negative caching of throwaway spam domains

Ken A ka at
Thu Jun 22 19:35:10 UTC 2006

Barry Margolin wrote:
> In article <e7bvl8$2eqm$1 at>, Ken A <ka at> wrote:
>> Hi,
>> We have 3 spam filtering machines that each run a bind caching 
>> nameserver to help with rbl lookups, etc..
>> After mail passes through these machines it goes to our mail hub.
>> Every so often, a spam from a throwaway spam domain will get through the 
>> spam filtering machines to the mailserver hub. The caching nameserver on 
>> the spam filtering machine will be able to lookup the sender's hostname, 
>> so sendmail accepts it.
>> But, sendmail, on the mailserver hub will bounce it back to the spam 
>> filtering machine with an error.. 'Domain of sender address 
>> jthlhiyue at does not exist'. (that one is from this am.. 
>> registered yesterday by a spammer).
>> The question is, is there something I can do to, other than telling the 
>> mail filter machines to all use the same instance of bind to avoid this 
>> happening?
> What's the problem?  Don't you want spam to be blocked?  You'd prefer 
> that it be blocked at the filter, but if not it gets blocked at the hub.
> If you don't want filtering on the hub, why do you have it checking 
> whether the sender domain exists?
The problem is that sendmail on the mail hub tries to send a 
non-delivery notification back to the sender. Those notices spool on our 
mailserver destined for throwaway spam domains that don't accept mail, 
or worse, do!
Ken A

More information about the bind-users mailing list