Mail exchange (MX) records advertise where mail for our domain should be sent. Without MX records we would never receive any mail since our mail servers would be unadvertised. Nolisting is a newer concept on the horizon that deals with tweaking how we advertise MX records - as I will explain here - to help fight spam.

For many domains well up to ninety-percent of incomming connections are spam. By removing our MX records from our domain we really cut 100% of spam without effort since we will not receive any mail! Just joking :p No, that is not what Nolisting means. Nolisting does actually have a solid technical base to stand on.

The idea of Nolisting is rooted in how many spammers send spam out: send-and-forget. By contrast a legitimate MTA will retry each MX record until it finds one that accepts your message.

Nolisting is the idea of having a non-existant primary MX record and a secondary MX that works perfectly. Many spammers will try the primary MX and as it fails, give up. Of course, some spammers also try sending direct to your secondary MX records - and that's why you have your MTA protected with Gwava's antispam and antivirus software.

Nolisting is proven effective if most connections that hit the primary MX and never hit another MX are listed in a DNSBL.

Here are some numbers (not mine) on the results of Nolisting which were collected:

# Total SMTP packets: 3500
# Total source hosts: 336 100% (DNSBL: 295 87%)
# Both MX: 82 24% (DNSBL: 51 62%)
# Single MX: 257 76% (DNSBL: 246 95%)
# Primary only: 144 42% (DNSBL: 139 96%)
# Secondary only: 113 33% (DNSBL: 107 94%)

Source: http://www.joreybump.com/code/howto/nolisting.html

What we see is that of 336 connections in this small sample 96% of connections that hit the primary MX only were listed in a DNSBL. Of those that hit BOTH MX records only 62% were listed, and 42% of connections hit the primary only.

I wouldn't really recommend implementing Nolisting as one of your full-time antispam measures, I do believe this is a great way to temporarily cut down on the amount of incomming connections in case of emergency however.

Let's say your servers are running along without trouble under less than 50% utilization. You start to notice traffic increasing and the servers become overloaded and start queueing mail waiting to spam scan it. Another server has been ordered to help with the load, until that server is online I would recommend a temporary measure like Nolisting. For the sample numbers above, Nolisting would have cut 42% of their incomming connections which could be more than enough to allow to overworked servers to keep up until the new server arrives.

In conclusion Nolisting is an interesting way to reduce the number of incomming connections to your mail servers. Nolisting is a great way to temporarily reduce the number of incomming connections you are receiving.

Or, of course, you could always just remove your MX records from your DNS all together and ensure 100% of mail, spam or not, ever gets delivered :p

For more information on Nolisting check out the original source that I have based this article off of:

http://www.joreybump.com/code/howto/nolisting.html