Re: [exim] [off-topic] Using low-priority DNS MX record as s…

Top Page
This message is part of the following thread:
M-+\the complete thread tree sorted by date
M\MMMarc Perkel at <-
MMIan Eiloart at ->
Delete this message
Reply to this message
Author: John Hall
Date:  
To: exim users
Subject: Re: [exim] [off-topic] Using low-priority DNS MX record as spam trap
On 10/21/06, gdub <a507@???> wrote:

> Any thoughts on the idea of dedicating a
> host or interface as a trap by giving it
> the lowest priority MX record?

I have a second IP on the same interface as my primary MX and in the
same /29, so if someone connects to it, then there really is no reason
why they could not have connected to the primary. To be extra safe I
just defer all connections on that interface.

I have a scheme where misbehaving IP addresses get a cumulative score
attached, which is incremented by various amounts for different
misbehaviours. Over a certain score and they get blacklisted for a
number of hours. Connected to the lowest MX gets them pretty close to
the blacklist score.

When I originally added the interface I reckoned it cut the amount of
spam by one third. It is harder to tell now that I have the
blacklisting scheme. However, chances are by the time that IP address
has given up on the secondary MX and gone to the primary it is already
blacklisted.

regards,
John


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] [off-topic] Using low-priority DNS MX record as spam trapRe: [exim] Exim + SRS->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)