Re: [exim] Spam engine note

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MChris Thompson at <-
MTony Finch at ->
Delete this message
Reply to this message
Author: Chris Edwards
Date:  
To: exim-users
Subject: Re: [exim] Spam engine note
On Mon, 20 Dec 2004, Chris Thompson wrote:

| One thing about that domain name is that it has A records refering to
| the hosts that used to accept mail directly, as well as the MX record
| that now points only to the central switch. I have often wondered whether
| there are spam engines that try A records before (or instead of) MX
| ones, in the same way that they try higher-numbered MX records before
| (or instead of) lower-numbered ones.

Almost certainly.

ISTR some of the viruses did this. Probably just randomly tried all the A
and MX records they could find for a domain.

Which goes to show the non-MX hosts need to be firewalled for port 25, or
have some means of blocking such attempts, such as an Exim ACL.

--
Chris Edwards, Glasgow University Computing Service


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Date Stamp DisappearsRe: [exim] Date Stamp Disappears->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)