Discuss

discuss@lists.surbl.org

2 participants
1873 discussions

Surbl Blacklist Removal Request
by Elliott Tyndale 07 Mar '14

07 Mar '14

Hello Surbl, I sent a Surbl Blacklist Removal Request email to the whitelist(a)surbl.org email address after experiencing some problems with the website form. The email was sent on the 21st February at 10:21, but I haven't received a reply or any indication as to whether our domain is going to remain blocked or not. Could anyone shed some light on this please? The domain in question is www.givemegoodies.co.uk Regards, Elliott Tyndale

2 2

Policy Triggers
by Dave Doucette 16 Feb '14

16 Feb '14

I am interested in RPZ and am wondering what policy triggers are supported. Is it just QNAME, or is IP, NSIP and NSDNAME also included. Dave

2 1

domains listed
by Jason van Wyk 03 Feb '14

03 Feb '14

Hi can someone please explain to me why all new domains we register are automatically listed with SUBRL - JP. Thanks Jason

3 7

Re: [SURBL-Discuss] How to figure out the virtual host, containing malware
by Michele Neylon - Blacknight 23 Sep '13

23 Sep '13

They publish feeds by AS number and you can also check blocks of IPs Sorry on mobile so I can't provide the link ------------------------ Mr. Michele Neylon Blacknight http://Blacknight.tel Via iPhone so excuse typos and brevity > On 21 Sep 2013, at 12:11, "Neil Schwartzman" <neil(a)cauce.org> wrote: > > >> On Sep 20, 2013, at 6:47 AM, Michele Neylon - Blacknight <michele(a)blacknight.com> wrote: >> >> Roger >> >> Check the Google feeds - they specify the URL / domain that's being abused > > michelle - interesting. but which google feeds? > >> >> Regards >> >> Michele >> >> -- >> Mr Michele Neylon >> Blacknight Solutions >> Hosting & Colocation, Domains >> http://www.blacknight.co/ >> http://blog.blacknight.com/ >> http://mneylon.tel/ >> Intl. +353 (0) 59 9183072 >> Locall: 1850 929 929 >> Direct Dial: +353 (0)59 9183090 >> Fax. +353 (0) 1 4811 763 >> Twitter: http://twitter.com/mneylon >> ------------------------------- >> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty >> Road,Graiguecullen,Carlow,Ireland Company No.: 370845 >> >> ________________________________________ >> From: Roger Schreiter [roger(a)planinternet.de] >> Sent: 20 September 2013 14:06 >> To: discuss(a)lists.surbl.org >> Subject: [SURBL-Discuss] How to figure out the virtual host, containing malware >> >> Hello, >> >> we are operating email servers and approx 100 virtual web servers on the >> same machine. >> >> Some email receivers do block our emails, because our server >> seems to distribute malware on a virtual webserver and is now listed >> on surbl.org. >> >> Ok, now I have to figure out, which of our 100 customers is hosting >> a malware on his virtual webserver, most like without knowledge >> and being victime of a spyware or an unsecure CMS. (The latter should >> be of course removed asap from our server.) >> >> I wonder, how can I get a hint, which customer's web space is >> affected? Is there any mean to get more details from surbl.org, >> about the malware source? Domainname or addidional even a filename would >> be very helpful. >> >> Thanks for any hints! >> Roger. >> >> -- >> Roger Schreiter >> Lutherstr. 9 >> D-71576 Burgstetten >> Tel.: +49 7191 8929678 >> >> _______________________________________________ >> Discuss mailing list >> Discuss(a)lists.surbl.org >> http://lists.surbl.org/mailman/listinfo/discuss >> >> _______________________________________________ >> Discuss mailing list >> Discuss(a)lists.surbl.org >> http://lists.surbl.org/mailman/listinfo/discuss > > > _______________________________________________ > Discuss mailing list > Discuss(a)lists.surbl.org > http://lists.surbl.org/mailman/listinfo/discuss

2 1

Re: [SURBL-Discuss] How to figure out the virtual host, containing malware
by Michele Neylon - Blacknight 21 Sep '13

21 Sep '13

Roger Check the Google feeds - they specify the URL / domain that's being abused Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Domains http://www.blacknight.co/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: Roger Schreiter [roger(a)planinternet.de] Sent: 20 September 2013 14:06 To: discuss(a)lists.surbl.org Subject: [SURBL-Discuss] How to figure out the virtual host, containing malware Hello, we are operating email servers and approx 100 virtual web servers on the same machine. Some email receivers do block our emails, because our server seems to distribute malware on a virtual webserver and is now listed on surbl.org. Ok, now I have to figure out, which of our 100 customers is hosting a malware on his virtual webserver, most like without knowledge and being victime of a spyware or an unsecure CMS. (The latter should be of course removed asap from our server.) I wonder, how can I get a hint, which customer's web space is affected? Is there any mean to get more details from surbl.org, about the malware source? Domainname or addidional even a filename would be very helpful. Thanks for any hints! Roger. -- Roger Schreiter Lutherstr. 9 D-71576 Burgstetten Tel.: +49 7191 8929678 _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss

