|Comments on Friday 25 April 2003:|
|If you have a domain that gets lots of spam, or if you have a domain that you don't use for mail at all that you could get added onto spam lists, here's a nice anti-spammer idea I just had.|
I've noticed that a lot of spam is being sent using software that just goes through every mail exchanger for a domain, so if you have a secondary mail server (as a backup) you get an extra copy of the spam. When configuring the DNS for a domain, you can configure whatever mail exchangers you want. So, if you have a domain for which you no longer wish to receive any email at all, why not configure it with a whole crapload of non-functional mail exchangers?
Any email (which should now be only spam) sent to the domain will go through trying to send to each of the entire list of MX servers. Ideally, those machines won't exist, so it will take 30 seconds or so to determine that each connection is non-responsive. If one were to configure just 20 MX servers for a dead domain, and get 20 email addresses at that domain onto spam lists, that would be over 3 hours worth of spam not getting sent, and at virtually no cost to your bandwidth (just the DNS request). I have now done this to liveandfrivolous.com, configuring it with mail exchangers in the non-routable address ranges to make sure that only the spamming machine and its network are troubled by it. So, if any email address collecting robots want a go, here's some addresses: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20. I realise that some spam-sending programs will do all the addresses at one domain in a single message - even so, they'll be inconvenienced, albeit less so, by the list of duff MXes. Hoorah! [10:39]
|so... does it work? you seem brilliant. i took a couple of your quizzes (which i thoroughly enjoyed) and had to see the creator. thanks :-)|
|Some time ago, I came across a site which had a link specifically designed to "trap" net bots. It appeared in text body with the warning "Don't click here if you are not a bot."|
Naturally I didn't, but I would imagine that it contained some method of looping designed to waste the robots time. Do you know if this is feasible? Or would it need to use a method similar to yours?
|It seems to me that anything you could do with HTML-based content would require the server to be just as hurt as the victim, unless you were to redirect to someone else's server, but that would probably be something the owner of the new target server could legitimately sue over. It may have been the "random email address" page, which produces a lot of email addresses composed of random gibberish for spambots - wasting their time at the same stage I propose, yes.|
|Hoorah! I've just realised that when you get to Australia I can send you money to be live and frivolous quite easily. I note that you haven't actually had any donations yet. This just shows that America is full of cheapskates and facist communists. Probably gerbils as well.|
|Nah, I cancelled Live and Frivolous. Did get a couple of donations, but it was slow enough that I just refunded them and gave up on it.|
|Tsk. You could have milked me for at least three dollars. You give up much too easily.|
|Hear hear, I'd be willing to pay three dollars to see you milk Tom.|
Or maybe I wouldn't, actually.