Why the mail error for domains I don't host?
Mark Sergeant
msergeant at snsonline.net
Sun Feb 20 21:27:08 PST 2005
On 21/02/2005, at 14:36, Bill Vermillion wrote:
> The door open and in walked trouble - disguised as our our old
> nemesis Blake Swensen, who uttered, at Sun, Feb 20, 2005 at 19:27 :
>
>> sendmail[93922]: j1L2kZa5093920: SYSERR(root):
>> mx1.distinguish.com. config error: mail loops back to me (MX
>> problem?)
>
>> I know everyone has seen this message at least once in their
>> life from improperly configured sendmail. However, my log is
>> filling up with these messages for domains I do not host.... and
>> when I dig the mentioned host, it always resolves to localhost
>> (127.0.0.1). This happens over and over again on for domain
>> after domain. Are there really that many unskilled admins who
>> publish their mail server's address as localhost, or is this
>> some sort of hack that I should worry about?
>
> I won't call myself unskilled - but I have one domain that
> in desperation I set the MX record to localhost.
>
> I was running about 300,000 spam messages PER DAY to that domain.
>
> Removing the MX record entirely cut me down to 25,000 to 50,000
> per day - as people would send the spam to the IP of the
> web server. [both web and MX are on that one machine for a few
> domains].
>
> I know it's not supposed to be done, but I did this in
> self-defense.
>
> The domain in question has been coming up #1 in Google, MSN, and
> other search engines for the past 5 or so years - because it's
> on of those domains that has a great name.
>
> During the height of the dot-com boom the owner was offered
> $250,000 for the domain - $10K in cash in the rest in stock - which
> was the sign of the times then.
>
> We're heading toward our peak which is typically March - and that's
> about 7000 sessions/day and about 325,000 hits/day.
>
> Sorry if this site is giving you problems, but I'm open to any
> suggestions that will keep the spam away and the 127.0.0.1
> is the only one I could come up with.
127.0.0.2 maybe, I can't think that many boxes will actually have that
bound (apart from my laptop but thats a different matter entirely !).
>
> None of the other domains is set up this way - and all the mail
> we host is for commecial sites - with no end-user/home accounts
> at all.
>
> Bill
>
> --
> Bill Vermillion - bv @ wjv . com
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
>
More information about the freebsd-isp
mailing list