On Wed, 1 Jul 2020, @lbutlr wrote:
On 30 Jun 2020, at 09:31, RW <rwmailli...@googlemail.com> wrote:
On Tue, 30 Jun 2020 11:30:17 +0000
Roald Stolte wrote:
These mails were all using TLDs such as .site and .online and were
getting marked because of it.
Are others seeing a decrease in spam from .site and .online? All I see
from these TLD is 100% spam. They are not at the volume that .top was
when this free-for all on TLDs started, but they are not generating any
legitimate mail on my servers.
That matches my experience.
You could just drop the score for FROM_SUSPICIOUS_NTLD &
FROM_SUSPICIOUS_NTLD_FP.
This is probably the best way, but I'd be wary of dropping it too much.
Especially as the rule covers *other* rarely-legit TLDs as well, and that
would impact their scoring.
I'd suggest instead a rule with an offsetting negative score (not
necessarily an actual whitelist/accept entry as that's *too* generous) for
the TLDs (or if possible the specific domains in those TLDs) that are
causing problems.
I realize this isn't really a welcome solution per the original note but
until the legitimate use of those TLDs grows the rules punishing them do
have value.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Microsoft is not a standards body.
-----------------------------------------------------------------------
3 days until the 244th anniversary of the Declaration of Independence