> See example, how work ISPIP :
> 9126.96.36.199 -- my secondary MX IP
> mailserver.good.net -- my secondary MX
Correct; that's also why I play a little trick with my MX records;
nothing "magic" nor really new, mind me, the whole thing is called "MX
sandwich" or "nolisting" and is explained here
to coarsely explain it, let's say you own the domain "example.com" and
let's also say that your domain has the following MX setup in DNS
@ IN MX 10 mx01.example.com.
mx01 IN A 192.0.2.30
now, willing to implement the "sandwich" you'll need to have two
additional (public) IP addresses; for this example we'll assume they're
192.0.2.10 and 192.0.2.50; now, you start by ensuring that port 25/TCP
on 192.0.2.10 is filtered (aka drop all requests), next, you install on
the box which will sit on 192.0.2.50 a "fake MX" that is a program (or
script/whatever) which will answer to connection to port 25/TCP
emulating a regular SMTP server but which will always reply with a
"4xx service temporarily unavailable" when receiving the "DATA"
command; once the critter will be installed you may publish its port
25/TCP and then modify your DNS to look this way
@ IN MX 10 mx00.example.com.
@ IN MX 20 mx01.example.com.
@ IN MX 50 mx99.example.com.
mx00 IN A 192.0.2.10
mx01 IN A 192.0.2.30
mx99 IN A 192.0.2.50
that's all, now a bunch of spam-spitting bots will hit your MX00 and
MX99 and your real SMTP server (MX01) will have less workload :D then
ok, the trick may be "expanded" by adding more "fake MX" and/or
rotating the records from time to time so that the "good server" will
change but that's totally optional and should be carefully evaluated;
on the other hand, the "vanilla setup" (as above) works quite well ;)
Note: it would be interesting to consider the option to let ASSP handle
the "fake MX" task; basically for such a setup we'd need some
additional config parameters (fake MX IP:port) so that the same box
hosting ASSP may then have two IP addresses, one will be the one on
which ASSP *serves* traffic, the other will act as a Fake MX (as seen
above); this may allow ASSP to collect further data on connecting IPs
and improve filtering; for example, if a host directly connects to the
FakeMX port *without* first attempting the regular MX port (look at the
MX preference above) then its IP may be considered "suspicious" (at
> P.S. How about Collect Address in Youre non-ASSP ?
Sorry I'm at loss here, could you please expand the above a bit ?