nanog mailing list archives
RE: DNS question, null MX records *summary of on list and off list replies*
From: Eric J Esslinger <eesslinger () fpu-tn com>
Date: Tue, 15 Dec 2009 11:51:29 -0600
A. Use a valid domain mapped to an unroutable or loopback instead of the . I've decided to use 127.0.0.1 B. Set spf -all, for those who bother to check that to stop inbound mail from your domain. Already had that in place C. Donate the spam to someone who would use it. I can't donate the existing incoming email due to privacy concerns, however, project honeypot uses subdomains (foo () bar example com) for it's spam traps and wants unused subdomains so it's traps will be 'clean to start'. I'll see if I can get that done. D. Expect some spammers to detect any MX strangeness you use and bypass it in favor of your A record. Understandable, and none of the referenced records in the DNS files accept mail from outside, connections are silently dropped at the firewall. This is just an attempt to cut the mess coming in because of the A record down in size. E. Set up an actual mail server routing all mail to /dev/null. I'd rather just drop the traffic rather than have another service to maintain/secure/update __________________________ Eric Esslinger Information Services Manager - Fayetteville Public Utilities http://www.fpu-tn.com/ (931)433-1522 ext 165 -----Original Message----- From: Eric J Esslinger [mailto:eesslinger () fpu-tn com] Sent: Tuesday, December 15, 2009 9:18 AM To: 'nanog () nanog org' Subject: DNS question, null MX records I have a domain that exists solely to cname A records to another domain's websites. There is no MX server for that domain, there is no valid mail sent as from that domain. However when I hooked it up I immediately started getting bounces and spam traffic attemtping to connect to the cnamed A record, which has no inbound mail server (It's actually hitting the firewall in front of it). (The domain name is actually several years old and has been sitting without dns for a while) I found a reference to a null MX proposal, constructed so: example.com IN MX 0 . Question: Is this a valid dns construct or did the proposal die? I don't want to cause people problems but at the same time, I don't want any of this crap to even attempt to deliver on this domain to any of my servers. This message may contain confidential and/or proprietary information and is intended for the person/entity to whom it was originally addressed. Any use by others is strictly prohibited.
Current thread:
- Re: DNS question, null MX records, (continued)
- Re: DNS question, null MX records Douglas Otis (Dec 16)
- Re: DNS question, null MX records Paul Vixie (Dec 16)
- Re: DNS question, null MX records Douglas Otis (Dec 16)
- Re: DNS question, null MX records Paul Vixie (Dec 16)
- RE: DNS question, null MX records Jay Mitchell (Dec 18)
- Re: DNS question, null MX records Tony Finch (Dec 17)
- Re: DNS question, null MX records Douglas Otis (Dec 17)
- Re: DNS question, null MX records James Hess (Dec 17)
- Re: DNS question, null MX records Mark Andrews (Dec 17)
- Re: DNS question, null MX records Tony Finch (Dec 18)
- Re: DNS question, null MX records *summary of on list and off list replies* Phil Vandry (Dec 15)