Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-)
Hank Nussbacher
This will not work if you have an off-site MX or you have an off-site MX that doesn't have the same packet filtering rules that you do.
It will time out to the first MX, and deliver to the next. If that next MX is off-site, it will be delivered there and you will just get the spam via that route.. :/
It's best done with sendmail rules, I suppose.
jamie g.k. rishaw <jamie@iagnet.net> - Internet Access Group [www.iagnet.net] - Cleveland-Pittsburgh-Detroit-Columbus-Akron-Toledo-Cincinnatti-Dayton - Corp: (800) 637 4IAG / (216) 623 3565. DID: (216) 902 5455. FAX (216) 623 3566. Personal: jamie@@arpa.com || jamie@@null.net (Remove second @, nonspammers) =)
But most of the bulk spammer programs out there don't follow MX records. They blast directly into the sendmail port of the primary machine, and if they can't do that, they leave it at that and move on.. Blocking spam sites directly at the sendmail level (with tcp_wrappers), does effectively block out bad domains.