In the past I could block an entire TLD by adding **@**.(domain) to a group and having said group applied to a policy which sends all traffic from that TLD to quarantine. Our spam seems to come in waves from one of these funky TLD's or another. Is there…
