Discuss

discuss@lists.surbl.org

2 participants
1873 discussions

Three level TLDs
by Brooke Babcock 16 Mar '17

16 Mar '17

I have a question about the three level TLDs provided by SURBL. I’m a new user of SURBL and attempting to hook it into our company’s e-mail scanner using the guidelines listed here: http://www.surbl.org/guidelines <http://www.surbl.org/guidelines>. Guideline #2 instructs me to extract the base domain to use in the lookup to SURBL and points me to two different tables - a two level TLD table and the three level TLD table. According to the guidelines… “For any domain on the three level list, check it at the fourth level”. However, in the three level TLD table (http://www.surbl.org/static/three-level-tlds <http://www.surbl.org/static/three-level-tlds>), I see many two level domains. In my spot checking, I always see the same domain in the two level TLD table (http://www.surbl.org/static/two-level-tlds <http://www.surbl.org/static/two-level-tlds>) as well. Examples: fvg.it <http://fvg.it/> gov.ms ic.tr <http://ic.tr/> iki.fr <http://iki.fr/> info.at <http://info.at/> ro.com <http://ro.com/> How do I best treat these domains that show up in both lists? Are they on the three level list by mistake? Or should I do multiple lookups with different URI base domains (3 and 4 level) if the top domain is in both lists? For example, if I were to extract the URI, http://some.domain.fvg.it <http://some.domain.fvg.it/>, should I do a lookup on “some.domain.fvg.it <http://some.domain.fvg.it/>” and “domain.fvg.it <http://domain.fvg.it/>”, because “fvg.it <http://fvg.it/>" appears in both lists? Any help would be appreciated. Thanks much! ~Brooke

2 1

Abuse combat feed
by Rubens Kuhl 20 Feb '17

20 Feb '17

Is there an abuse combat feed available at SURBL ? The hope was to get information that would trigger abuse investigations and possible domain take-downs of phishing/malware that is enjoying benefit from the domain name (e.g., using a domain name like bank-name-security.TLD)... parsing the full URI data seems the most logical option, but that there doesn't seem to exist a TLD-specific feed or an specific $ condition for TLD registries. Ideas ? Tks, Rubens

3 7

Re: [SURBL-Discuss] SURBL Analysis Timing out
by SURBL Role 08 Feb '16

08 Feb '16

On Sunday, February 7, 2016, 5:50:36 PM, Paul Thursby wrote: > Hi, > I am trying to submit a IP delisting for 192.185.76.107 but the > application embedded on http://www.surbl.org/surbl-analysis just keeps > timing out. Can you help me solve this? > Regards Paul Please try it now. It should work. P.S. The IP is not currently listed. Almost always when and IP is listed it's because there is some service on it that is cracked, insecure or abused, such as a web server. Please fully secure all services against abuse and consult with a security expert if you need help.

1 0

Franchising Centre Blog.
by Simon Ryan 16 Mar '15

16 Mar '15

Hi Guys, how do I find out the progress on this site for my client being delisted please? Best wishes, Simon. Simon J. Ryan. Social Advisors Office: 01474 550290 Twitter: @socialadvisoruk Web: socialadvisors.co.uk FREE Downloads: Our guides to Social Media Success <http://adviserpost.co.uk/downloads/> Winners: FStech 2014 Best Use Of Social Media In Financial Services

