get rejected for non-compliance, but if they leave them in
place, the server/domain names will get blocked.
That's my interpretation, anyway...
Antony.
--
Most people are aware that the Universe is big.
- Paul Davies, Professor of Theoretical Physics
Please reply to the list;
please don't CC me.
More information about the MailScanner
mailing list