Results 1 to 9 of 9
  1. #1

    Question Spam and MX entries

    Hi,

    Not sure whether this should be in the domain forum or here. As its technical ill try here

    Seems one of my domains i use for email has been misconfigured for over a year - no valid MX entry was set.

    I have however happily been receiving email for the duration of this period. As the the *.site.com was set to the server IP i.e. mail.site.com or anything.site.com would resolve to the actual mail server.

    I noticed this and went about fixing the issue and added a valid MX entry.

    Now i find myself bombarded with SPAM!

    Can anyone explain?

  2. #2
    When you say "no valid MX entry was set", do you mean it was set to something invalid? If so, it may be possible that this error you made somehow thwarted off the spambots...

  3. #3
    When doing an MX entry DNS lookup for the domain the response was No MX records exist.

  4. #4
    Did you add 2 MX entries? Some spammer specifically target the 2nd or higher entry. Otherwise, I can't really say why your spam has suddenly increased.

  5. #5
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,560
    when theres no MX record, the mail will be delivered to (iirc) the first A record. Your spammers will be doing a looking specifically of the MX record, so they'll not find any on your domain and move to the next one. Once you add one, they'll find the change and start the spam

  6. #6
    Hi slidey.

    Yes i had a brief look at the SMTP RFC and it did mention if no MX was found it would attempt to the first A record.

    But surely this defeats the point of MX records?

    My spam levels have literally gone from a hand full a month to 10+ a day.

    Spammers only use MX entries? then lets all remove them? lol

  7. #7
    Join Date
    Apr 2003
    Location
    UK
    Posts
    2,560
    Quote Originally Posted by dan2003
    Hi slidey.

    Yes i had a brief look at the SMTP RFC and it did mention if no MX was found it would attempt to the first A record.

    But surely this defeats the point of MX records?
    it doesnt defeat the point of MX records at all - most people/companies dont put their mailserver(s) anywhere near their webservers or whatever machine happens to be top of the zonefile..

    its just gives an easy way to setup mail..

    My spam levels have literally gone from a hand full a month to 10+ a day.
    havent seen any studies of how this affects spam levels - might be interesting to get some sorta numbers..

    Spammers only use MX entries? then lets all remove them? lol
    again, most people have a system thats managed in a bit more detail than this..

  8. #8
    Join Date
    Dec 2002
    Location
    chica go go
    Posts
    11,858
    I've noticed some spammers ignore MX records, and only send email to whatever the A record indicates the host is at.

    I still get email at my photos.cx server, despite my MX Records being configured for hosted gmail.

  9. #9
    Yes slidey it would be very interesting to see some figures.

    ub3r, i would have thought this to be the case. But from my current experience it would not seem to be.

    If i was a spammer i see 2 strategies :

    1) use A record - more possible hits? (any valid domain), higher chance no mail server exists i.e. wasted resources.

    2) MX entries only - less hits?, more chance of mail server existing i.e. better resource utilisation.

    I am struggling to find more info about this. If anyone has any more suggestions they would be welcomed.

    Domain info afftects spam? e.g. last updated. (mine wasnt updated for over a year).
    Different IP's for records have an impact?
    Multiple MX records? which is chosen?
    .
    ...?

    Thanks for the comments.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •