Marc Perkel wrote:
> My theort is that spam zombies do DNS caching so as to maximize spam
> output by eliminating dns lookups. Thus zombies retain old information
> far longer than they are supposed to.
>
> So I'm experimenting with a blaclisting trick where I change my fake
> high MX records, wait several hours, and then anything that hits the old
> fake MX records are spam zombies.
Your theory is flawed. Many many large ISPs ignore TTLs and
overagressively cache DNS records.
--
Martin A. Brooks | http://www.antibodymx.net/ | Anti-spam & anti-virus
Consultant | martin@??? | filtering. Inoculate
antibodymx.net | m: +447896578023 | your mail system.
