John Von Essen on 1 Apr 2009 09:36:03 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: spammer's DNS

Spammers dont really use DNS and MX records for day-to-day  
operations. If your an internet host listening on port 25, you'll get  
spam. They will find you from looking at DNS, or just random IP  
botnet checking.

I've turned up public machines with SMTP enabled, with no MX records  
in DNS, these machines will start getting spam attempts in a few days.


On Apr 1, 2009, at 10:05 AM, Art Alexion wrote:

> On Wednesday 01 April 2009 09:17:51 Eric wrote:
>> I theorize that the spammers grab a copy of the DNS records once (a
>> year? a month?) and then resolve the addresses from this fixed cache.
>> The reason for this might be that when you're sending a billion or so
>> spam emails a day you can speed up the sending process and lower your
>> visibility and network demands by not making DNS requests for each of
>> those outgoing spams.
> This really seems to make sense.
> ______________________________________________________________________ 
> _____
> Philadelphia Linux Users Group         --        http:// 
> Announcements - 
> announce
> General Discussion  -- 
> listinfo/plug

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --