I've been testing my latest trick in spam filtering with good success. It's even qmail compatible.
What I'm doing is that I have at the moment 4 MX records. The lowest and highest are dead IP addresses. Normal mail servers will hit the lowest MX, fail, and then succeed on the next higher MX. The idea is that I'm screening on the ability of the server to try multiple MX records. It's very crude, very effective, and very simple. It basically gets rid of the spam zombies. However - thinking about making it a little more complex. All normal servers should attempt the lowest MX first. So suppose that on the lowest MX I had something that recorded the IP address of hosts that attempt the lowest MX. This attempt is stored for say 2 hours. Then when they retry the higher MX records the system knows that they have already attempted the lower one and it is not rejected. But hosts that try the higher MX records without having tried the lower one first are deferred. If you like the idea of forcing hosts to try the lowest first by accept on the secondary I have some idea of how to implement it. The lower MX attempt need to be stored in a MySQL database and then you run MyDNS on it to create a DNS whitelist which is used by the higher MX servers to determine if the message is deferred or not. I'm still thinking about the details but I think this trick would be faster than greylisting and more accurare. I think it could eliminate 100% of zombie spam. Thoughts? -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