3 2

Trying to Figure Something Out
by Anne P. Mitchell, Esq. 12 Mar '15

12 Mar '15

All, We are in the process of trying to help a sender to clean up their act and IP space, and in doing so, we came across a SURBL listing which we're trying to figure out. The domain that is listed is ibwmail.com; the problem that we are having is that there is no website at all on that domain, nor can we find any spam - anywhere - mentioning the domain. The only clue that we can find is that there is a gambling site that is using the domain as their MX (now, you may be saying that this is a big clue - but given that this is a domain listing, not an IP/MX listing - the two taken together don't add up, and that makes the delisting request process difficult because, for example, there is no message containing the (non-existent) website to include as required in a SURBL delisting request). This is a sender who is trying to reform their customers' practices, their space, etc... but it's awfully hard to whack anybody with a clue-by-four ("Bad sender! Bad, bad, bad!") when we can't find the puddle they stepped in (to torture a metaphor). Any thoughts, clues, or pointers would be greatly appreciated! Thanks! Anne Anne P. Mitchell, Attorney at Law CEO/President, Institute for Social Internet Public Policy Member, Cal. Bar Cyberspace Law Committee Member, Asilomar Microcomputer Workshop Committee Author: Section 6 of the Federal CAN-SPAM Act of 2003 Ret. Professor of Law, Lincoln Law School of San Jose Ret. Chair, Asilomar Microcomputer Workshop

4 6

More than 14 days - still blocked.
by Ryan Rigby 22 Feb '15

22 Feb '15

Hi All, I'm hoping someone on this thread can help me. Our site was added to the SURBL ws list back on the 5th Feb, I submitted a request and we were removed on the 6th Feb but we're still being blocked by sites like LinkedIn and some of our customers are also unable to access our content because the site is still showing on a SURBL list. We have contacted LinkedIn, who said there is nothing they can do to refresh or update their lookup list, I find it hard to believe that these blacklists are not refreshed in a 2 week period. I have verified that we have not been re-added and the google malicious site lookup confirms no malicious activity. My first question is - what can we do? Our site is clean (and always has been) and we were on one list for one day, this brief, and unwarranted addition to the list, has been impacting our business for 2 weeks now and continues to present a poor image of our company. My second question is - how did we get added? The automated response quoted 'multiple reports of unsolicited messages' but no evidence or source of this was provided, all our mailing lists require sign up and all our mail has unsubscribe options within it. We need to understand how we got on this list to ensure it never happens again and don't endure such a long and high impact issue as we are currently faced with. Any help you can provide will be much appreciated. Thank you, Ryan Rigby MCITP:SA Senior Systems Administrator Vision House, Wellfield Road Preston Brook, Cheshire WA7 3FR United Kingdom Desk: +44 1928 706 333 / +1 847 466 6333 Mobile: +44 7961 218 528 Fax: +44 1928 706 329 RRigby(a)flexerasoftware.com www.flexerasoftware.com CONFIDENTIALITY NOTICE: This email message (including any attachments) is for the sole use of the intended recipient and may contain proprietary, confidential, or trade secret information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Thank you.

2 3

Lenght of time to remove a site from blacklist?
by SURBL Role 23 Jun '14

23 Jun '14

We don't handle removal requests here, but since your company appears to be a transportation consulting company, most likely you are inquiring about a web site that has been cracked (broken into) and malicious content placed on it. Insecure computers may also be used for malicious activity such as phishing, DDOS, identity theft, banking credential theft, etc. It is crucial that the web site and all computers used to connect to it have a full security audit done by a competent security expert.

1 0

Lenght of time to remove a site from blacklist?
by Stephanie Wright 23 Jun '14

23 Jun '14

I am submitting information to remove a site from the JP blacklist. I can't seem to find any estimate on how long removal takes. Does anyone know? Thank you!

2 1

Surbl Blacklist Removal Request
by Elliott Tyndale 12 Mar '14

12 Mar '14

> When you say the removal request wasn't received do you mean an email was never received, or because I may have not completed the removal request correctly, a ticket wasn't created? > The reason I ask is, I would like to determine whether I just need to resend my already created removal request to whitelist(a)surbl.org, or whether I need to re do the removal request to fit the procedure. > If it is the latter, could you please shed some light on what I may have done wrong as there are many fields on this form. > Regards, >Elliott Tyndale Hello Surbl, Could anybody shed some light on my previous message please? Regards, Elliott Tyndale

3 2

Surbl Blacklist Removal Request
by SURBL Role 07 Mar '14

07 Mar '14

No removal request was received. Most likely you did not complete the removal request correctly. Please follow the removal procedure.

2 1

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss