TLD domain changes

[Rick Cooper]

 > -----Original Message-----
 > From: mailscanner-bounces at lists.mailscanner.info 
 > [mailto:mailscanner-bounces at lists.mailscanner.info] On 
 > Behalf Of Scott B. Anderson
 > Sent: Thursday, July 31, 2008 9:41 AM
 > To: MailScanner discussion
 > Subject: OT: TLD domain changes
 > 
 > I can't block any email based solely upon its source TLD, 
 > even if it is China and I have no Chinese clients because 
 > some users may receive legit email from business contacts 
 > there, and this goes for a lot of countries, so I think MTA 
 > based domain filtering is out of the question.  I've had a 
 > list in SA to limit the damage this causes but I was 
 > wondering about the infinite TLD change coming in a year or 
 > so and how to handle it.  Do I get a list of the current 
 > ones and block everything from the new ones?  I'm sure this 
 > won't work in the long run, but listing all the bad guys is 
 > impossible as well, so I'm thinking about doing something 
 > like adding (Spam Score - .5) to all emails from the new 
 > TLDs.  Would this be easiest for MailScanner, SA, the MTA or 
 > some other software (like a milter) to accomplish?
 > 
 > 

I rsync the countries list from http://www.blackholes.us/ . I have a couple
scripts that pull all the Korea and China ASN cidrs and build iptables rules
to block them all together. I also have an exim->perl function that used
IP::Country to pull the ASN for several other countries that we do not do
business with and block them. I would imagine you could use either with
whatever mail server you are using. In three years or so that I have been
doing this we have only had one issue and that was because the owner was
selling an aircraft to a Japanese fellow who was using a Taiwanese yahoo
account.

Rick


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.