The last time TLD blocking came up, the consensus of the hive was not to block based on TLD. (You may recall .xyz being used by Alphabet.) However lately I'm getting a ridiculous number of .stream SPAM coming through. The RBLs are getting about half.
https://www.spamhaus.org/statistics/tlds/ I have a hard time believing I will ever get legit mail from a .stream or a .download. FWIW, many of the .stream pass SPF, which is perhaps why the RBLs are not being as aggressive. Example: ---------------------------------------------- SPF record lookup and validation for: recentirn.stream SPF records are published in DNS as TXT records. The TXT records found for your domain are: v=spf1 a mx ip4:104.148.96.0/24 -all Checking to see if there is a valid SPF record. Found v=spf1 record for recentirn.stream: v=spf1 a mx ip4:104.148.96.0/24 -all evaluating... SPF record passed validation test with pySPF (Python SPF library)! --------------------------------------------------------------------- SPF record lookup and validation for: qeonar.stream SPF records are published in DNS as TXT records. The TXT records found for your domain are: v=spf1 a mx ip4:107.173.0.0/24 -all Checking to see if there is a valid SPF record. Found v=spf1 record for qeonar.stream: v=spf1 a mx ip4:107.173.0.0/24 -all evaluating... SPF record passed validation test with pySPF (Python SPF library)! ---------------------------------- Yada yada yada.
