Re: [exim] Spam engine note

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MChris Edwards at <-
MChris Edwards at ->
Delete this message
Reply to this message
Author: Chris Thompson
Date:  
To: exim-users
CC: Philip Hazel
Subject: Re: [exim] Spam engine note
Philip Hazel <ph10@???> writes:

> On Fri, 17 Dec 2004, John W. Baxter wrote:
>
> > This actually makes sense, I guess, in that it saves the spam engine the
> > need to make numerous DNS queries, which might make discovery more likely.
> > But it also means you can "dodge" some of the spam engines by playing games
> > with changing your MX IP addresses now and then, provided customers don't
> > connect to the MX machine(s).
>
> In April 2003 we changed the MX records for the hosts I use for email so
> that incoming mail was directed via our central servers (that do spam
> checking). We still see a lot of direct connections (that we reject, of
> course). It is not yet 10 a.m., and there have already been over 1000
> today.

One thing about that domain name is that it has A records refering to
the hosts that used to accept mail directly, as well as the MX record
that now points only to the central switch. I have often wondered whether
there are spam engines that try A records before (or instead of) MX
ones, in the same way that they try higher-numbered MX records before
(or instead of) lower-numbered ones.

I suppose to decide between my conjecture and John's we would have to
try changing the IP addresses. Not sure I want to propose that just
before Christmas ...

Chris Thompson
Email: cet1@???


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] SMTP loggingRe: [exim] SMTP logging->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)