.link TLD spammer haven?

[Philip Prindeville]

Every connection I’ve gotten from a hostname resolving to *.link or saying helo 
*.link has been spam (I block the connections with MIMEDefang).

Has anyone actually seen a legitimate email from a host in the .link TLD?

I’ve seen (last week alone):

bgo.blc-onlineconsumer140.link
ratio.allgiftcardsonlinefriendly.link
ratio.autodealersstarted.link
ratio.forincreasemensvitality.link
ratio.growingmedicareprovider.link
ratio.instantarrestrecordseducate.link
ratio.invitegiftcards.link
ratio.largelycarsavings.link
ratio.medicaresourceshigh.link
ratio.publicarrestrecordsdaily.link
ratio.readybloodpressuremonitor.link
tcvd.internetspecial-week242.link
tcvd.internetspecial-week243.link
tcvd.internetspecial-week244.link
tcvd.internetspecial-week246.link
tcvd.internetspecial-week248.link
tcvd.internetspecial-week250.link
tcvd.internetspecial-week251.link
tcvd.internetspecial-week252.link
tcvd.internetspecial-week254.link
vnds.ds-customerreviews101.link
vnds.ds-customerreviews102.link
vps.35dscustomersreviews.link
vps.38-vpscresthosting.link
vps.39-vpscresthosting.link
vps.40-vpscresthosting.link
vps.42-vpscresthosting.link
vps.45dscustomersreviews.link
vps.45-vpscresthosting.link
vps.46dscustomersreviews.link
vtds.customeronlinerev212.link
vtds.customeronlinerev214.link
vtds.customeronlinerev216.link
vtds.customeronlinerev219.link
vtds.customeronlinerev221.link


Is it worth having that triggers on the relay’s hostname being *.link?

Also, I noticed that every message we saw was missing a Received: header…

-Philip