- Impact
- 21,788
Hello,
Consider the following (real) scenario.
I have a client running a Postfix server. The distro is a bit old, so there are some packages like Spamassassin or Amavis that are not up to date to the latest version. The server cannot be upgraded until there is a complete and documented overview of the active processes running on it.
Recently one of their (publicized) mailboxes has been getting a lot of spam (>100/day).
How do I keep the customer happy ? Fast and easy remedy: I block new extensions like .bid .top .trade on the mail server and cut the crap by 90% at least.
There is nothing to lose here, and everything to gain. Because there is not one single party they are dealing with, like suppliers etc using any of those TLDs. And the customer doesn't do business with China or whatever, so again they don't expect mail from a .top address for example.
So we block the worst offenders like .bid, .trade, .stream. Result: spam is curtailed instantly while saving server resources.
Let's be fair: it's not necessarily the fault of new extensions if spammers are abusing them.
Unless:
I think registries must shoulder the blame here. It's their fault if those TLDs continue to be abused and have a bad reputation.
And if you don't agree with this assessment, there are plenty of sysadmins who will disagree and block them anyway, because it makes their job easier and there is almost zero chance of blocking a legitimate contact (who can be whitelisted if need be).
However, it is a small number of extensions that causes a lot of trouble. But there is risk that sysadmins will not bother and throw them all in the same basket.
Do I feel bad ? No. This is a simple business decision, adapted to the present circumstances. Even though I don't like the principle. But again, who is hurt.
PS: this is a temporary fix
PS2: but anybody who works in IT knows that temporary solutions tend to become permanent
Consider the following (real) scenario.
I have a client running a Postfix server. The distro is a bit old, so there are some packages like Spamassassin or Amavis that are not up to date to the latest version. The server cannot be upgraded until there is a complete and documented overview of the active processes running on it.
Recently one of their (publicized) mailboxes has been getting a lot of spam (>100/day).
How do I keep the customer happy ? Fast and easy remedy: I block new extensions like .bid .top .trade on the mail server and cut the crap by 90% at least.
There is nothing to lose here, and everything to gain. Because there is not one single party they are dealing with, like suppliers etc using any of those TLDs. And the customer doesn't do business with China or whatever, so again they don't expect mail from a .top address for example.
So we block the worst offenders like .bid, .trade, .stream. Result: spam is curtailed instantly while saving server resources.
Let's be fair: it's not necessarily the fault of new extensions if spammers are abusing them.
Unless:
- the domains are priced very cheap, so that they are attractive to spammers who will buy lots of them, and constantly rotate them
- the registries turn a blind eye on spam (hint: some registries have engaged in spamming)
I think registries must shoulder the blame here. It's their fault if those TLDs continue to be abused and have a bad reputation.
And if you don't agree with this assessment, there are plenty of sysadmins who will disagree and block them anyway, because it makes their job easier and there is almost zero chance of blocking a legitimate contact (who can be whitelisted if need be).
However, it is a small number of extensions that causes a lot of trouble. But there is risk that sysadmins will not bother and throw them all in the same basket.
Do I feel bad ? No. This is a simple business decision, adapted to the present circumstances. Even though I don't like the principle. But again, who is hurt.
PS: this is a temporary fix
PS2: but anybody who works in IT knows that temporary solutions tend to become permanent
Last edited: