At this day and age, any cheap TLD will be used for spam. I used to think people shouldn’t do it, but now the only option is to blanket-ban some TLDs.
I operate my own postfix. In the last 6 months, I see at least 250 daily attempts from domains in the .sbs, .cfd, .quest and other TLDs, all with valid SPF/DKIM and even IP reverse. The domains are at maximum 7 days older, and they all are formatted like “(commonword1)(commonword2)(commonword3).(tld)”. The only way to tell them apart is by running spamassassin on it, or if you aren’t much worried, it’s a way easier to just block the TLD.
Given how little people communicate via email nowadays (relative to IM), email spam feels in an all time high.
I'm seeing people submit a lot of them these days. Great way to kill your startup.
cebert · 17h ago
Is .ai the new “cool” TLD for startups now or has that fad passed already too?
Brajeshwar · 16h ago
Oh! It is still very much on. I used to occasionally order missed school tiffin backups (in India) from a pretty good school tiffin supplier. This year, too, I tried to set it up as a backup. Their `.in` domain re-directed to their new AI-ed `.ai` domain.
ShadowBanThis03 · 15h ago
The continued existence of a limited, canned collection of TLDs testifies to the corruption of ICANN't and the administrative regime of the Web.
riffic · 14h ago
feel free to use alternative roots but everyone else has agreed to this system after much deliberation.
I operate my own postfix. In the last 6 months, I see at least 250 daily attempts from domains in the .sbs, .cfd, .quest and other TLDs, all with valid SPF/DKIM and even IP reverse. The domains are at maximum 7 days older, and they all are formatted like “(commonword1)(commonword2)(commonword3).(tld)”. The only way to tell them apart is by running spamassassin on it, or if you aren’t much worried, it’s a way easier to just block the TLD.
Given how little people communicate via email nowadays (relative to IM), email spam feels in an all time high.