Fun new policy at AOL
Iljitsch van Beijnum
iljitsch at muada.com
Fri Aug 29 16:32:24 UTC 2003
On donderdag, aug 28, 2003, at 20:10 Europe/Amsterdam, Paul Vixie wrote:
>> Play with DNS MX records like QMTP does.
> here are at least two problems with this approach. one is that an mx
> priority is a 16 bit unsigned integer, not like your example. another
> is that spammers do not follow the MX protocol, they deliberately dump
> on higher cost relays in order to make the victim's own inbounds carry
> more of the total workload of delivery. (additionally, many hosts do
> more spam filtering on their lower cost MX's than on their higher cost
> (backup?) MX's, and the spammers know this, and take advantage of it.)
Yes, that's why I don't use my ISP's servers as MX for my domains
anymore. Having fallback MXes that only queue the mail for a while
don't provide any real benefits anyway.
But how about this: in addition to MX hosts, every domain also has one
or more MO (mail originator) hosts. Mail servers then get to check the
address of the SMTP server they're talking to against the DNS records
for the domain in the sender's address. Then customers who use an email
address under their ISP's domain have to use the ISP's relay, while
people with their own (sub) domain get to use their own.
For AOL and the likes this would also help against spam as they can
rate limit incoming mail from unknown domains. Spammers are forced to
register new domains all the time in addition to having to find
abusable IP addresses so hopefully life for them will be a little more
miserable too.
(Could reuse MX for this if a new RR is too much hassle, but large ISPs
don't use the same SMTP servers for incoming as for outgoing.)
More information about the NANOG
mailing list