Michael C. Toren on 1 Apr 2009 23:29:05 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: spammer's DNS

On Wed, Apr 01, 2009 at 03:02:02PM +0200, sean finney wrote:
> maybe they have a poor implementation of DNS caching, or maybe it's
> intentionally designed that way.  

In at least some cases it's likely intentional.  One technique for
identifying bots is to search for end-user systems which are performing
a disproportionate number of MX lookups.  By not using DNS, bots can
circumvent this technique.

Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug