Identifying domains that don’t accept or send email

I

A couple folks have asked me recently about MX records that they don’t understand. These records consist of a single . or they contain localhost or they are 127.0.0.1.

In all cases, the domain owners use these records to signal that the domains don’t accept email. What do these records look like?

screenshot of a terminal session that says: 
laura@pazu:~$ host yahooo.com
yahooo.com has address 98.136.103.23
yahooo.com has address 212.82.100.150
yahooo.com has address 74.6.136.150
yahooo.com mail is handled by 0 .

Why do domains do this? In all cases it’s because the domain owners want to signal they don’t accept email. But there are a number of different reasons to do this.

In the yahooo.com example, this is a domain actually owned by Yahoo. The website redirects to the primary yahoo.com site. But, it’s not a domain that accepts mail. They notify us of this by using a dot mx.

Screenshot of a terminal session that says: 
laura@pazu:~$ host collectors.org
collectors.org has address 91.195.240.126
collectors.org mail is handled by 0 localhost.

In the collectors.org example, they list the MX as localhost. This is a convention I’ve seen from a lot of for-sale domains. (As an aside, some of the for sale domains do accept email. The ones I’ve identified use a handful of common MXs that I suspect belong to the companies that sell access to spamtraps.)

I’ve also seen some domains use 127.0.0.1 as a MX record. Again, this is signalling that they really, really don’t want to accept email.

There’s also a way to signal a domain doesn’t send mail. This is accomplished by using a SPF -all record.

Screenshot of a terminal session that says:
laura@pazu:~$ host -t txt collectors.org
collectors.org descriptive text "v=spf1 -all"

There you go. Multiple ways to signal a domain doesn’t accept email and one way to signal the domain never sends email.

About the author

1 comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • As someone who at times has hosted DNS for hundreds of thousands of parked domains, let me add that the main reason you publish an MX on parked domains is because you cannot believe the amount of crud that gets spewed at any domain’s A record on port 25 if you don’t have an MX record.

    Also, and we aren’t doing so now for various reasons, but for quite a few years we did in fact have that MX pointed to a spamtrap IP operated by a large RBL. I don’t think most parking outfits are that thoughtful, but maybe some are. I will note that we also had some less scrupulous organizations express interest in that mail feed. A “.” MX record as you describe is a good alternative.

    And yes nowadays a -all SPF record and an accompanying p=reject DMARC record are very good ideas for any domain that doesn’t send any legit email.

By laura

Recent Posts

Archives

Follow Us