Ned Slider <n...@unixmail.co.uk> wrote: On 27/10/11 18:36, Jenny Lee wrote: > > > >_____________________________________________
>> From: list...@abbacomm.net >> To: users@spamassassin.apache.org >> Subject: real world spamassassin experiences re: processing on servers >> emailing from .info domains >> Date: Thu, 27 Oct 2011 09:15:13 -0700 >> >> >> greetings SA users >> >> there sure seems to be a lot of from .info server spamming >> >> wierd temp registered .info domains spamming eh? >> >> for those of you with volume, large or small, care to share an SA tips on >> how you deal with .info domains? >> >> i would imagine there is a very small percentage of valid emails coming from >> .info domains >> >> should we just pull the plug and reject all .info from touching the smtp >> server or carefully craft SA rules? >> >> real close to doing so and just reject them all, unless there is a list of >> valids out there somewhere >> >> thank you in advance >> >> - rh >> > > > In 14 years, we never received any single legit mail from .info. It costs $1 > per year to register an info domain, and if the people I do business cannot > afford $10 a year for their domain, they probably will not give me business > to start with. > > We reject all .info on sendmail during transaction stage. Half of my rejected > connections are .info (rest are same-sender/same-recipient). > > You have to assess your own situation. > > Jenny I haven't had to go as far as rejecting all .info domains yet, but I did spot a trend a while back where snowshoe spammers where using i...@example.info so I block those at the MTA with a simple PCRE: /^info@[a-z0-9]+\.info$/ REJECT Looks like snowshoe They seem to have moved on now though as I currently see very little .info spam make it as far as SA. Screwfix in the UK (a large online hardware [screws and nails type] supplier) currently send out their mailings from em...@screwfix.info even though their main site is at screwfix.com, so there are some legit senders. YMMV I know a few people who run legitimate .info domains. Primarily for their friends & family. I have a .info domain that I use for testing new servers. Rather a .info than a .co.cc for testing ;) -- If you cannot beat them, try to cĂ´ntrole them.
