Does your company block .ai domains?
Posted by AgreeableString3238@reddit | sysadmin | View on Reddit | 18 comments
The company I work for recently changed our website to a .ai domain. Today I found out that one of our customers can't access it due to firewall rules. How common is this?
frosty3140@reddit
Yes we block the entire .AI namespace, with one exception
ArchonTheta@reddit
I’ll bite. What’s the exception?
perkia@reddit
Claude probably
No_Yesterday_3260@reddit
Must have a reason for it - We got a tool, an AI network tool (gets all data mirrored and checks for malicious patterns), and their website uses .ai - So dunno.
It's a company decision, not sure why the domain .ai would seen as a malicious one.
Maybe because there's a lot of XXX related websites, with AI generated XXX content, that use .ai?
sionescu@reddit
AI is all garbage and malicious.
No_Yesterday_3260@reddit
True, but this post is about websites/DNS using the .ai toplevel domain, sooo... :)
Also unsure why my comment got a downvote, haha.
WhiskyTequilaFinance@reddit
Yup. You are invisible to my entire F500 company now. Which is good, we don't want whatever you're spamming anyway, so even your junk mail won't get through now.
OneSeaworthiness7768@reddit
Yup, only the ones we have enterprise plans with are allowed.
FearlessAwareness469@reddit
Yes
gruntbuggly@reddit
It’s very common. A LOT of companies don’t want users using unapproved AI tools, and the easiest way to catch a large majority of those is to default block the .ai TLD, and use white lists to enable individual tools on an as needed basis. My own company does this, too.
lart2150@reddit
It's pretty common to block recently registered domains.
ExceptionEX@reddit
Yeah seeing as it was largely a spamming TLD until the AI crazy, it seems like a bad idea to jump on that trend.
illicITparameters@reddit
When did your company relocate to anguilla?
aguynamedbrand@reddit
I could definitely see that turning off some potential customers.
illicITparameters@reddit
Me, I’m that customer it would turn off.
Sure-Squirrel8384@reddit
Yes, we have SSL/TLS decryption for DLP and other reasons. We block all AI access for DLP and other reasons. The only AI access allow is gov-cloud based and strictly logged and filtered for certain levels of DLP (some is allowed, some is not).
Rex_Bossman@reddit
I had .ai blocked in our tenant. I had to look up why and found that it is the top level domain for the country of Anguilla so we must have been getting phishing from there at some point.
Kumorigoe@reddit
Not as common as it should be, unfortunately.