.BUZZ TLD - How to swat a spammer

So .buzz is another one of those new gTLD’s that saw the light of day during ICANN’s “show me the money” run back in 2013. It’s managed by dotStrategy, and it’s advertised as a great domain name for generating buzz around your product.

Spam from .buzz domains

Rejected spam from .buzz domains delivered through LayerHost hosting.

Spammers agree apparently, and the TLD has now surpassed the needed threshold to receive a permanent ban from delivering e-mail to any server under my administration.

As usual, the domain names consist of two randomly joined words, and they have been bulk registered with GoDaddy and NameCheap. As of the writing of this article, the spammers were using LayerHost, Eonix, and XSServer as infrastructure providers.

How to block spam from .buzz domains

Nuzz marketing reference

Block spam from .buzz domains with Postfix

With Postfix, you may add or edit /etc/postfix/reject_domains to identify .buzz domains using a simple regular expression:

# /etc/postfix/reject_domains
/\.buzz$/ REJECT We don't talk to .buzz domains

Proceed to edit the main Postfix configuration and append the regexp lookup to the smtpd_sender_restrictions policy:

# /etc/postfix/main.cf
smtpd_sender_restrictions = pcre:/etc/postfix/reject_domains

Reload Postfix to activate the new configuration.

Block spam from .buzz domains with Sendmail

With Sendmail, you may use the access database to reject messages from .buzz domains. Simply edit /etc/mail/access and add a reject statement at the end of the file:

# /etc/mail/access
buzz  ERROR:"550 We don't talk to .buzz domains"

Finally, we’ll use makemap to rebuild the access database with the following command:

makemap hash /etc/mail/access.db < /etc/mail/access

Nothing left to say other than please buzz off :)

Roger Comply avatar
Roger Comply
Thank you for reading!
Feel free to waste more time by subscribing to my RSS feed.