|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] OT: spammer's DNS
|
Spammers dont really use DNS and MX records for day-to-day
operations. If your an internet host listening on port 25, you'll get
spam. They will find you from looking at DNS, or just random IP
botnet checking.
I've turned up public machines with SMTP enabled, with no MX records
in DNS, these machines will start getting spam attempts in a few days.
-John
On Apr 1, 2009, at 10:05 AM, Art Alexion wrote:
> On Wednesday 01 April 2009 09:17:51 Eric wrote:
>> I theorize that the spammers grab a copy of the DNS records once (a
>> year? a month?) and then resolve the addresses from this fixed cache.
>> The reason for this might be that when you're sending a billion or so
>> spam emails a day you can speed up the sending process and lower your
>> visibility and network demands by not making DNS requests for each of
>> those outgoing spams.
>
> This really seems to make sense.
> ______________________________________________________________________
> _____
> Philadelphia Linux Users Group -- http://
> www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-
> announce
> General Discussion -- http://lists.phillylinux.org/mailman/
> listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|