Spammers and Spamming Domains

Here is a list of domains that allow spammers to spam. If your domain makes it onto this list, the only way to delete it is to (a) stop sending spam, (b) change your SPF record so that it is (i) valid, and (ii) not too permissive.

Here is a list of domains that allow spammers to spam. If your domain makes it onto this list, the only way to delete it is to (a) stop sending spam, (b) change your SPF record so that it is (i) valid, and (ii) not too permissive.

As far as I'm concerned, you are a spammer or are assisting spammers. By publishing an SPF record with +all or ~all (or not publishing one at all) and not using DKIM, you are letting spammers use your domain to send e-mail.

If you use DKIM ADSP Discardable, you shouldn't make it on to this list unless you have genuinely spammed me.

Am I helping spammers with this list? Probably not. All domains on this list have sent me spam, therefore the spammers are already using the domains. Rather than replying to the From: address and asking you to stop spamming, you'll end up on this list.

If spammers start scraping this page for easy-to-forge domains, or you don't want your domain to be listed alongside a major spamming outfit, make the corrections in your DNS and contact me. Otherwise, I see no reason why I can't claim you are an indirect supporter of spammers.

And no, "breaks forwarding" is not a reason - whitelist the forwarding MTA, use SRS, or don't use forwarding.

And no, "it wasn't me!" is not a reason - your SPF record (or lack of) said your domain sends mail from the spammer's IP address. You should know the IP addresses of your MTAs.

And no, "my users want to use their favourite MSA!" is not a reason - either add their favourite MSA to an SPF record for your domain (or by use of a macro before -all) , or tell them to send e-mail through the authorised MSA for your domain.

And no, "you can unsubscribe!" is not a reason - if you send me unsolicited commercial e-mail you are a spammer. If you got my e-mail address through "being a partner of" someone, you are a spammer unless you clearly state where you got permission to e-mail me from.

  • aa-san-mateo.org
  • abconline.org
  • aging-institute.org
  • alaskaseafood.org
  • al-razi.net
  • amazinhazen.org
  • ancare.com.au
  • apple.com
  • arhingdoo.com
  • atari8bit-software.de
  • barclays.net
  • baronunlimited.com
  • biocortijo.com
  • cap-immo.com
  • cheminees-philippe-06.com
  • cobwebmedia.co.uk
  • collett.co.uk
  • columbia.uk.com
  • crewardslink.com
  • earmyu.com
  • emperormailer.com
  • evox.biz
  • firstproducts.com
  • gametwowin.com
  • giulianoamante.com
  • hmrc.gov.uk
  • hush.com
  • inanities.com
  • instagib.net
  • jeello.com
  • jjof.com
  • jobsforme.co.uk
  • kampanyareklam.com
  • kingmikeusa.com
  • luurikauppa.com
  • klm.com
  • marketingemail-web.com
  • matrox.com
  • mkw000.com
  • mms.ee.co.uk
  • mms.o2.co.uk
  • mms.t-mobile.co.uk
  • ortel.ru
  • pachama.fr
  • paleodia.com
  • pijnacker-nootdorp.com
  • pousette.se
  • res-ec.org
  • ride.fi
  • safe-email-deals.com
  • sawallich.net
  • slovanet.sk
  • sohu.com
  • supergoalresults.com
  • sweetjack.com
  • texknox.com
  • theillusionstudio.com
  • tpnet.pl
  • ups.com
  • utmen.jp
  • winnersloungeonline.com
  • winnerspromos.com
  • wlsolicitors.com

Why am I not going by IP address? Simple: SPF and DKIM ADSP Discardable are there to help prevent e-mail address (and domain) forgery. If you don't care about your e-mail address or domain being forged, then presumably you also don't care about it being associated with spam.

It also saves disk space. The return-path in spam that makes it to my inbox contains your domain? Your domain gets added to the list. A spammer got an e-mail account for your domain and sent spam from it? If I was told by an auto-responder to fill in a web-form after reporting abuse via Spamcop.net, because you can't be bothered to deal with reports received by e-mail, you get added to the list. Meet the definition for being added? No need for me to store the spam.

Oh, and by "delete" I really do mean the HTML <del> tag. And by contacting me about being listed you are authorising me to publish all contact on a page whose URI will be included as the value of the <del> tag's cite attribute. And by publishing all contact, the e-mail addresses will be obfuscated using the same technique I use on my PGP keys page.