spamd and low priority MX

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

spamd and low priority MX

Thuban
Hello,
I ran into the spamd "-M" flag in the manpage, and I'm not sure to understand
it correctly.

On the server with the highest priority (lower MX), I must set "-M nn.nn.nn.nn"
where nn.nn.nn.nn is the IP of a lower priority MX ?
If there is more than one backup MX (lower priority), does the -M flag can be
called more than once ?

Am I wrong ?

Regards.

thuban

Reply | Threaded
Open this post in threaded view
|

Re: spamd and low priority MX

Craig Skinner-3
Hi Thuban,

On Sat, 2 Mar 2019 09:20:42 +0100 Thuban wrote:
> On the server with the highest priority (lower MX), I must set "-M
> nn.nn.nn.nn" where nn.nn.nn.nn is the IP of a lower priority MX?

Where nn.nn.nn.nn is the public IP of a fake backup MX server,
which *DOES* have an SMTP daemon running,
which 450/451 soft defers _ALL_ mail.


> If there is more than 1 backup MX (lower priority), does the -M
> flag can be called more than once?

Just once, e.g:

<hostmaster@palm:~ 0>$ dig Britvault.Co.UK MX +short
12 smtp.Britvault.Co.UK.              <--- real primary MX
144 mx-backup.smtp.Britvault.Co.UK.   <--- real backup MX
666 highlisting.smtp.Britvault.Co.UK. <--- fake backup MX


The fake's public IP address needs to be another IP address,
on a real MX machine (an alias or another network port).



This sort of fake DNS MX record is called highlisting.
(Works well with greylisting.)

Having a fake primary DNS MX record is called nolisting.
(Practically has to be on the real primary MX server.
Doesn't work great with greylisting.)




Greylisting is in between no & high listing. But it doesn't need more
DNS records, more public IP addresses, a deferring daemon, nor TCP
rejection on port 25. Yet it does introduce delays.

There is also unlisting...


All these tricks reduce spam, and all have operational problems.



Nolisting + highlisting is a viable alternative to greylisting:

Primary MX only:        57%  (DNSBL:    98%)
MX backup only:         20%  (DNSBL:    90%)


Nolisting + multiple fake highlisters killed 98% of spam for this bloke:
http://blog.whitesites.com/Stop-Spam-with-fake-MX-records__633764658986714568_blog.htm




Some articles to read:-

http://wiki.apache.org/spamassassin/OtherTricks
http://wiki.junkemailfilter.com/index.php/Project_tarbaby
http://nolisting.org/
https://en.wikipedia.org/wiki/Nolisting
http://www.junkemailfilter.com/spam/how_it_works.html




Cheers,
--
Craig Skinner | http://linkd.in/yGqkv7