Nolisting

Nolisting is the name given to a technique to defend electronic mail domain names against e-mail spam.[1][2]

Each domain name on the internet has a series of one or more MX records specifying mail servers responsible for accepting email messages on behalf of that domain, each with a preference. Nolisting is simply the adding of an MX record pointing to a non-existent server as the "primary" (i.e. that with the lowest preference value) - which means that an initial mail contact will always fail. Many spam sources don't retry on failure, so the spammer will move on to the next victim - while legitimate email servers should retry the next higher numbered MX, and normal email will be delivered with only a small delay.

Implementation

A simple example of MX records that demonstrate the technique:

MX 10 dummy.example.com.
MX 20 real-primary-mail-server.example.com.

This defeats spam programs that only connect to the highest priority (lowest numbered) MX and do not follow the standard error-handling of retrying the next priority MX.

Drawbacks

Similar techniques

There are alternate techniques that suggest "sandwiching" the valid MX records between non-responsive ones.[3] Some variants also suggest configuring the highest-numbered hosts to always return 4xx errors (i.e. "retry later").[3]

Like "nolisting", the greylisting technique relies on the fact that spammers often use custom software which will not persevere to deliver a message in the correct RFC-compliant way. It is however, a more sophisticated technique that needs specialist software to track which senders and IPs that it has encountered - hence "nolisting"s title of "The Poor Man's Greylisting".[2]

See also

References

External links

This article is issued from Wikipedia - version of the Friday, March 04, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.