Blocking TLD's
Posted: Mon Apr 16, 2012 10:23 am
I've seen this question come up a couple of times, so I know I'm not the only one experiencing it. We've been seeing a massive increase in the amount of spam coming from .info and .in domains, and the vast majority of it doesn't get caught by MagicSpam. A really easy solution that would make all of my hosting clients much happier would be to completely block email from those TLD's. I can easily whitelist a couple of legitimate domains if necessary.
We have the following rules enabled:
block_ip_in_addr
check_ip_reverse_dns
check_reverse_dns_list
require_full_addr
require_helo
valid_from_domain
valid_helo_domain
And we have the following IP Reputation lists enabled:
UCEPROTECT-1
UCEPROTECT-2
PSBL
SORBS-DUL
RATS-DYNA
RATS-NOPTR
RATS-SPAM
Almost none of the .info or .in spam gets blocked by this. Every day I go in and manually blacklist another dozen IP addresses, but I'm close to hitting the limit on the number of entries and this isn't a real solution. We need to be able to block TLD's, or get some recommendations on other adjustments we can make that will stop this spam, or we're going to have to cancel our subscription and find another anti-spam solution.
We have the following rules enabled:
block_ip_in_addr
check_ip_reverse_dns
check_reverse_dns_list
require_full_addr
require_helo
valid_from_domain
valid_helo_domain
And we have the following IP Reputation lists enabled:
UCEPROTECT-1
UCEPROTECT-2
PSBL
SORBS-DUL
RATS-DYNA
RATS-NOPTR
RATS-SPAM
Almost none of the .info or .in spam gets blocked by this. Every day I go in and manually blacklist another dozen IP addresses, but I'm close to hitting the limit on the number of entries and this isn't a real solution. We need to be able to block TLD's, or get some recommendations on other adjustments we can make that will stop this spam, or we're going to have to cancel our subscription and find another anti-spam solution.