Hi, On Mon, Nov 18, 2019 at 01:11:22PM +0200, George Papas wrote: > this still works : > > https://www.davidmartinwhite.com/2016/10/25/fighting-spam-block-entire-ttld-with-postfix/ >
To be clear, I believe in, "Your network, your rules." Each operator should do what s/he wants. At the same time, there are a _lot_ of anti-abuse techniques for mail that don't rely on the broad hueristic of, "This TLD seems to suck," and that don't rely on establishing that rule as a permanent part of your configuration. If we want the domain name system to be scalable and we want to have interoperable mail, hand-crafting the list of "these suck" domains is not a good way to go. That makes for the kind of brittle configuration that introduces later problems when some new operator takes over .TLD-THAT-SUCKS and cleans it up (or the same operator makes it better and starts producing reliably good, well-behaving registrations). Hard coding the TLD into blocklists means that there is never any reward for fixing stuff: everything is broken anyway, permanently, so the operator of that TLD has zero incentive to make it better, ever. So, I would like to encourage people to find ways to stanch mail from bad sources using reputation lists and so on, rather than wholesale blocking of whole TLDs. Best regards, A (Full disclosure: in my day job I work for the Internet Society, but I am not speaking for them now.) -- Andrew Sullivan a...@anvilwalrusden.com
