Wandering Thoughts archives


How to irritate sysadmins and give mailers heartburn with your MXes

Here's a simple way to irritate sysadmins and give mail systems some nice heartburn. First, send some email that will bounce or provoke autoreplies (for example, you could be sending email to an address that forwards it to somewhere that will reject it). Next, have the following set of MXes:

; dig +short mx enviodigital2.info.
0 mail1.enviodigital2.info.
5 mail2.enviodigital2.info.
10 mail3.enviodigital2.info.
15 mail4.enviodigital2.info.
20 mail5.enviodigital2.info.
25 mail6.enviodigital2.info.
30 mail7.enviodigital2.info.
35 mail8.enviodigital2.info.
40 mail9.enviodigital2.info.
45 mail10.enviodigital2.info.
50 mail11.enviodigital2.info.

Now, have your machines configured so that most or all of these MXes do not respond to connection attempts on port 25, and certainly none of them accept your email back (temporary SMTP failure codes are ideal here). If you want real bonus points, have some machines accept SMTP connections but then process everything very, very slowly before timing out.

The net result is that any remote system that is foolish enough to send you bounces or other email will take (for a typical Exim configuration) more than a half an hour to handle one pass of trying to deliver a single message back to you. Almost any MTA will try each MX in sequence and each MX will occupy it for multiple minutes before it times out; with 11 MXes this adds up fast. This is a great way to give all sorts of MTAs various amounts of heartburn; how much heartburn depends on how they handle their queues. Sadly, Exim is particularly bad at this because it handles all email in a single queue instead of sorting things into one queue per target domain.

(This sort of thing leads me to a vaguely evil temptation with callout sender verification, but that's another entry.)

spam/EvilMXTrick written at 12:52:02; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.