nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: DNS question, null MX records *summary of on list and off list replies*

From: Eric J Esslinger <eesslinger () fpu-tn com>
Date: Tue, 15 Dec 2009 11:51:29 -0600
A. Use a valid domain mapped to an unroutable or loopback instead of the .
I've decided to use 127.0.0.1
B. Set spf -all, for those who bother to check that to stop inbound mail from your domain.
Already had that in place
C. Donate the spam to someone who would use it.
I can't donate the existing incoming email due to privacy concerns, however, project honeypot uses subdomains (foo () 
bar example com) for it's spam traps and wants unused subdomains so it's traps will be 'clean to start'. I'll see if I 
can get that done.
D. Expect some spammers to detect any MX strangeness you use and bypass it in favor of your A record.
Understandable, and none of the referenced records in the DNS files accept mail from outside, connections are silently 
dropped at the firewall. This is just an attempt to cut the mess coming in because of the A record down in size.
E. Set up an actual mail server routing all mail to /dev/null.
I'd rather just drop the traffic rather than have another service to maintain/secure/update


__________________________
Eric Esslinger
Information Services Manager - Fayetteville Public Utilities
http://www.fpu-tn.com/
(931)433-1522 ext 165



-----Original Message-----
From: Eric J Esslinger [mailto:eesslinger () fpu-tn com]
Sent: Tuesday, December 15, 2009 9:18 AM
To: 'nanog () nanog org'
Subject: DNS question, null MX records


I have a domain that exists solely to cname A records to another domain's websites. There is no MX server for that 
domain, there is no valid mail sent as from that domain. However when I hooked it up I immediately started getting 
bounces and spam traffic attemtping to connect to the cnamed A record, which has no inbound mail server (It's actually 
hitting the firewall in front of it). (The domain name is actually several years old and has been sitting without dns 
for a while)

I found a reference to a null MX proposal, constructed so:
example.com    IN    MX 0 .

Question: Is this a valid dns construct or did the proposal die? I don't want to cause people problems but at the same 
time, I don't want any of this crap to even attempt to deliver on this domain to any of my servers.



This message may contain confidential and/or proprietary information and is intended for the person/entity to whom it 
was originally addressed. Any use by others is strictly prohibited.
Previous By Date Next
Previous By Thread Next

Current thread: