Re: [Exim] Kool Spam Catching Trick

Top Page
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Marc Perkel
CC: exim-users
Subject: Re: [Exim] Kool Spam Catching Trick
> I had a brilliant idea to catch a lot of spam and it seems to work.

Sorry, I had the same idea except I was planning on locking out anyone who
hits the secondary w/o touching the primary. It was a littlemore complex.
Primary would refuse all mail (defer) and secondary did the work. Most
spammers never try 2 times or more. So, spam that hits primary is defered
(never try again), spam hits secondary w/o touching primary was flat out
refused, any message that hits primary first, then secondary was accepted.

I never did this as I only have 1 IP per computer. I also know some brain
damaged servers will send mail to the first found MX ignoring priority.

# mx animx.eu.org
animx.eu.org            MX      0 ani.animx.eu.org
animx.eu.org            MX      10 veg.animx.eu.org
# mx animx.eu.org
animx.eu.org            MX      10 veg.animx.eu.org
animx.eu.org            MX      0 ani.animx.eu.org
#


I think aol.com had such brain damaged servers. I forgot whoelse so this
wouldn't work correctly.

> What I did was set a secondary MX record to be another IP on the same
> computer as my primary email server. I had noticed that some spammers
> often will email the secondary rather than the primary MX believing that
> the secondary has less filtering. In my case there never is a time when
> the secondary is up and the primary is down. So - anything coming into
> the secondary is spam.
>
> I did a test and it seems to work. I searched my spam pile and had 8907
> matches on the secondary. But searching the ham pile I got 0 matches.
>
> The only issue is if I were really down for some time I might want to
> disable this trick for a few hours after coming back up.


If you're really using 2 IPs on the same machine, if you're down, BOTH are
down.

--
Lab tests show that use of micro$oft causes cancer in lab animals