Autor: Exim List Data: A: Marc Haber CC: exim-users Assumpte: Re: [exim] how do I block mail to local domains except SMTP auth
ortrusted source?
Marc Haber wrote: > On Tue, 7 Oct 2008 10:41:45 +0300, "Mike Barnard"
> <mike.barnardq@???> wrote:
>> On Tue, Oct 7, 2008 at 6:46 AM, Exim List <eximlist@???> wrote:
>>> We have a machine with several domains. The MX record for these domains
>>> is pointed to a spam filter appliance.
>>>
>>> Alas, spammers don't play fair. They choose to connect directly to the
>>> IP address(es) of the domains on the box and still send their spam that
>>> way.
>> you lost me there.... if the the MX records are the spam filter
>> appliances... how did they get the IP addresses of the actual smtp
>> servers...
>
> Most probably, the spam filter appliances are new and the MX records
> used to point to the actual SMTP servers. Some Spamware comes with a
> list of IP addresses to deliver to and doesn't care about MX records
> to speed up delivery, so their data base might be outdated, which is
> an advantage for the Spammer in the OP's case.
My experience is that some spammers look for mail.* and simply try to
connect directly to that.
When you are dealing with a brand new startup, you can plan around that.
When you are dealing with legacy domains and legacy customer bases,
especially in acquisitions, you can't force a bunch of changes, at least
all at once.