I have been using the method of fake lowest MX record to reduce zombie-originated spam. An example is illustrated as follows :
1H IN MX 10 fake.mymail.com
1H IN MX 20 realmx.mymail.com
The fake record of MX=10 can either be undefined or can point to a dead IP address.
Legitimate sending email servers will get the error and retry the MX=20 and deliver the email successfully with some delay. Zombie spam will not try MX=20 and just move on to the next victim.
The above has a shortcoming that zombie might try deliver to the IP address read from the highest MX record (usually backup server) on the assumption that the backup mail server has less anti-spam features. A more careful setting is :
1H IN MX 10 fake.mymail.com
1H IN MX 20 realmx.mymail.com
1H IN MX 30 fake.mymail.com
Some have reported that the fake lowest MX and highest MX records working together can reduce 90 % of zombie spam.
More information on this method is in http://wiki.apache.org/spamassassin/OtherTricks
No comments:
Post a Comment