I learned a neat antispam technique from a good colleague of mine on how to help stop spam email coming into your mail host. The goal is to trick spamming mail servers to hit a fake mail server, thus causing them to give up and not attempt a 2nd connection to your true mail server. The technique to accomplish this is to configure your MX records in DNS and rank your “true” mail server lower than your fake one.
Here’s my example below using bind in Linux.
@ IN SOA ns1.estone.ca. hostmaster.estone.ca. (
2015032701 ; Serial
7200 ; Refresh
7200 ; Retry
2419200 ; Expire
10800 ) ; Negative Cache TTL
MX 10 mail1
MX 20 mail
estone.ca. IN TXT “v=spf1 mx -all”
estone.ca. A 22.214.171.124
ns A 126.96.36.199
ns1 A 188.8.131.52
ns2 A 184.108.40.206
www A 220.127.116.11
comm A 18.104.22.168
mail1 A 22.214.171.124Here is the result of a host command:
root@estone:~# host estone.ca
estone.ca has address 126.96.36.199
estone.ca mail is handled by 10 mail1.estone.ca.
estone.ca mail is handled by 20 mail.estone.ca.
Now hopefully when a spam engine mail server attempts to connect to my fake mail1 email server, it will of course fail(because their is no mail service on the mail1 host) and then hopefully give up.