[SURBL-Discuss] Notification of Blacklist Status
Petros Kolyvas
pk at shiftfocus.ca
Fri Jul 3 20:00:32 CEST 2009
> On 7/3/09, Petros Kolyvas <pk at shiftfocus.ca> wrote:
>>
>>> To be clear, the owner of the phished brand usually makes very
>>> thorough efforts to contact the site owner or web host to let them
>>> know about it and to ask them to correct the problem.
>>
>>
>> If you've been reading the discussion, you'll know that's not the
>> case
>> in this case - and further points that our site was never used for
>> any
>> phishing.
>
> That's not correct. The site reportedly appeared in phishing
> messages.
To be clear, had some due diligence been done it would be noted that
it was the shared server which was compromised and not the domain
itself. I would suggest that some research would show that many
domains on that shared host are on this particular blacklist and that
it had nothing to do with the domains themselves. Which furthers my
point that the domain owners, in this particular case, are being
unfairly punished when a more direct solution — ie. contacting a
shared host that has produced a large number of compromised domains —
would have greater effect.
>
>>>> Our host even claimed that: The domain is not directly hosting the
>>>> phishing attack. Due to the fact that the server is running UserDir
>>>> functionality, other user accounts can be accessed through the /
>>>> ~username path. My ISP has confirmed that the UserDir functionality
>>>> will be removed from all server within 48 hours.
>
> Translation: your site was used for phishing, with a name like
> www.mydomain.com/~username
>
> Your host is trying to tell you exactly that.
Actually that is what my host asked me to tell that to the SURBL
whitelisters. Additionally, the host isn't saying our site was used
for phishing but rather the shared sever allowed any site on it to
appear to be the culprit when the domains themselves, in fact, were not.
Furthermore, they [our host] weren't trying to tell us anything. They
were trying to tell SURBL something and it wasn't enough. So much so
that despite being very proactive in this case, nothing at all has
happened; with the exception of the creation of some interesting
logical fallacies.
To be even clearer, this whole process is so obviously flawed we have
spent the afternoon telling each of our clients that in order to
continue working with us via e-mail they will need to stop using the
SURBL lists. Thankfully this was not an issue and they were happy to
comply.
When calm reasoning is not even considered, it's time to stop reasoning.
Despite all this, I continue to wish you all the very best.
Take care,
Petros Kolyvas
More information about the Discuss
mailing list