Autor: Peter Bowyer Data: A: exim-users Assumpte: Re: [Exim] @mx_any and 127.0.0.1
Philip Hazel <ph10@???> wrote:
>
> And finally, to satisfy my curiosity: what on earth do you suppose the
> above set of records is supposed to achieve?
I can answer that one...
To address the tendency of spamware to attack higher-numbered MXs first, in
the belief that the servers on the end of these might be less strict about
what mail they accept.
For instance, if an ISP provides an MTA for backup MX for its customers,
that server is likely to have little knowledge of valid address within the
target domain. It might not use strict RBL checking for fear of FPs and
inability to apply different profiles to different customers. And if it
doesn't use callout verification for recipients, it will end up with all the
spam addressed to invalid addresses.
This belief is probably true in many cases - although whether the
probability of the spam actually getting delivered to a mailbox and read by
someone is increased, I doubt. It lets the spammer get rid of the mail
quickly with less risk of tarpits, content scanning, RBLing etc.
So a highest-number MX of something odd is a (in this case, misguided)
attempt to confuse the spamware.