spamassassin not lethal anymore
James B. Byrne
byrnejb at harte-lyne.ca
Thu Jan 12 23:07:16 UTC 2017
On Wed, January 11, 2017 20:34, Russell L. Carter wrote:
> On 01/11/17 17:24, Kurt Buff wrote:
>> Snippety snip...
>> A secondary MX that refuses mail when the primary is up and running
>> foils one of the favorite tactics of spammers - they will often
>> the secondary MX because those are often not as up to date with
>> anti-spam measures. Most spambots try one MX, one time only.
>> Many spambots will try that secondary MX, get refused with a 4xx
>> error, and not bother to try the primary MX at all.
>> It can be a big win, in the right situation.
> Ah. Awesome. How do I do that?
If you have control over your forward zone DNS then you can simply
create a bogus MX record with a lower priority (higher number) than
any of your real MX records.
example.com. 172800 IN MX 30 mx30host.example.com.
example.com. 172800 IN MX 50 mx50host.example.com.
example.com. 172800 IN MX 70 mx70host.example.com.
example.com. 172800 IN MX 90 mx90host.example.com.
;# mx90host.example.com. is not real - no listener at this address.
mx90host.example.com. IN A 192.168.0.90
There is nothing listening at 192.168.0.90 on port 25 so the spammer
generally just goes away.
If you wish to get fancy then you can honey-pot the source address
instead. The assigned address could be your own or be one of the
public junk mail submission addresses a la project honeypot. Just
make sure to clear this redirection with the intended recipient before
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the freebsd-questions