Fake MX records
Richard Frovarp
Richard.Frovarp at sendit.nodak.edu
Mon Jul 23 15:03:35 IST 2007
Martin.Hepworth wrote:
> Just seen this..
>
> http://wiki.apache.org/spamassassin/OtherTricks (Fake MX Record)
>
> on the SA-users list.
>
> Looks very useful, anyone here using this technique?
>
We run a firewalled lowest MX. This machine only receives mail from the
state gov't, k12, and higher ed networks in the state. I have seen at
least one problem with this setup and have had to add an additional IP
to let a poorly designed external system talk to this machine. This
system only tries the lowest IP, then fails after 2 hours. Systems like
this might have an issue with a fake lowest as well. I don't know how
useful it is in stopping spam. We haven't seen a drop in number reaching
our 3 standard machines. However, it does allow mail from our users to
pass through very quickly, as spam attacks don't affect this machine.
We're issuing a tcp-reset so the impact on systems communicating with us
is minimal, as they don't have to wait for a timeout.
Richard
More information about the MailScanner
mailing list