the spambots often go for the secondary MX first now days.
Spam bots that do this will go for your lowest priority machine, this is because it is percieved to potentially be less well maintained, less up to date and potentially have more flaws in it's antispam antivirus that will allow through more spam. A simple solution would be to have your live server in between two nolist mx records. I know of email admins that have their primary MX the same as their lowest priority MX for this reason. All the best Greg Soffe Mail Administrator - Network Analyst Network Security Operations -----Original Message----- From: Barry Murphy [mailto:barry(a)unix.co.nz] Sent: Tuesday, 15 January 2008 11:06 a.m. To: Glen Eustace Cc: nznog(a)list.waikato.ac.nz Subject: Re: [nznog] Using nolisting to reduce spam Paradise did this by pointing the first MX to pop.paradise.net.nz which was not an MX server, it would then have the real MX listed as second priority. I beleive it would releave some spam bots, but from what I can tell (running greylist with 2 MX's) the spambots often go for the secondary MX first now days. The reason for this, generally a secondary MX would be your upstreams mail server, they would not have the same spam protection as your running, they would queue the email and deliver it to you, your mail server would have learnt to trust this host. Doubt it would stop much in my own opinion. Cheers B