Wouldn't it be easier to just block/autocorrect the domain on the MTA?<p>I don't think many people would be legitimately sending mail to .ml domains, especially not to domains that match a top level domain in .mil
The emails were intended for the US military, which uses the domain name ".mil". But they missed out the letter i, and so the messages went instead to the West African nation of Mali.