Daryl C. W. O'Shea wrote:
> Marc Perkel wrote:
>> I'm trying out a new idea for blacklisting hosts. I have several
>> email servers for processing spam. These servers service my lowered
>> numbered MX records. I also have several dummy mx records that are
>> higher numbered than my real servers. So in theory no one should ever
>> hit the higher numbered servers. Especially when the IP addresses are
>> on the same server as the lower numbered MX.

>
> Nobody except for users of Domino, Blackberry, and who knows how many
> other business mail platforms that send mail to whatever MX they feel
> like.
>
>
>> Who thinks this is interesting?

>
> Apparently you do. Sorry Marc, couldn't resist. This is pretty
> old news though. You've even brought it up yourself at least once,
> but probably five times, before.
>
>


I've brought up the idea of using high numbered fake MX records several
times and it's very effective. What's new here is that I'm powering my
public hostkarma blacklist database in part by the IP addresses that
make multiple attempts to send email to high numbers mx records when low
numbered mx records are available. In the last 7 hours I get 145000 hits
that I've recorded. And checking the dnsstuff lookup a lot of these IP
addresses aren't listed with anyone but me.