Autor: Alan J. Flavell Data: A: Exim users list Assumpte: [exim] Spammers keep lists of MX long after DNS MX has been deleted
This might be well known, but we've noticed that spammers must be
keeping lists of old MX entries, long after we've considered the
associated email domains to be obsolete and have deleted the MX
entries in the DNS.
The background to this is that at an earlier time, after introducing
new forms of address but before we rated the old domains as obsolete,
we had set up some transitional arrangements in the mailer to deliver
the older forms of address; and that machinery was still present in
our exim configuration, even after we'd later deleted the MX records
for the old domains and *thought* we were finished with them.
Then we found that spams addressed to these old domains (if not
rejected by our other anti-spam measures) was leaking in, long after
their MX records had been deleted in the DNS, and was being delivered
under our now-unwanted transitional arrangements, if you see what I
mean.
Consequently, I'd advise anyone who is trying to phase out obsolete
email domain(s) which they previously serviced, that they should not
only delete the domain's MX record, but also take some positive action
in the mail server to reject the obsolete domain(s). In our case,
we're now doing this test explicitly, based on a list of the names of
the email domains which we have obsoleted (rather than looking for MX
records for our own domains in the DNS, I mean).