Message Board

Bugs & Development

Older Posts ]   [ Newer Posts ]
 Honeypot MX vs recursive lookups
Author: R.Ringer   (4 Feb 08 11:38am)
It seems like some (all?) spambots are not smart enough to find the IP for the Honeypot MX on a DNS that does not allow recursive lookups. My DNS log reports show a large number of lookups for mx5.mtaemail.com failing because it's not authoritative for the domain mtaemail.com and doesn't forward. On on one hand, it's nice to see so many attempts to send spam failing, but then again, the Honeypot isn't getting the data.

As a band-aid, I greated an in-domain A record with the IP address of mx5.mtaemail.com. I don't think this is really a good idea, but I couldn't come up with a better solution.

Any thoughts?
 
 Re: Honeypot MX vs recursive lookups
Author: B.Jameson   (22 Mar 14 1:24pm)
Isn't there a danger of exposing most donated domains and mx records by spammers who might simply look up all mx for all emails in their lists and skip those where one or more mx are pointed to *mtaemail.com? Or if their sending programs just skip any *mtaemail.com upon handshake?
 
 Re: Honeypot MX vs recursive lookups
Author: E.Langheinrich   (8 May 14 8:39am)
Just curious, why are the spam bots attempting to use your DNS to resolve the MX records?



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–24, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email