Results 1 to 4 of 4
  1. #1
    Join Date
    Mar 2008
    Posts
    33

    Observation & question : spamming without DNS

    I would like someone more knowledgeable perhaps explain this.

    I have an email address on my own domain that has existed for about 4 years now. About 5 weeks ago, the VPS it were on died and so the email went unresolved for about 3 weeks. I then transferred to a new VPS, and set up the email. About a week later, I moved again.

    I left up the 2nd VPS for DNS propagation to take place. What interest me is that the server is still running about a week later, and the email server is still getting spam messages directed to it. So somehow, the spams are being send to the old IP, with a valid recipient, even when the most stubborn of DNS cache should have updated by now.

    So it seems (some) spammers are just capturing email address and the IP for the server, storing it, and mass spam straight to those IPs instead of resolving the server.

  2. #2
    Join Date
    Jul 2002
    Location
    Directadmin Core
    Posts
    770
    Yep, IP spam is getting more and more common.
    http://www.hostpc.com
    DirectAdmin servers for hosting, resellers and your dedicated needs.
    Hosting, Resellers, Dedicated Managed and Unmanaged servers
    Hosting since 11/98 - Specializing in DirectAdmin since 8/03

  3. #3
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    DNS Stuff offers DNS Traversal
    This tool is essentially similar to the "dig" tool and is more advanced than our nslookup. When you change your name servers and need to verify your changes are being seen throughout the world the traversal tool looks at what each root server is returning. If any are not correct then all subsequent DNS servers that look up your domain from that root server are going to be getting incorrect information.
    which might help you see which ones still need to be updated

  4. #4
    This concept is no different than someone who would take a "snapshot" of the WHOIS database (contrary to ICANN or Netsol rules), and 6 months later market the heck out of it. Surely in 6 months many of the Admin/Tech/Billing contacts would have been updated already, but they are working on "old" information.

    Similarily, some spammers will have old cached data, and they will continue to blast away spams to the email config that might be a month or three old.

    There is nothing you can do when your on the receiving end, other than notice the phenomenon.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •