MXlo

MXlo means DNS resource records of the MX type that have a value of localhost. The name comes from combining the MX from Mail eXchange and the lo abbreviation for a loopback networking interface, and is an anti-spam technique that is growing in popularity with network administrators who manage a large number of unused legacy domain names.

Overview
MX records provide a resource for internet hosts to discover the designated SMTP service for a given domain. By pointing MX records for unused domains to localhost/127.0.0.1, any SMTP traffic to these domains is sent back to the originating host. Under normal circumstances, this is undesirable behavior. In the case of unused domains, particularly those that have been actively used and receive large amounts of spam, this practice places the system load on the originating server. This is desirable from multiple perspectives, as it decreases load on the target systems and networks, and motivates internet service providers to minimize the sending of spam through their systems.

History
MXlo was conceived by a lone network administrator for a large engineering corporation. As the company acquired and subsequently retired domain names, the MX records for these domains were pointed to localhost to minimize system load from unwanted traffic. As admins and other technical people described this practice to each other, it picked up the nickname MXlo.

Practical Implications
For systems and providers that transmit a large volume of spam, sufficient use of the MXlo practice can cause a self-inflicted DoS (denial of service) attack, motivating the affected provider to prevent the sending of spam through their systems.

Implementation
DJBDNS (tinydns) "@yourdomain.tld::localhost:10"

BIND "yourdomain.tld.  IN    MX    10    localhost."

Others "Refer to your software documentation/manual"

Seeding
A practice that has grown with the MXlo concept is seeding. Once MXlo has been implemented for a given domain, and if there is no intention to use the domain anymore, some administrators seed spam lists by publishing fake e-mail addresses associated with the target domain in public forums—blogs, wiki sites, etc.—and entering them in web forms that spammers are known to harvest e-mail addresses from. This technique intentionally creates unnecessary traffic for high volume spam hosts and increases their operating costs—and, in some cases, assists the aforementioned self-inflicted DoS attacks.