Help with MX records on my domain and SPAM...

J

jyi786

Supreme [H]ardness
Joined
Jun 13, 2002
Messages
5,760
I just implemented Google Apps for my company as a backup e-mail solution. I have 15 users on the Google Apps e-mail backup, concurrent with the users that are on my main e-mail server. It works perfectly fine, or at least I think it does. My e-mail server has never went down, so I haven't really tested it. However, I can be sure it works, because, unfortunately, a little issue has arisen.

Currently, I have 6 MX records for my domain, in the following order:

"mydomainserver"(10)
aspmx.l.google.com.(20)
alt1.aspmx.l.google.com.(30)
alt2.aspmx.l.google.com.(40)
aspmx2.googlemail.com.(50)
aspmx3.googlemail.com.(60)

On my main server, "mydomainserver", I've implemented all types of SPAM filtering techniques that are very effective, sometimes too effective. But this is besides the point. the problem here is this:

I've read that a favorite technique of spammers is to use the lowest priority MX records in order to send their junk. And they surely do. I've also read that it's not recommended to have more than 1 MX record as a backup. What I've been finding out is that in all of my users' respective Gmail mailboxes, the SPAM is being delivered there!!!

How can I alleviate this problem? And also, what numbering scheme should I use for the MX record priorities?

Thanks for everything!!!
 
Bump. Can anyone please offer any input on this? Thanks.
 
If you feel confident about your antispam filters you could put in your mx records a server with priorty of 250 to dump any mail it receives. Oh yeah and unless googles advises that you need to have that many mx entries for their servers you don't really need that many entries for them.
 
Keiichi said:
If you feel confident about your antispam filters you could put in your mx records a server with priorty of 250 to dump any mail it receives. Oh yeah and unless googles advises that you need to have that many mx entries for their servers you don't really need that many entries for them.
Click to expand...

Well that's the thing. Google instructs me to use ALL the MX records, but I've read in their own help workgroups that some people are only using the FIRST MX record.

I'm confused/lost.:confused:
 
ajm786 said:
Well that's the thing. Google instructs me to use ALL the MX records, but I've read in their own help workgroups that some people are only using the FIRST MX record.

I'm confused/lost.:confused:
Click to expand...

I would go with what google advises.
Go here for an explanation of what can happen when you specify too many mx records http://en.wikipedia.org/wiki/Mx_record

Hopefully this is a better expanation of my suggestion. Basically you have two names for your mail server mail1.foo.bar and mail2.foo.bar In your mx records put your primary top priroty and the secondary the lowest priority. Basically what will happen is that you will receive mail as normal and you will get the sneaky ones that specify the server with the lowest priority. So as long as your mail server is available your google accounts will never get the spam messages. The caveat being that it won't work if your server is down, but it's better than nothing.
 
Keiichi said:
I would go with what google advises.
Go here for an explanation of what can happen when you specify too many mx records http://en.wikipedia.org/wiki/Mx_record

Hopefully this is a better expanation of my suggestion. Basically you have two names for your mail server mail1.foo.bar and mail2.foo.bar In your mx records put your primary top priroty and the secondary the lowest priority. Basically what will happen is that you will receive mail as normal and you will get the sneaky ones that specify the server with the lowest priority. So as long as your mail server is available your google accounts will never get the spam messages. The caveat being that it won't work if your server is down, but it's better than nothing.
Click to expand...

I think you're misunderstanding a bit.

Actually, my reading of that Wiki article is what I derived my understanding of. The MX records are working fine; this much I know because I do get the SPAM. But it's just that; too much SPAM is getting delivered to my users' Gmail folders because of the very fact that spammers go from the lowest MX record first (sneaky little bastards).

I guess you are suggesting that there is really no way around it, right? I mean, it's double edged, and I think you're getting at that all the SPAM is going to the Gmail accounts instead of the main server, which obviously can't be bad.
 
Add another MX record that points to your mail server with lowest priority. Highest and Lowest priority records pointing to your mail server should bypass this issue. :D
 
mordenkainen said:
Add another MX record that points to your mail server with lowest priority. Highest and Lowest priority records pointing to your mail server should bypass this issue. :D
Click to expand...

Hmm. I never thought of this. Sounds intriguing. I might give it a shot.
 
You must log in or register to reply here.
Back
Top