I am receiving a torrent of spam coming from dot-eu and dot-link domains. Those spams have perfectly correct mail settings, such as resolvable nameserver names, SPF, seem to all match.
They also are all based on domains less than one day old. I deal with them in a custom way, and block any emails mentioning URLs in those TLD's. However, I wish there was a way to enhance spamassassin to deal with them. Sample spams are here: http://igor.chudov.com/tmp/spam015.txt Please note that I have developed my own solution, however ugly, that looks up WHOIS information where it is available, and rejects all emails from domains less than a week old. While that works for me, european and LINK domains do not seem to work with the perl module that I am using Net::Whois::Parser; so I am stuck with rejecting all mail from those domains. Any comments, thanks
