The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stop mail for a number of accounts

Discussion in 'E-mail Discussions' started by kjg, Nov 21, 2010.

  1. kjg

    kjg Well-Known Member

    Joined:
    Mar 2, 2004
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
    Situation:
    We have thousands of accounts that are not using email at all (parked on other domains, just having hompage, etc)
    None of them has any email account set up but still hundreds of thousands of spam mails are delivered to the servers each day for these domains. Both spam to the accounts and "mail delivery" when spammers use those domains as from-address in spam
    We think this is traffic we do not need
    Just for fun I checked on 5 of the servers where we have quite a few domains like this, and the number of reject-lines in logs for these kind of domains on these servers for the last 6 hours was over 150.000 lines so it is quite some junk in the logs (and traffic)

    Tested solutions:
    * Deleted MX in zone for the domains.
    Did not work since most servers (as the RFC indicate) tries the A-record for the domain if there is no MX, so problem remains

    * set default to fail (the standard we have on all accounts)
    Well, it rejects all emails, but still the traffic is coming in and the logs are filled with the crap

    Not yet tried solutions:
    1) Set a dummy mx pointing to an address that do not exist
    If I would test this, should this be an IP-address or a dummy domain
    By dummy domain I am thinking about just register a domain like blablalba12345.com to use as MX for all domains and have no nameservers set up for the domain at all. Guess most servers will deliver to domains A-record address instead if I try this since the return would be error instead of blocked ...
    If it is to be a dummy IP, what dummy IP can be used (don't want to point the traffic to anyone else so it needs to be really dummy).

    2) Set one dedicated IP in mx for all domains and stop the ports (primarely 25?) or mail services for that domain.
    Can this be done in WHM? Stop a port for one of the IP's on the server?
    Would this make the sending server try the domains A-record address instead?

    3) add SPF to all of these domains. Would only block some of the "Mail delivery" I suppose

    If you have any other suggestion that actually works, I would really appreciate it.

    It feels a bit like I am on the wrong track here and that there is a much easier solution, but I can't find it ...

    // kjg
     
Loading...

Share This Page