-- ShiftFocus Media for arts and education
Phone: 514.667.9778 ext. 231 Fax: 866.850.5451
42 Milner Street Montreal, Quebec H4X 2H5
On 2009-07-04, at 12:39 AM, SURBL Role surbl.role@gmail.com wrote:
On 7/3/09, Petros Kolyvas pk@shiftfocus.ca wrote:
On 7/3/09, Petros Kolyvas pk@shiftfocus.ca wrote:
To be clear, the owner of the phished brand usually makes very thorough efforts to contact the site owner or web host to let them know about it and to ask them to correct the problem.
If you've been reading the discussion, you'll know that's not the case in this case - and further points that our site was never used for any phishing.
That's not correct. The site reportedly appeared in phishing messages.
To be clear, had some due diligence been done it would be noted that it was the shared server which was compromised and not the domain itself. I would suggest that some research would show that many domains on that shared host are on this particular blacklist and that it had nothing to do with the domains themselves. Which furthers my point that the domain owners, in this particular case, are being unfairly punished when a more direct solution — ie. contacting a shared host that has produced a large number of compromised domain s — would have greater effect.
The domain would not have been listed unless the site appeared in phishing messages.
Please re-read what I wrote above. Read it again. Then read it once more. There are people who can help if English comprehension is something that needs to be worked on.
Do it for the children.
Our host even claimed that: The domain is not directly hosting the phishing attack. Due to the fact that the server is running UserDir functionality, other user accounts can be accessed through the / ~username path. My ISP has confirmed that the UserDir functionality will be removed from all server within 48 hours.
Translation: your site was used for phishing, with a name like www.mydomain.com/~username
Your host is trying to tell you exactly that.
Actually that is what my host asked me to tell that to the SURBL whitelisters. Additionally, the host isn't saying our site was used for phishing but rather the shared sever allowed any site on it to appear to be the culprit when the domains themselves, in fact, were not.
Furthermore, they [our host] weren't trying to tell us anything. They were trying to tell SURBL something and it wasn't enough. So much so that despite being very proactive in this case, nothing at all has happened; with the exception of the creation of some interesting logical fallacies.
To be even clearer, this whole process is so obviously flawed we have spent the afternoon telling each of our clients that in order to continue working with us via e-mail they will need to stop using the SURBL lists. Thankfully this was not an issue and they were happy to comply.
When calm reasoning is not even considered, it's time to stop reasoning.
We are waiting for the answer to two simple, reasonable questions:
- Is the phishing site down?
- Has the server been secured?
A broken record should be thrown away.
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
I still applaud the effort. I just cringe at the implementation.
Good night and good luck.
Petros Kolyvas