Autor: Chris Thompson Data: A: exim-users CC: Philip Hazel Assumpte: Re: [exim] Spam engine note
Philip Hazel <ph10@???> writes:
> On Fri, 17 Dec 2004, John W. Baxter wrote:
>
> > This actually makes sense, I guess, in that it saves the spam engine the
> > need to make numerous DNS queries, which might make discovery more likely.
> > But it also means you can "dodge" some of the spam engines by playing games
> > with changing your MX IP addresses now and then, provided customers don't
> > connect to the MX machine(s).
>
> In April 2003 we changed the MX records for the hosts I use for email so
> that incoming mail was directed via our central servers (that do spam
> checking). We still see a lot of direct connections (that we reject, of
> course). It is not yet 10 a.m., and there have already been over 1000
> today.
One thing about that domain name is that it has A records refering to
the hosts that used to accept mail directly, as well as the MX record
that now points only to the central switch. I have often wondered whether
there are spam engines that try A records before (or instead of) MX
ones, in the same way that they try higher-numbered MX records before
(or instead of) lower-numbered ones.
I suppose to decide between my conjecture and John's we would have to
try changing the IP addresses. Not sure I want to propose that just
before Christmas ...