Nolisting Explained

Nolisting is a technique to defend electronic mail domain names against e-mail spam.[1] [2]

Each domain name on the internet has a series of one or more MX records specifying mail servers responsible for accepting email messages on behalf of that domain, each with a preference. Nolisting is simply the adding of an MX record pointing to a non-existent server as the "primary" (i.e. that with the lowest weighted value) - which means that an initial mail contact will always fail. Many spam sources don't retry on failure, so the spammer will move on to the next victim - while legitimate email servers should retry the next higher numbered MX, and normal email will be delivered with only a small delay.

Implementation

A simple example of MX records that demonstrate the technique:

MX 10 dummy.example.com. MX 20 real-primary-mail-server.example.com.

This defeats spam programs that only connect to the highest priority (lowest numbered) MX and do not follow the standard error-handling of retrying the next priority MX.

Drawbacks

Similar techniques

There are alternate techniques that suggest "sandwiching" the valid MX records between non-responsive ones.[3] Some variants also suggest configuring the highest-numbered hosts to always return 4xx errors (i.e. "retry later").[3]

A simple example of MX records that demonstrate the technique:

MX 10 dummy1.example.com. MX 20 real-primary-mail-server.example.com. MX 30 dummy2.example.com.

Greylisting also relies on the fact that spammers often use custom software which will not persevere to deliver a message in the correct RFC-compliant way.[2]

See also

External links

Notes and References

  1. http://windowsitpro.com/security/does-nolisting-help-stop-spam "Does 'nolisting' help stop spam?"
  2. http://nolisting.org "Nolisting: Poor Man's Greylisting"
  3. https://cwiki.apache.org/confluence/display/SPAMASSASSIN/OtherTricks "Other tricks"