As some of you know I get rid of a lot of spam using fake high numbered MX records. I'm now doing some interesting experiments. Even though my TTL is only 2 hours I notice that if I change my fake high MX to different fake high MX that the spam zombies still send email to the old fake MX records for many days, sometimes weeks.
My theort is that spam zombies do DNS caching so as to maximize spam output by eliminating dns lookups. Thus zombies retain old information far longer than they are supposed to. So I'm experimenting with a blaclisting trick where I change my fake high MX records, wait several hours, and then anything that hits the old fake MX records are spam zombies. Thoughts? -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
