Domain names on server (about spammers)

[Webfoundry]

Just a general question I was wondering about:

As every server, I get daily brute force attacks, mainly IP's that want to take use of exim2.
What puzzles me is that they seem to be able to retrieve the exact domain names that are hosted on the server (and then of course try out all possible combinations with them like admin@ server@ info@...).

I found out that https://www.robtex.com can retrieve the domains.
I think there's no way to stop these domain-scans ?

 

[Richard G]

No it can't, it seems there are ways it can be done.
However, you there is a thing which might harden it a tiny bit. Check your named.conf and add this line if it's not present under the "options" section:

        allow-transfer {"none";};

This way they can't do any afxr calls which also provides some domain info.