Re: Barracuda Spam Filter

[Graham Toal <gtoal () UTPA EDU>]

Jamie A. Stapleton wrote:

> 6.  Knowledge.  These people don't appear to know what they are doing.
> They left mercury.keystone.edu (with IP address 65.209.95.165) as an MX
> record.  Any spammer can find this and attack it without effort.  (See
> below.)
>
> 220 mercury.keystone.edu Microsoft ESMTP MAIL Service, Version:
> 5.0.2195.6713 ready at  Tue, 26 Jul 2005 09:24:36 -0400
there's actually an understandable reason for that.  Many mail systems
by default
will only accept (deliver) mail for which they are the lowest-valued MX,
so by
leaving the final destination mailer listed (with the lowest value,
which I hope this
was), they don't impose a competancy requirement on the clients to
reconfigure
their mailer to be the delivery mailer for a domain which does not MX to
them.

However it equally does impose a competancy requirement that they either
configure their mailer to accept mail from *only* the higher-valued MX
hosts,
*or* get their networking people to block them at the firewall.  Either
of those
is entirely reasonable (we block at the firewall ourselves), but the
downside is
that the lowest-valued MX never responds and senders always have a delay
while backing off to the next lowest value.

This may not be quite as bad as it sounds though, because a significant
number of spammers will back off at that point and you'll never see their
spam, much like an accidentally implemented grey-listing :-)

G