Hmmm... over the years I've run into many instances where short TTLs (and in fact any TTL in some cases) have been ignored by some (many) of the big ISPs - again, sometimes for a month or more (AOL for example) These instances were for A records mostly as things like web sites and ftp sites were moved - but I expect MX records probably get tarred with the same brush.
Now I'm not saying that this isn't an interesting tidbit - but it might cause some problems with the big guys (and some little ones who have misconfigured DNS caches) but "them's the breaks" ;) richard On Wed, 2007-08-29 at 10:23 -0700, Marc Perkel wrote: > As some of you know I get rid of a lot of spam using fake high numbered > MX records. I'm now doing some interesting experiments. Even though my > TTL is only 2 hours I notice that if I change my fake high MX to > different fake high MX that the spam zombies still send email to the old > fake MX records for many days, sometimes weeks. > > My theort is that spam zombies do DNS caching so as to maximize spam > output by eliminating dns lookups. Thus zombies retain old information > far longer than they are supposed to. > > So I'm experimenting with a blaclisting trick where I change my fake > high MX records, wait several hours, and then anything that hits the old > fake MX records are spam zombies. > > Thoughts? > > -- - Richard C. Pitt Pacific Data Capture [EMAIL PROTECTED] 604-644-9265 http://richard.pacdat.net www.pacdat.net PGP Fingerprint: FCEF 167D 151B 64C4 3333 57F0 4F18 AF98 9F59 DD73 -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/