.xyz and .icu domain spam

Avatar image
May 27, 2020
Andrew Cubison wrote
Hi
We are seeing a lot of .xyz and .icu domain spam. Is there any legitimate use of these domains? If not, what is the best way to ban all .xyz and .icu domain emails?
Thanks
Andrew
3 Answers
May 27, 2020
Paul Smith agent wrote
It's impossible to know whether there's *any* legitimate use of these domains, because you can't see a list of all the companies that use them.

The current VPOP3 spam filter should block .icu domains, as they are known to have a low reputation and several other spam filters also have a blanket block on them at the moment. The spam filter doesn't currently block .xyz, but that may change. Bulk blocking like this has to be considered carefully in a published filter.

But, if you want to block them at your end, it's easy enough to do.

Go to settings -> Spamfilter -> white/black lists and add *.icu and *.xyz to the "Blacklist addresses" list

Avatar image
May 27, 2020
Andrew Cubison wrote
Hi Paul
Can we go one step further and block the domains before they get tot he spam filter? The daily spam report is packed with these two domains, making it harder to read though.
Thanks
Andrew
May 27, 2020
Paul Smith agent wrote
You can use SMTP Rules (Services -> SMTP -> Filtering -> Edit SMTP Rules) or Download Rules (Mail Collector -> POP3 General -> Edit Download Rules) depending on how the messages reach VPOP3.



Eg, you could set up an SMTP Rule to reject messages where the return path is *.xyz