Comment by kassner

At this day and age, any cheap TLD will be used for spam. I used to think people shouldn’t do it, but now the only option is to blanket-ban some TLDs.

I operate my own postfix. In the last 6 months, I see at least 250 daily attempts from domains in the .sbs, .cfd, .quest and other TLDs, all with valid SPF/DKIM and even IP reverse. The domains are at maximum 7 days older, and they all are formatted like “(commonword1)(commonword2)(commonword3).(tld)”. The only way to tell them apart is by running spamassassin on it, or if you aren’t much worried, it’s a way easier to just block the TLD.

Given how little people communicate via email nowadays (relative to IM), email spam feels in an all time high.