I changed my webserver a few days ago, it was a chance to install the new box from scratch with a fedora core 6 and ispconfig (2.2.18), plus postfix 2.4.5-2 for the mail part. With the old box I used to receive around 200 spams per day. With the new box, with all the previous email addresses, I don't get anyone. Seems good ... but the spam filter is disabled ! How is it possible ? I receive some non-spam messages, but I wonder if I don't loose some messages anyway !
I had a look but found nothing suspicious. It seems that the spam messages don't arrive in the MTA (postfix), is it possible that they are dropped before ? Or perhaps that the spammers decided not to spam my emails anymore, but I don't believe this one ;-)
Please make sure that the MX records for your domains are pointing to the new server. You can check that with Code: dig mx yourdomain.com
I ran the dig command from the server, it's ok : ;; AUTHORITY SECTION: mydomain.com. 86400 IN SOA myserver.ovh.net. contact.mydomain.com. 2007122301 28800 7200 604800 86400 But when I run it from home, I have no ANSWER section, nor AUTHORITY section. When I run the dig mx command from home on a well-know domainname it got this : $ dig mx voila.fr ; <<>> DiG 9.2.2 <<>> mx voila.fr ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38217 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;voila.fr. IN MX ;; ANSWER SECTION: voila.fr. 1986 IN MX 10 smtp.voila.fr. ;; Query time: 495 msec ;; SERVER: 10.0.1.1#53(10.0.1.1) ;; WHEN: Thu Jan 17 19:46:44 2008 ;; MSG SIZE rcvd: 47 Looks interesting ! Could you tell me how to fix me ? Thanks A LOT
I found this post, I remove the hostname in the MX DNS record in ispconfig and now the dig mx command returns the MX record in the answer question, at least on the server (I'm waiting for the DNS replication to check elsewhere). This was not trivial ! But do you think that this mistake had a impact on the non-receiving of spams (and perhaps non-spam mails) ?
Most of the time a legitimate e-mail server will attempt a resend for 1 day, maybe 2, so you should get them after awhile when they re-attempt
Yeah I'm receiving tons of spam again, not sure if it's a great thing but thanks anyway. In fact you don't receive spams if your domain MX is not configured because of this : Found here on wikipedia : When an MX-lookup fails, RFC rules call for fallback to the domain's A record. For situations where a domain's A record and MX record both point to the same machine or IP address, it is usually the case that the MX record can safely be deleted. This usually results in no missing valid or "legit" e-mail, but a drop in spam should be noted. The reason being is that because of the theories that SMTP engines running on comprimised hosts do not fully implement all SMTP error-handling routines, and this lack of complete rule-following can be used against them (grey-listing being another example of an anti-spam technique).
