False positives: _protected/app/configs/banned/email.txt

[ip6li]

Describe the bug

Ban file _protected/app/configs/banned/email.txt contains many false positives and not existing domains, so this file is unusable for banning domains. For identifying throwaway e-mail addresses it is also unusable, because some throwaway mail services changes their domains daily and operating such domains for 2 or 3 days only. Same is true for ip addresses, a local ban list is simply useless.

To Reproduce

Steps to reproduce the behavior:

1. New Account
2. Use e.g. [email protected]
3. See error

Domain spamwc.cf is not registered, at least not known to root nameservers.

Expected Behavior

Ban list should be sourced by e.g. Spamhaus DBL. This list is quite reliable and regularly updated. DBL implementation is based on DNS queries, e.g.:

$ host spamwc.cf.dbl.spamhaus.org
Host spamwc.cf.dbl.spamhaus.org not found: 3(NXDOMAIN)

On a "bad" domain following happens:

$ host dbltest.com.dbl.spamhaus.org
dbltest.com.dbl.spamhaus.org has address 127.0.1.2

To check bad ip addresses, zen.spamhaus.org is a good choice.