You could add some RBL and threat feeds of known bad domains like URIBL:
https://uribl.com/datafeed.shtml
We run one specifically for verified phishing domains via Domainsure:
https://domainsure.com/threat-feeds
This RBL is small, compared to some threat feeds, but we're building it
up and some of the resolver services who are consuming it (Quad9,
ControlD) say they are seeing unique values in it.
- mark
P.S if you shoot me over the typo phish you are dealing with I can add
it here.
On 2026-02-18 12:05 PM, Anael MOBILIA via mailop wrote:
Hello Mailop,
I have been informed of a fraudulent domain (typosquatting) sending
phishing emails (bank account changes, invoices collection, ...).
I've taken standard steps to take down this domain (hosting abuse,
registrar abuse, Google Safe Browsing listing, ICANN UDRP).
Since each of these actions can be time-consuming, I want to ensure
that any new malicious email sent, during this time, from this domain,
could be detected as spam...
Members of this mailing list usually share best practices for
unblocking emails. This time, I'm looking for effective methods to
help blocking fraudulent emails...! :-)
Do you have any advice or experiences to share on this topic?
Thanks,
Anael
_______________________________________________
mailop mailing list
[email protected]
https://easydns.urlsand.com/?u=https%3A%2F%2Flist.mailop.org%2Flistinfo%2Fmailop&e=e7eb7067&h=8771eab6&f=y&p=y
--
Mark E. Jeftovic <[email protected]>
Co-founder & CEO easyDNS Technologies Inc.
+1-(416)-535-8672 ext 225
/"Never expect a thing you do not want,
and never desire a thing you do not expect."
-- Bob Proctor /
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
