[nSLUG] SPAM fighting proposal

Dop Ganger nslug at fop.ns.ca
Tue Jul 8 12:54:02 ADT 2003


On Tue, 8 Jul 2003, George White wrote:

> http://newsforge.com/print.pl?sid=03/07/02/0347225
>
> The key idea is to only accept mail from servers with MX records
> in the DNS -- which means the DNS will need to better protected.
> Good idea for a local filter too.  Has anybody checked to see
> what fractions of legitimate and spam mail come from servers with
> MX records?

It's fairly low, but I don't think this is a valid solution. First, as
noted in the article, this screws up anyone who has inbound and outbound
SMTP separated onto different machines. Secondly, I don't think it would
be a major issue for spammers to set up DNS's with MX records pointing at
the thousands of open proxies they may be using. Thirdly, with gangs out
there targetting corporate machines (eg, cyberangels.nl, as was) it just
means more spam will be pumped through apparently valid machines anyway.

Our head office only accepts mail from servers that resolve, and that have
a valid MX record. It tends to cause more trouble than it's worth,
realistically. RBLs do the trick for me most of the time; I configured a
client's mail system yesterday and their spam level dropped considerably
(I think the figure was something like 2000 dropped connections and 8
spams that made it through in the first 24 hours of operation).

Cheers... Dop.




More information about the nSLUG mailing list