Re: Fun new policy at AOL

[Iljitsch van Beijnum <iljitsch () muada com>]

On donderdag, aug 28, 2003, at 20:10 Europe/Amsterdam, Paul Vixie wrote:

> > Play with DNS MX records like QMTP does.

> here are at least two problems with this approach.  one is that an mx
> priority is a 16 bit unsigned integer, not like your example.  another
> is that spammers do not follow the MX protocol, they deliberately dump
> on higher cost relays in order to make the victim's own inbounds carry
> more of the total workload of delivery.  (additionally, many hosts do
> more spam filtering on their lower cost MX's than on their higher cost
> (backup?) MX's, and the spammers know this, and take advantage of it.)

Yes, that's why I don't use my ISP's servers as MX for my domains 
anymore. Having fallback MXes that only queue the mail for a while 
don't provide any real benefits anyway.

But how about this: in addition to MX hosts, every domain also has one 
or more MO (mail originator) hosts. Mail servers then get to check the 
address of the SMTP server they're talking to against the DNS records 
for the domain in the sender's address. Then customers who use an email 
address under their ISP's domain have to use the ISP's relay, while 
people with their own (sub) domain get to use their own.

For AOL and the likes this would also help against spam as they can 
rate limit incoming mail from unknown domains. Spammers are forced to 
register new domains all the time in addition to having to find 
abusable IP addresses so hopefully life for them will be a little more 
miserable too.

(Could reuse MX for this if a new RR is too much hassle, but large ISPs 
don't use the same SMTP servers for incoming as for outgoing.)