You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by ram <ra...@netcore.co.in> on 2007/08/14 12:07:20 UTC
fake MX records
http://wiki.apache.org/spamassassin/OtherTricks this page mentions
setting up fake MXes
Is this method relevant today too with a lot of spam being relayed
through proper smtp channels
The page says the primary MX should not be accepting connections at all.
Has anyone else tried this , will this cause delay in my mail
Thanks
Ram
Re: fake MX records
Posted by Kai Schaetzl <ma...@conactive.com>.
Marc Perkel wrote on Tue, 14 Aug 2007 14:52:22 -0700:
> So what do you attribute my success in getting rid of all bot spam to?
As I don't know your setup this would be pure speculation. However, as *I*
am not using fake MXs, but several other MTA techniques and see not much
Botnet spam either I would suspect that it's rather the other techniques
that cut it.
On the other hand, I wonder how you can collect so much spam or spammer
IPs (as you claim and I believe it) if no Botnet spam reaches you.
Please, don't use HTML on mailing lists, thanks!
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Re: fake MX records
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
On 8/15/2007 11:46 AM, Marc Perkel wrote:
>
>
> Daryl C. W. O'Shea wrote:
>> On 8/14/2007 5:52 PM, Marc Perkel wrote:
>>>
>>>
>>> Kai Schaetzl wrote:
>>>> Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
>>>>
>>>>
>>>>> I'm using it on 1600 domains and it definitely works. I get not bot
>>>>> spam at all.
>>>>>
>>>>
>>>> I doubt that this is because you have a fake low MX.
>>>>
>>>> Kai
>>>>
>>>
>>> So what do you attribute my success in getting rid of all bot spam to?
>>
>> Perhaps to the other "hundreds or tricks" that you've repeatedly
>> claimed you use to block 99% of spam before it gets to SpamAssassin?
>
> Maybe I have a better idea about what's working on my servers than you
> do. Having fake high and low MX records will get rid of almost all of
> your bot spam. It's that easy.
Maybe, if you weren't just trying to troll, you wouldn't ask for what
others "attribute your success to" and then get all pissy when they respond.
Regardless, if you really believe that you never fail to receive mail
from others attempting to send mail to your customers you're (i) lying
to yourself or simply lack understanding of the reality of the MTA
landscape and (ii) are doing your customers a huge disservice -- more of
a disservice than if you still used a "fake MX" but at least realized
the reality of the consequences that you continuously deny.
Daryl
Re: fake MX records
Posted by Marc Perkel <ma...@perkel.com>.
Daryl C. W. O'Shea wrote:
> On 8/14/2007 5:52 PM, Marc Perkel wrote:
>>
>>
>> Kai Schaetzl wrote:
>>> Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
>>>
>>>
>>>> I'm using it on 1600 domains and it definitely works. I get not bot
>>>> spam at all.
>>>>
>>>
>>> I doubt that this is because you have a fake low MX.
>>>
>>> Kai
>>>
>>
>> So what do you attribute my success in getting rid of all bot spam to?
>
> Perhaps to the other "hundreds or tricks" that you've repeatedly
> claimed you use to block 99% of spam before it gets to SpamAssassin?
Maybe I have a better idea about what's working on my servers than you
do. Having fake high and low MX records will get rid of almost all of
your bot spam. It's that easy.
>
>
Re: fake MX records
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
On 8/14/2007 5:52 PM, Marc Perkel wrote:
>
>
> Kai Schaetzl wrote:
>> Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
>>
>>
>>> I'm using it on 1600 domains and it definitely works. I get not bot spam
>>> at all.
>>>
>>
>> I doubt that this is because you have a fake low MX.
>>
>> Kai
>>
>
> So what do you attribute my success in getting rid of all bot spam to?
Perhaps to the other "hundreds or tricks" that you've repeatedly claimed
you use to block 99% of spam before it gets to SpamAssassin?
Re: fake MX records
Posted by Marc Perkel <ma...@perkel.com>.
Kai Schaetzl wrote:
> Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
>
>
>> I'm using it on 1600 domains and it definitely works. I get not bot spam
>> at all.
>>
>
> I doubt that this is because you have a fake low MX.
>
> Kai
>
So what do you attribute my success in getting rid of all bot spam to?
Re: fake MX records
Posted by Kai Schaetzl <ma...@conactive.com>.
Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
> I'm using it on 1600 domains and it definitely works. I get not bot spam
> at all.
I doubt that this is because you have a fake low MX.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
Re: fake MX records
Posted by Marc Perkel <ma...@perkel.com>.
Kshatriya wrote:
> On Tue, 14 Aug 2007, ram wrote:
>
>> The page says the primary MX should not be accepting connections at all.
>> Has anyone else tried this , will this cause delay in my mail
>
> It almost doesn't work anymore. Better try adaptive greylisting, with
> some whitelists so you don't notice too much of delays.
>
> K.
>
>
I'm using it on 1600 domains and it definitely works. I get not bot spam
at all. I didn't even know what PDF spam was untill I was it discussed here.
Re: fake MX records
Posted by Robert Schetterer <ro...@schetterer.org>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kshatriya schrieb:
> On Tue, 14 Aug 2007, ram wrote:
>
>> The page says the primary MX should not be accepting connections at all.
>> Has anyone else tried this , will this cause delay in my mail
>
> It almost doesn't work anymore. Better try adaptive greylisting, with
> some whitelists so you don't notice too much of delays.
>
> K.
>
fake mx do work, but dont expect to much, as most of the
bots learned to come again to defend greylisting , they also
learned fake mx.
you will have a delay with fake mx but its very small.
In my case i was bombed with connects and fake mx
reduced them about 10 percent , i think these are very old spam bot
variants who still agressing against my very old three letter domain.
I would say fake mx are nice to have , but its not a must have in
antispam these days,
I included reject_unknown_reverse_client_hostname
in my postfix ,this, it seems is very efficient , in my case,i noticed
to block spam mail in early client stage.
Also fail2ban does a good job with dictionary attacks,
for sure you should have all other recommended
antispam settings like reject_unknown_sender_domain etc
including greylisting, policy_weight, spf, dkim
in your mail server.
- --
Mit freundlichen Gruessen
Best Regards
Robert Schetterer
Germany/Bavaria/Munich
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGwa/jfGH2AvR16oERAsbJAJ9iRo0H+YesZN1+fjMXu3iqpL1wFQCdHlUZ
82eAcB03SfJP4j7xuh9NbiU=
=mMcc
-----END PGP SIGNATURE-----
Re: fake MX records
Posted by Kshatriya <ks...@gmail.com>.
On Tue, 14 Aug 2007, ram wrote:
> The page says the primary MX should not be accepting connections at all.
> Has anyone else tried this , will this cause delay in my mail
It almost doesn't work anymore. Better try adaptive greylisting, with some
whitelists so you don't notice too much of delays.
K.