negative caching of throwaway spam domains
ka at pacific.net
Thu Jun 22 19:35:10 UTC 2006
Barry Margolin wrote:
> In article <e7bvl8$2eqm$1 at sf1.isc.org>, Ken A <ka at pacific.net> wrote:
>> We have 3 spam filtering machines that each run a bind caching
>> nameserver to help with rbl lookups, etc..
>> After mail passes through these machines it goes to our mail hub.
>> Every so often, a spam from a throwaway spam domain will get through the
>> spam filtering machines to the mailserver hub. The caching nameserver on
>> the spam filtering machine will be able to lookup the sender's hostname,
>> so sendmail accepts it.
>> But, sendmail, on the mailserver hub will bounce it back to the spam
>> filtering machine with an error.. 'Domain of sender address
>> jthlhiyue at halosalbum.com does not exist'. (that one is from this am..
>> registered yesterday by a spammer).
>> The question is, is there something I can do to, other than telling the
>> mail filter machines to all use the same instance of bind to avoid this
> What's the problem? Don't you want spam to be blocked? You'd prefer
> that it be blocked at the filter, but if not it gets blocked at the hub.
> If you don't want filtering on the hub, why do you have it checking
> whether the sender domain exists?
The problem is that sendmail on the mail hub tries to send a
non-delivery notification back to the sender. Those notices spool on our
mailserver destined for throwaway spam domains that don't accept mail,
or worse, do!
More information about the bind-users