Discuss

discuss@lists.surbl.org

1 participants
1864 discussions

Phishtank Data and SURBL?
by Johnson, Ken 21 Oct '10

21 Oct '10

We have been having an increase in the number of phishing messages that slip through our antispam solution. We currently use Can-IT which includes an instance of SpamAssasin which has active scanning on for SURBL. We recognize that no current solution is going to be 100% effective - however one of the most recent phishing messages that got through was for a link which appeared to already be in phishtank.com data (see http://www.phishtank.com/phish_detail.php?phish_id=1068849) We had been working to see if we could incorporate phishtank.com data in the Can-IT environment to add one more source of blocks for these messages to plug some more holes when we noticed per http://www.phishtank.com/friends.php that SURBL appeared to already be listed as using (in some way) phishtank data. We presumed that http://www.surbl.org/lists.html#ph probably used it - but tests seem to have test messages with that url receiving no points inbound. Further testing on the SURBL lookup returned that w3t.org wasn't listed (which makes sense as the underlying url above is a shortener so it's only the extended url that is listed in phishtank and worth flagging on - does SURBL only accept root domains for listing? Basically we're just trying to figure out if this is a config error on our part or a misunderstanding on our part of how SURBL uses phishtank.com data and/or classifies reported phishing sites and subdirectories in the first place. Thanks in advance for any insight! Ken Johnson Information Technology LeTourneau University

2 1

portion of my domain name is List
by David Fletcher (SAN) 14 Oct '10

14 Oct '10

Hello, My domain is Sandestin.com. We are having some issues of our emails being blocked as spam. The message is 552 tin.com found in SURBL: Blocked, tin.com on lists [ws], See: http://www.surbl.org/lists.html. My domain isn't on the lookup but tin.com. Where do you think this issue lies? Is it SURBL or the spam filtering that is using surbl? David Fletcher I.T. Dept

3 2

Rejected content by multi.surbl.org
by Shattuck, Will 19 Jul '10

19 Jul '10

Hi all, One of my users sent email someone and received a rejected notice. Here it is: host mx01.lastspam.com[64.15.150.3] said: 550-5.7.1 rejected content, black listed 2010.In by multi.surbl.org. #762 #895 (m6F1MY037314479000) The attachments being sent were a 38 KB Excel file, and 1 MB PowerPoint. I understand that SURBL checks for websites and URLs inside the email, but I can't seem to find anything about SURBL lists rejecting content. I'm inquiring as we need to make sure these attachments get to the recipient. Thanks, Will

5 8

Detail information for listing / Removal request
by 127.0.0.1＠gmx.de 13 Jul '10

13 Jul '10

Hello, is there any page i can verify the source mails or urls which has led to the listing of the domain "ncsrv.de" at SURBL? This domain is used as a alternative url for almost every server in our network (server1 ... server99999.ncsrv.de), so websites are available even no customer domain is routed on the certain server. We use this domain also as internal identifier, also included in the host name configuration. As you will understand a full control over every URL used in unsolicited messages is almost impossible because we have a lot of root systems, so we can not shut down every listed URLs immediately. Is there a possibility to check for new entries at SURBL automatically so we can respond to that issue? Thanks, Rafael -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01

3 9

How to delist from the SURBL list?
by SnipURL Editor 30 Jun '10

30 Jun '10

Hi, I have tried to send an email from the Lookup page, but that email is bouncing. What am I missing? Whom can I contact to get my IP unlisted, given that it's now been a month since it's been wrongly put in the list? Thanks Shanx

5 8

www.jmhsa.ch
by Gilles Robert 04 Jun '10

04 Jun '10

Hello, Why do I have such message from my program antispam : 1 .5 URIBL_WS_SURBL Contains an URL listed in the WS SURBL blocklist > * [URIs: jmhsa.ch] I did check, our site jmhsa.ch is not blacklisted by ws_surbl.... Can anyone help me ? Thanks and regards. Gilles Les Sociétés JMH Cassarde 4 2000 Neuchâtel Tél. ++41.32.729.00.20 Fax ++41.32.729.00.29 www.jmhsa.ch societes(a)jmhsa.ch

3 2

Re: [SURBL-Discuss] Email Rejected due to Multi.surbl.org (Duane Wolf)
by Wolf, Duane A. 28 Apr '10

28 Apr '10

Well luckily I'm the mail administrator on both sides of this issue! :) What I found was that my firewall on the receiving side has a feature that utilizes uribl. Disabling this feature stopped the email rejections. Upon further investigation into this (with the help of some others folks) it was determined that uribl might have changed the way they do their blacklist notifications now. It looks like their "whitelists" (i.e. those that should not be blocked) also return results now - which is probably why the uribl feature blocks the email. http://uribl.com/about.shtml >From what I can see, their whitelist is not included in the multi list or its not working. I maybe off base on this but wanted to post what I have found so far. I am currently catching up on all the suggestions and info presented so far. Thanks again for everybody's help. Duane ------------------------------ _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss End of Discuss Digest, Vol 66, Issue 3 **************************************

2 1

Email Rejected due to Multi.surbl.org
by Wolf, Duane A. 27 Apr '10

27 Apr '10

I've been researching an issue where emails are getting rejected with these NDR errors: An error occurred while trying to deliver this message to the recipient's e-mail address. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator. The following organization rejected your message: smoothwall. _____ Sent by Microsoft Exchange Server 2007 Diagnostic information for administrators: #552 www.w3.org in multi.surbl.org: 74.63.164.174 ## #552 www.w3.org in multi.surbl.org: 204.232.162.153 ## If I'm reading this correctly the emails are being rejected cause the multi.susrbl.org found a reference to w3.org in a HTML email?? How can this be fixed/removed/corrected? Thanks, Duane

4 3

How do I register two-level freehosting domains?
by Victor Popov 09 Apr '10

09 Apr '10

Hello everyone, I am a freehosting sysadmin and we are providing free registration of a 3-level domain within our 2-level domains. As registration is free, some abuse is possible, but it does not appear to be fair to list entire 2-level domain because of some abusers, which would list innocent sites within same domain. I am wondering, how our domains can be included in http://www.surbl.org/tld/two-level-tlds ? I see similar freehosting domain in this file, such as by.ru, chat.ru, front.ru, hotbox.ru, hotmail.ru, land.ru and others. Here is the list of our freehosting domains: aiq.ru al.ru bip.ru bos.ru dax.ru dem.ru dtn.ru far.ru fud.ru hobi.ru hop.ru metastock.ru pips.ru rxt.ru supercharts.ru tora.ru vipcentr.ru vipshop.ru viptop.ru vov.ru wallst.ru webservis.ru A right contact suggestions for this question or other hint would be appreciated. -- Best regards, Victor Popov mailto:vpopov@centre.ru

1 0

New SURBL TLD Files
by Bill Landry 03 Mar '10

03 Mar '10

Hi List, I noticed in Spamassassin bugzilla: https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6335 that there are 2 new TLD files available for uses with SURBL: "two-level-tlds" and "three-level-tlds". However, I am wondering where these files should be placed and if they need to be renamed and have .cf appended to them like the "90_2tld.cf" file URIBL supplies? Thanks in advance for any guidance or feedback. Regards, Bill

3 5

← Newer
1
...
4
5
6
7
8
9
10
...
187
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss