Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Help: keep site, kill email

  1. #11

    Default

    MX records are cached by mailservers.

    Probably the best option would be to block inbound port 25.

  2. #12
    Join Date
    Jan 2008
    Posts
    16

    Default

    This is all good advice, but closing port 25 also stops you receiving email to the domains you WANT it to go to. Take the following steps to stop your inbound email for that domain:

    1) Set the MX record to 127.0.0.1

    2) In your MTA's conf files, remove yourdomain.com from the list of domains to receive for

    That will stop it all. Also, it means you wont' be sending "we're sorry that address doesn't exist" replies. When a mailer connect and announces it's destination address as blah@yourdomain.com, your MTA will close the connection, because it doesn't take mail for that domain.

    If you have POSTFIX as your MTA, this is the line that controls what domains you get mail for:

    mydestination = mydomain.com, myotherdomain.com

    Anything other than those 2 won't be received. Hope this helps.
    Last edited by module0000; 09-04-2009 at 08:50 PM.

  3. #13
    Join Date
    Jul 2009
    Location
    New York
    Posts
    465

    Default

    you can actually sign up for project honeypot and setup your mx records to point to it. This doesn't satisfy your requirement of non-existing bouncing back but other than that I don't understand some of these suggestions since if u set a mx record that's not to your mail server you will not get any mail... it might have been cached but within a week I do not see any reason why you should receive anymore mail.

    oh blah. this is pretty old topic.
    Last edited by Cwewmpz; 09-04-2009 at 10:08 PM. Reason: correcting terms

  4. #14
    Join Date
    Jun 2007
    Posts
    25

    Default

    Thanks for all the replies. Many informative ones. I really appreciate it.

    davepusey, I can't block port 25. I have other domains getting mail in that server.

    GuyPatterson, using iptables might be a good idea, but can I block incoming connections just on the base of the domain they're coming after rather than IP? Well, no need to answer that. Learning iptables is something I've been postponing for years. I will get around to that eventually.

    I will try the method suggested by module0000. Sounds like the easiest and surest. I will come back here and whine if it doesn't work as expected.

    Many thanks again!

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •