A semi-wish for an official 'null MX' standard
I've written before about how it seems that spammers will scrape anything that looks like an email address and then attempt to spam them. Of course, much of what gets scraped is probably for (alleged) hosts that don't have anywhere to send email, so the spammers never even get as far as sending it. But through some sort of luck I have such a host that doesn't accept email but also happens to have an accessible mail server running on its IP address (because that IP address handles email for some other things).
Since I watch my SMTP logs (it's a low-activity mail server) this has
given me a nice ringside seat to the spam attempts and helped add things
to my personal blacklist. But as entertainment this palls after a while
and I'm starting to reach the point where I don't care and I would
rather that all of the would-be spammers just go away. To do this I'd
like what gets called a 'null
MX entry that says 'this thing
doesn't get email, don't even bother trying to talk to its IP address'.
To my surprise there is no official standard for this. There
is a widespread habit of using an
MX to '
.' (dot, the
root of the DNS hierarchy) but it's not actually a standard
(although it was first put forward as a draft RFC in 2005 and is being tried
again this year). In
theory this has been around long enough as customary practice that many
mail servers should support it; in practice I have no idea how well it
works. If it's not very effective at reducing incoming spam attempts I
might as well not add the entry at all. I suppose I actually have a
relatively good opportunity to conduct a slow-moving scientific
experiment to find out.
(Probably the most reliable way to do this is to set the
MX to a
public IP address under your control that doesn't exist or doesn't
accept incoming SMTP. I wouldn't use a private IP address or a 127/8
address because both of those may be ignored by legitimate mailers while
the only thing that's going to ignore an unresponding public IP as an
MX is spamware that is deliberately trying your
A record even though
Comments on this page:Written on 24 September 2013.