Greg Hewgill (ghewgill) wrote,
Greg Hewgill

adventures in antispam

I'm in the process of changing my main mail server for from my machine at home on my DSL, to my hosted server in Dallas. Currently, the MX record points to my home machine and most of the spam I get goes there. However, the A record for the web site points to my hosted server. Until recently I did not have the hosted server set up to accept mail for, so it would reject anything that happened to make it there.

Last night I changed the Postfix configuration to accept mail for I knew there was some misdirected mail that made it there, but I had no idea how much. Since last evening (perhaps 15 hours ago), I've received nearly 400 junk messages to that server. This is happening even though there is no MX record at all pointing to that server (for!

All of it is worm messages of some kind. Evidently there is some flavour of worm that looks up an A record for the domain name, instead of an MX record, when trying to deliver mail. Now, once I move my MX record to point to the hosted server, I won't be able to distinguish that worm mail from real mail anymore.

Now I just need to integrate clamav into Postfix and check for all that junk worm mail with virus attachments at SMTP time.
Tags: spam

  • fault line flyers video online

    A couple of weeks ago, Fox 7 News went out to Fault Line Flyers (the soaring club where I used to fly in Texas) and filmed a bunch of footage for a…

  • pumpkin drop!

    Tomorrow is the annual Pumpkin Drop at the glider field! A pilot and a bombadier go up in a two-seat glider. The bombadier sits in the back with a…

  • private pilot checkride

    This year has been an especially disappointing year for soaring. Between uncooperative weather, my summer vacation to Spain, occasional lack of…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment