[SURBL-Discuss] RFC: Adding malwaredomains.com data to phishing list?

Jeff Chan jeffc at surbl.org
Wed Nov 28 09:37:08 CET 2007


Quoting Catherine Jefferson <ariel at spambouncer.org>:

> 007arcadegames.com digitalriver
> www.bleedingthreats.net/forum/viewtopic.php?forum=11	showtopic=9
>
> I unfortunately wasn't able to pull up the web page it lists; it
> comes up blank in Firefox.  The domain has hinky registration, probably
> is a malware site.  But if it's hosted by Digitalriver, they're fairly
> legitimate.  (There are considerably more spam problems there than
> when Al Iverson was the Abuse manager, but they're at worst light
> grey.)

It's not clear how that field is derived.  If the domain really belonged to
Digital River then it may have been worth trying to notify them.  If the site
was minor, cracked, or belonged to bad guys then it might get blacklisted since
the potential harm from malware may on balance exceed the effect of
blacklisting.  Malware/phishing/etc. have the potential to ruin people's lives.

> Which probably doesn't matter when it comes to listing the domain. :)
> But I'd definitely send a note to the host, especially when the host
> is a legitimate business that would be horrified to be hosting a
> malware site.  Hope this guy does that.

Depending on the source, they may get automatic notifications.

Jeff C.


More information about the Discuss mailing list