> See example, how work ISPIP : > > 999.99.99.9 -- my secondary MX IP > mailserver.good.net -- my secondary MX
Correct; that's also why I play a little trick with my MX records; nothing "magic" nor really new, mind me, the whole thing is called "MX sandwich" or "nolisting" and is explained here http://wiki.apache.org/spamassassin/OtherTricks http://nolisting.org/ to coarsely explain it, let's say you own the domain "example.com" and let's also say that your domain has the following MX setup in DNS @ IN MX 10 mx01.example.com. mx01 IN A 192.0.2.30 now, willing to implement the "sandwich" you'll need to have two additional (public) IP addresses; for this example we'll assume they're 192.0.2.10 and 192.0.2.50; now, you start by ensuring that port 25/TCP on 192.0.2.10 is filtered (aka drop all requests), next, you install on the box which will sit on 192.0.2.50 a "fake MX" that is a program (or script/whatever) which will answer to connection to port 25/TCP emulating a regular SMTP server but which will always reply with a "4xx service temporarily unavailable" when receiving the "DATA" command; once the critter will be installed you may publish its port 25/TCP and then modify your DNS to look this way @ IN MX 10 mx00.example.com. @ IN MX 20 mx01.example.com. @ IN MX 50 mx99.example.com. mx00 IN A 192.0.2.10 mx01 IN A 192.0.2.30 mx99 IN A 192.0.2.50 that's all, now a bunch of spam-spitting bots will hit your MX00 and MX99 and your real SMTP server (MX01) will have less workload :D then ok, the trick may be "expanded" by adding more "fake MX" and/or rotating the records from time to time so that the "good server" will change but that's totally optional and should be carefully evaluated; on the other hand, the "vanilla setup" (as above) works quite well ;) Note: it would be interesting to consider the option to let ASSP handle the "fake MX" task; basically for such a setup we'd need some additional config parameters (fake MX IP:port) so that the same box hosting ASSP may then have two IP addresses, one will be the one on which ASSP *serves* traffic, the other will act as a Fake MX (as seen above); this may allow ASSP to collect further data on connecting IPs and improve filtering; for example, if a host directly connects to the FakeMX port *without* first attempting the regular MX port (look at the MX preference above) then its IP may be considered "suspicious" (at least) ;-) > P.S. How about Collect Address in Youre non-ASSP ? Uh ?!? Sorry I'm at loss here, could you please expand the above a bit ? ------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812 _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
