Re: [anti-spam-wg] Domains with MX set to localhost



----- Original Message ----- From: "der Mouse" mouse@localhost

Hi Mouse,

As I remarked upthread, an MX record isn't capable of containing
anything but a FQDN, so the second item must really mean something else
(like "in a nonexistent TLD").


FYI:

$ dig -t mx tester.hovland.be

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19023
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 5

;; QUESTION SECTION:
;tester.hovland.be.             IN      MX

;; ANSWER SECTION:
tester.hovland.be.      8064    IN      MX      5 mail.


# ping -ainet6 mail
PING mail.hovland.be (::1): 56 data bytes
64 bytes from ::1: icmp_seq=0 ttl=64 time=0.158 ms
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.15 ms

So mx for tester.hovland.be points to the mailserver of whatever domain your machine is under as long as the hostname mail.yourdomain.com exist.

If not then it seems too easy for a registry to scan the zones of all
the names it knows about to look for these telltale indicators and
compile a list of spam domains.

I am not exactly sure what you mean, but there are several firms with internal mailservers pointing the MX to perhaps 192.168.1.200 or whatever. They are not spammers (but you might want to reject mail anyway).


J