Spammers Ignore MX Records
We recently changed our SMTP mail routing via our MX records to point a hosted email service after running our own inhouse email filtering for the last few years.
We changed the MX records, updated the rules on our firewall to route from our email service providers servers to our own Exchange servers and after the usual 48 hours for these things to propagate across we signed it off as a project complete.
6 months later we came to investigate a mail routing issue, and on checking the firewall logs we were still seeing traffic directly hitting the IP address of our old MX records hosted in our DMZ. Strange we thought, so we plugged in Posfix to talk SMTP on this IP address just to see what was happening.
Funnily enough all the email that was coming through was blocked by RBLs so we can say that a change in MX records will not necessarily protect you from spammers who try to use old SMTP and MX details to push their email to you. This is why a DMZ and a proper granular firewall policy makes them oh so much worth while. So don’t trust MX records to protect your Exchange or other MDA enviornment from junk mail.