Ooh, the .us was a accidential block from me. Lol. I got a lot of spam like domains similiar to doctors.helping.us and such. And I tought .us was one of those crappy new ICANN gTLDs. (call them spam funnels if you want, they basically collect all spam on the internet and blows it towards mailservers)
Thanks for pointing out .us gonna unblock it now. Worst offender for me is *.xyz Its just filling up my logs with garbage. Hope *.xyz is nuked totally from orbit .shop, .pro, .online and .email is blasting out pretty much spam. I would consider .online a fraud domain, I would NEVER order anything from .online . So much fraud and illegitimate sites on .online Same with .shop. Just scammers popping up their crap. .top blasts out pretty much spam, altso lots of hacking attempts and spoof from *.top 2023-03-06 18:46:59 H=(wuanlaw.top) [106.55.16.123] rejected MAIL <[email protected]>: 5.7.1 Banned TLD 2023-03-11 07:17:48 H=(darvin.top) [124.221.158.202] rejected MAIL <[email protected]>: 5.7.1 Banned TLD 2023-03-16 07:35:51 H=i-org.top [106.75.13.182] rejected MAIL <[email protected]>: 5.7.1 Banned TLD 2023-03-16 08:36:18 H=i-org.top [106.75.13.182] rejected MAIL <[email protected]>: 5.7.1 Banned TLD 2023-04-28 15:42:08 H=hwsrv-1063153.hostwindsdns.com (mta0.savethechildenofturkeiy.top) [104.168.246.184] X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=no rejected MAIL <[email protected]>: 5.7.0 You can't spoof the domains this server is authorative for 2023-06-30 11:32:57 H=slot0.cedarstz.top (GTwG7V3hE) [185.28.39.60] rejected MAIL <[email protected]>: 5.7.0 You can't spoof the domains this server is authorative for 2023-06-30 11:32:58 SMTP protocol error in "AUTH LOGIN" H=slot0.cedarstz.top (PTUXWX3CW) [185.28.39.60] AUTH command used when not advertised *REPEATED LIKE 50 TIMES* 2023-06-30 11:40:32 SMTP protocol error in "AUTH LOGIN" H=slot0.cedarstz.top (rzA35F9) [185.28.39.60] AUTH command used when not advertised 2023-06-30 11:41:06 H=slot0.cedarstz.top (psGLswu) [185.28.39.60] rejected MAIL <[email protected]>: 5.7.0 You can't spoof the domains this server is authorative for So no, just nuke .top from orbit too. Soo much abuse originating from *.top Here is a good list if you want to block less TLDs, just block the top 50 gTLDs that isn't the "common" ones: https://www.spamhaus.org/reputation-statistics/gtlds/domains .top is #19 on that list so clearly a spam blaster. -----Ursprungligt meddelande----- Från: Jaroslaw Rafa via mailop <[email protected]> Skickat: den 2 november 2024 20:55 Till: [email protected] Ämne: Re: [mailop] Gmail not accepting the spam they sent themselves Dnia 2.11.2024 o godz. 18:45:13 Sebastian Nielsen via mailop pisze: > My blocklist is: > > /\.(accountant|accountants|asia|auto|berlin|bid|buzz|camera|car|cam|ca > rs|casa|cfd|christmas|click|club|college|computer|country|cricket|cyou > |date|design|download|exposed|email|fail|faith|finance|fit|fun|gdn|glo > bal|guru|help|host|jetzt|kim|icu|life|live|link|loan|london|media|men| > mom|news|ninja|online|page|party|photography|pro|protection|pub|racing > |realtor|reise|ren|rent|rest|review|rocks|science|security|shop|site|s > olutions|space|storage|store|stream|study|surf|tech|technology|theatre > |today|top|trade|university|uno|us|viajes|vip|vividal|wang|webcam|webs > ite|win|work|works|world|xin|xyz|zip|xn--.*)$/ I have seen quite a lot of legitimate email sent from *.shop and *.pro domains, and *.us is USA country code TLD and it's something like standard for schools (and some more public institutions) in USA to have subdomains in it. So I would advise against blocking these, because you might lose legitimate mail. I have also encountered legitimate websites and email addresses in *.online and *.email, but these were just a few cases, maybe ten in total. But one particular message coming from an *.online domain was very important for me, as it was a document I have ordered, and it would be quite a trouble for me if I'd lose that mail due to blocking the .online TLD. I have also seen quite legitimate websites in *.top, but no mail from this domain. For the rest of the above TLDs, I haven't even seen a useful website with an address in any of these domains. But I don't block them because I get absolutely no mail from them. All the spam coming to my server is from "traditional" .com/.org/.net etc. TLDs. -- Regards, Jaroslaw Rafa [email protected] -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
