At this day and age, any cheap TLD will be used for spam. I used to think people shouldn’t do it, but now the only option is to blanket-ban some TLDs.
I operate my own postfix. In the last 6 months, I see at least 250 daily attempts from domains in the .sbs, .cfd, .quest and other TLDs, all with valid SPF/DKIM and even IP reverse. The domains are at maximum 7 days older, and they all are formatted like “(commonword1)(commonword2)(commonword3).(tld)”. The only way to tell them apart is by running spamassassin on it, or if you aren’t much worried, it’s a way easier to just block the TLD.
Given how little people communicate via email nowadays (relative to IM), email spam feels in an all time high.
Oh! It is still very much on. I used to occasionally order missed school tiffin backups (in India) from a pretty good school tiffin supplier. This year, too, I tried to set it up as a backup. Their `.in` domain re-directed to their new AI-ed `.ai` domain.
I operate my own postfix. In the last 6 months, I see at least 250 daily attempts from domains in the .sbs, .cfd, .quest and other TLDs, all with valid SPF/DKIM and even IP reverse. The domains are at maximum 7 days older, and they all are formatted like “(commonword1)(commonword2)(commonword3).(tld)”. The only way to tell them apart is by running spamassassin on it, or if you aren’t much worried, it’s a way easier to just block the TLD.
Given how little people communicate via email nowadays (relative to IM), email spam feels in an all time high.