Allow blocking of entire top level domains for example .tv or .ru.
THis can be done for Web Protection by creating a URL group that contains the TLD name (for example, create a URL group with ‘ru’ and ‘tv’ as URL entries. Then, add a block rule to your web policy to block that URL group.
If you’re looking for TLD blocking in email protection, please re-submit another idea with more details.
XG Fan commented
we would like to be able to block ccTLD lookups for clients using xg dns in the xg config at dns level to cover all protocols, not just http/https. the only comparable approach in xg seems to be creating dns request routes for each TLD to send the lookups to a separately managed external dns server populated with ccTLD zones with wildcard records resolving to invalid or other ip's. it would be nice to get the functionality within xg dns. i dont think this idea should be marked "already possible".
We're getting a lot of spam from .icu and I doubt we'll be seeing any legitimate e-mails from them anytime soon. The same could probably be said for the majority of the new non-country TLD's.
Bump. This is a no-brainer.