dovecot mailing list (this mailing list), DKIM, SPF and DMARC

Wed Feb 16 17:48:56 UTC 2022

On 2022 Feb 16, at 10:22, Chris Bennett <chris-dvcot at freedomforlife.rocks> wrote:
> On Sat, Feb 12, 2022 at 12:58:03PM +0100, Sebastian Nielsen wrote:
>> Thats a TLD ban. Meaning *.ru is banned.
>> 
>> same applies for my domain for example, I ban *.xyz, *.date and a few others.

> I don't understand at all why banning tld is reasonable.

For the same reason that banning roadrunner was reasonable, the vast majority of mail from these new TLDs is nothing but spam, and I mean at levels far higher than the 97% of general email spam percentage.

When I blacklisted .top I has getting hundreds of thousands of spam emails a day on a quite small mail server, so much mail that it was overwhelming my server.

I have seen very few new olds that are not major spam magnets, and when I do, I unblock them.

But my default position is that ever TLD is locked except for the ones I specifically allow.

> I'm not rich.

The vast majority of olds are quite cheap.

> I can't afford to buy domain names that cost $200 a year to purchase.
> .com .net .info , etc. have run out of the names I wish to use.

If you are paying $200/yr for a domain name you are doing something very wrong. I am saying about $12/year. Maybe as high as $15/yr? I'd have to check, it is such a low number I don't really know.

> I have never ever sent a single spam email, but you would block my emails?

Yep.

> Bluntly said, but without malice, that attitude favors the rich
> over the poor.

No, it's not an economic issue at all. You are confusing your DESIRE for a cheap domain 'you want' with having to get a domain in a skeezy TLD.

> I refuse to trust the BIG guys.

That is your choice. My choice is to not accept mail from .xyz or .rocks or .top or many hundreds of others.

Email, having been designed a long time ago, has no mechanism for stopping bad behavior, so it is up to each admin to do what they can to stop unwanted mail. The vast majority of email that is sent is dangerous, malicious, illegal, or unwanted. Not like 505, but in the high 90s.

The mail that a system accepts is based on a variety of trust characteristcis that are pretty much unique to every server.

My mail server checks the IP address for every connection against several RBLs, checked the connection for certain behaviors before it even allows the connection to start talking to the mail server. Once communication occurs, it checks a lot more things before accepting the message. Nearly every connection attempt is refused and nearly every message that is attempted to be sent is rejected. Even so, of the mail that is accepted, 80% is spam and ends up in the user's junk mail box.

> My dad uses yahoo and
> gets emails yanked away while he is reading it.

This has nothing to do with TLDs.

> There are many other methods to block spam.
> IMHO, blocking by tld is a bit harsh.

That is your opinion and that is fine. But your opinion has zero effect on admins who block TLDs. You have no idea how big an issue spam really is and how much time mail mins spend trying to control it to simply a deluge.

This also is probably not the best group for this discussion.

-- 
I loved you when our love was blessed I love you now there's nothing
	left But sorrow and a sense of overtime