anti-spam geolocation and spam control


fyi: managed dns services - edgedirector.com

Geolocation for spam control may be the next step mail administrators can take to control spam.

If you already use tools like spamassassin, spamd, or barracuda and find that spam is still swamping you, then dns geolocation might be the next step.

It is a smtp specific application of geoip data and dns. If, spam is arriving from certain global regions, and if, you wish to neither send email to, nor receive email from those regions, it is possible to ignore the ip addresses associated with those regions.

As the smtp email server MX record always has an A record as the data portion of the dns answer, it is possible to selectively return a bogus answer.

There are two approaches to using geodns to reroute spam. In the first one, any query for a MX record originating from a forbidden area is simply null-routed. That is, no A record is returned. In the second one, any query for a MX record originating from a forbidden area is answered with an A record containing a bogus, non-routable address such as 127.0.0.1 (localhost).

As a precautionary note, the user must understand that not all ip addresses are accurately mapped to a specific geographic region.

And finally, for those that are curious, this approach is independent of the mail transfer agent. It will work equally well with sendmail, qmail, postfix, exchange, exim, etc.