Home page logo
/

nanog logo nanog mailing list archives

Re: DNS question, null MX records
From: Bill Stewart <nonobvious () gmail com>
Date: Mon, 4 Jan 2010 16:34:39 -0800

On Tue, Dec 15, 2009 at 7:46 AM, Eric J Esslinger <eesslinger () fpu-tn com> wrote:
So in any case, due to customer privacy concerns we feel we can't do that.

If you don't want to handle email for the long-obsolete customer
accounts, but just don't want to send that mail to anybody else, it's
pretty easy to run a teergrube or other tarpit system to trap any mail
addressed to the A-record.  These systems basically accept mail
v.e.rrrr.yyyyy....s....l.....o...w...l..yyyyy so that spammers can
waste their time talking to your tarpit instead of to somebody who
cares, and so you can trap their IP addresses and potentially block
them or use them to support your other spam-blockers if you want.
You don't need a high-performance machine because all the users are
spammers and you're *trying* to give them bad service.  (Some
variants, like LaBrea, are used for connection attempts to
non-existent machines - they'll send a syn-ack so the attacker thinks
he has a successful 3-way handshake, which slows down scanning
attacks.)

If you do want to accept mail for the long-obsolete customer accounts,
so you can give them a proper human-readable rejection message, you
may need to customize.   It looks like Exim supports that, though I
haven't tried it.

-- 
----
             Thanks;     Bill

Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.


  By Date           By Thread  

Current thread:
  • Re: DNS question, null MX records Bill Stewart (Jan 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault