Can you configure Spam Assassin to block the top level domain .pw?

Avatar
  • Answered
the top level domain .pw seems to be exclusively used for sending out spam. I've written to them, but gotten no response. Boxtrapper, for some reason, is not filtering it out (my wife is getting inundated with spam from them, even though they aren't on the whitelist).
As they are a known spam organization, can you either change their rating so SpamAssassin with filter them, or block the creeps entirely?
Avatar
donesh
.PW clean up

Ever since the spam outbreak on .pw, we as the Registry have spent the past month and a half by undertaking a massive cleanup initiative. We have not waited for the Registrars to investigate and respond to complaints; rather we have ourselves taken down domain names which have proven to be abusive. While most of the forums have attributed rock bottom prices to be the sole reason for this outbreak, our investigations prove otherwise.

Our abuse desk has been kept busy with large volumes of complaints against .pw domains, each being responded within the time frame of 24 hours (and in most cases within a matter of few hours). The team has successfully traced the source of these spammy domains to customers under a single Registrar account. This means that more than pricing, this attack manifests itself as an activity carried out by an organized group of spammers targeting one particular Registrar portfolio. Over 95% of the spam mails have been perpetrated through this single Registrar. To curb this abuse, we have considered to respond and taken down reported domain names belonging to this Registrar.

In order to control this incident, we have tightened the nooze around other Registrars as well, thus implying the repercussions of our AUP violation (which we have been very particular about). In addition to our reactive techniques, we have also been eliminating abusive domains name at the registration phase by using pattern matching and anomaly based methods. This approach has proven to be very effective and has successfully eliminated 20-30% of domain names which are likely to be used for illicit activities.

In addition, to responding to complaints from individual internet users, the .pw Registry has been working closing with anti-abuse entities such as Symantec ,Spamhaus and SURBL. We have also tied up with NameSentry to beef up our abuse monitoring process. Being a Registry, we have access to very limited information as compared to a Registrar. Yet we have managed to weed out and terminate abusive domain names more proactively, compared to other Registries out there.

Last but not the least, we would like to thank each and everyone who have criticized, appreciated or raised concerns in our effort to curb the abuse. In order to assist us with our efforts, we request you to update us with your complaints at [email protected].
Avatar
donesh
Hello All,

I am Donesh Laher and I work as a Cyber Security Analyst in the Abuse Team at .PW Registry.

We are aware of the recent spam outbreak from the .PW domain names and have already started taking actions against the abusive domain names that have been reported to us.

We request you all to report us with the domain names which are involved in any abusive activities, along with an appropriate evidence for the same.

We have a dedicated abuse desk which operates 24/7.

Kindly report all the complaints at [email protected] and CC to [email protected].

Upon receiving the domain name, we will take stringent actions against them.

Regards

Donesh Laher
Cyber Security Analyst
.PW Registry
Avatar
jamesr
Thank you for your question! Sorry to hear about the spam problem with the .pw domain. Filtering spam can be time consuming and frustrating because it does not stop the emails it only sends them to a spam folder. If you want to stop spam permanently, you can submit and report your spam to spamcop.net. SpamCop is a DNS blacklisting company that will place the spamming server on a blacklist this will stop the spam from going to your email permanently. Please see the following links on how to do this. Getting too much Spam? How to Permanently stop spam with SpamCop Stop Spam by forwarding spam to Spamcop Best Regards, James R