3 2

How to figure out the virtual host, containing malware
by Roger Schreiter 20 Sep '13

20 Sep '13

Hello, we are operating email servers and approx 100 virtual web servers on the same machine. Some email receivers do block our emails, because our server seems to distribute malware on a virtual webserver and is now listed on surbl.org. Ok, now I have to figure out, which of our 100 customers is hosting a malware on his virtual webserver, most like without knowledge and being victime of a spyware or an unsecure CMS. (The latter should be of course removed asap from our server.) I wonder, how can I get a hint, which customer's web space is affected? Is there any mean to get more details from surbl.org, about the malware source? Domainname or addidional even a filename would be very helpful. Thanks for any hints! Roger. -- Roger Schreiter Lutherstr. 9 D-71576 Burgstetten Tel.: +49 7191 8929678

1 0

fly1above.com / 216.185.152.155 blocked
by Nick Llewellin 19 Jul '13

19 Jul '13

Hi Guys We are using the URL Sensor policy in MailMarshal which I understand uses the SURBL list. I have used the SURBL Analysis tool on the website which shows fly1above.com and 216.185.152.155 as not blacklisted but whenever the user from this domain attempts to send an email to our customer URL Sensor marks the email as spam. Is anyone able to advise ? If more information is required please let me know. Thanks ! Nick Llewellin Helpdesk Support Representative Microsoft Certified Professional Optimus Systems Ltd DDI: +64 9 3599337 Email: nick(a)optimus.co.nz<mailto:nick@optimus.co.nz> PO Box 68-667, Newton, Auckland, 1145, New Zealand Ground Floor, 20 Beaumont Street, Freemans Bay, Auckland, New Zealand Helpdesk: +64 9 359 9337 | Fax: +64 9 281 2339 | Web: www.optimus.co.nz

3 3

one-time access to rbldnsd/rpz data for testing
by Brent Bice 18 Jun '13

18 Jun '13

Hey guys. I was just looking over the service (sounds promising) but before I start using an RBL (or similar service), especially one we have to pay for access to, I always run some tests first. In this case, I'd take a few months worth of DNS query logs and run that through a perl script to see which hostnames would be caught by the RPZ. Obviously, I'd only do this if I had the data mirrored locally so I'm not beating up on anyone else's DNS servers. :-) So... Is there a way I can get one-time access to the RPZ and rbldnsd formatted data just so I can run some sanity checks? If I can quantify the number of URLs the users here queried for that the RPZ would otherwise have blocked (we run our own in-house RPZ too), I could then do a cost/benefit analysis for the folks who pay the bills, assuming it was catching stuff our own RPZ isn't. Possible? I'd only run it on one, non-production DNS server here for testing and would toss the data when I was finished, unless we decided to use it in production and pay for access... Brent

2 1

Hello SURBL discussion board!
by Ryan Harris 04 Apr '13

04 Apr '13

Hello, Thank you for having me on your discussion forum. SendGrid monitors outgoing links and checks with SURBL listings. We noticed yesterday several emails being flagged because emailonacid.com was listed by SURBL. I wanted to inquire about this and to hopefully gain some insight on why this domain was listed. Is there anything that SendGrid should be concerned about in regards to emailonacid.com. Today I don't see emails with this link being flagged, has the initial issue been resolved with emailonacid.com? Thank you for your time and your help. Ryan Harris Lead Abuse Engineer

4 3

Re: [SURBL-Discuss] Hello SURBL discussion board!
by Michele Neylon :: Blacknight 04 Apr '13

04 Apr '13

Ryan It's a mailing list not a discussion forum .. Anyway .. this isn't really the place where you're going to get answers on specific issues .. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: Ryan Harris [ryan(a)sendgrid.com] Sent: 03 April 2013 16:15 To: discuss(a)lists.surbl.org Subject: [SURBL-Discuss] Hello SURBL discussion board! Hello, Thank you for having me on your discussion forum. SendGrid monitors outgoing links and checks with SURBL listings. We noticed yesterday several emails being flagged because emailonacid.com was listed by SURBL. I wanted to inquire about this and to hopefully gain some insight on why this domain was listed. Is there anything that SendGrid should be concerned about in regards to emailonacid.com. Today I don't see emails with this link being flagged, has the initial issue been resolved with emailonacid.com? Thank you for your time and your help. Ryan Harris Lead Abuse Engineer _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss

5 5

← Newer
1
2
3
4
5
6
7
...
188
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss