LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Advice on Anti-Spam Strategy/Blocking Software

[ILUG] Advice on Anti-Spam Strategy/Blocking Software

John Kavanagh jkavanagh at newbay.com
Fri Nov 9 12:15:20 GMT 2007 

Hi,

My quick 2-cents (pre-caffination)

I did find the best approach to this obscure anti-spam defence ,was to
have an bogus MX at the highest and lowest  MX priority  

I got some stats a few months back from a spam tarpit I built and
discovered that spammers tend to go for either the highest or lowest MX
prioirity and nothing else. (I only had a small sample set though) . Or
maybe I should say that I "felt" my anti-spam defence was optimal when I
adopted this approach.

If an MTA is non-RFC compliant then it really shouldn't be taken into
account. The rules are ther for a reason, despite the business reality.

John


On Fri, 2007-11-09 at 11:20 +0000, Rob Gallagher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 09/11/2007, Jimmy Tang  wrote:
> >
> > have people tried no-listing? setting up the primary mx record such that
> > it *does not receive mail* at all, and working on the assumption that
> > a real mailer will fall back to the secondary(s) to try and send the mail, where
> > in the case of a spammer they are less likely to try again on the secondary which
> > will do your usual filtering if you need/want it to.
> >
> 
> Spammers will often bypass the primary MX entirely in the hope that
> the secondary has more lax filtering policies, which is often the
> case.  Also, there are many MTAs out there that do not behave like
> "real mailers" or as we would like them to behave (ie: RFC-compliant),
> and may react badly to something like no-listing.
> 
> On the face of it, no-listing *seems* like a good idea but if you sit
> down and think about it its really just security through obscurity and
> creates more potential problems than it solves.
> 
> rg
> 
> - --
> rob.gallagher (at) gmail.com || www.spoofedpacket.net || PK: 0x1DD13A78
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (FreeBSD)
> Comment: http://firegpg.tuxfamily.org
> 
> iD8DBQFHNEJ6iSgypR3ROngRArt3AJ4iGM67SQowv2EJEFvVivxqlF+XNQCgjcgm
> 4SmToWCvwMUiVo6wAot7WKM=
> =XX2A
> -----END PGP SIGNATURE-----
-- 
John Kavanagh
Operations Engineer

NewBay Software Ltd.                    
The Academy, 42 Pearse Street,       
Dublin 2, Ireland.    
Tel: +353 1 635 0700                     

www.newbay.com

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell