How to irritate sysadmins and give mailers heartburn with your MXes

July 4, 2012

Here's a simple way to irritate sysadmins and give mail systems some nice heartburn. First, send some email that will bounce or provoke autoreplies (for example, you could be sending email to an address that forwards it to somewhere that will reject it). Next, have the following set of MXes:

; dig +short mx

Now, have your machines configured so that most or all of these MXes do not respond to connection attempts on port 25, and certainly none of them accept your email back (temporary SMTP failure codes are ideal here). If you want real bonus points, have some machines accept SMTP connections but then process everything very, very slowly before timing out.

The net result is that any remote system that is foolish enough to send you bounces or other email will take (for a typical Exim configuration) more than a half an hour to handle one pass of trying to deliver a single message back to you. Almost any MTA will try each MX in sequence and each MX will occupy it for multiple minutes before it times out; with 11 MXes this adds up fast. This is a great way to give all sorts of MTAs various amounts of heartburn; how much heartburn depends on how they handle their queues. Sadly, Exim is particularly bad at this because it handles all email in a single queue instead of sorting things into one queue per target domain.

(This sort of thing leads me to a vaguely evil temptation with callout sender verification, but that's another entry.)

Written on 04 July 2012.
« The secure web voting problem
Exploring an ARP mystery: a little Linux surprise »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Wed Jul 4 12:52:02 2012
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.