Security Basics mailing list archives
Re: Spoof, Spam & Blacklist
From: AJ <heuristix () gmail com>
Date: Thu, 7 Feb 2008 16:42:46 -0500
The onus here is on Company DEF. If they do not understand that spam can be (and very often is) sent from spoofed addresses, that's the primary problem. If this blacklist is DEF's company blacklist you don't have any options other than trying to explain how spoofing works to DEF representatives and convincing them that this attack was indeed spoofed. If the blacklist is a public blacklist, you would complain to the owner/maintainer of the blacklist. As an email admin you should monitor public blacklists to alert you if/when IPs belonging to your company get added to one and then respond as warranted. If you are a trusted partner of DEF or do business with them, you may be able to convince them to whitelist the IP address(es) of your mail server(s) since IP addresses of uncompromised hosts cannot be spoofed in smtp transactions. Aarjav On Feb 7, 2008 2:27 PM, J. Lion <jv4l1n4 () gmail com> wrote:
Scenario Bad Guy(s) spoof Company ABC email and launch spam on members of popular search engine and online email provider (Company DEF) Spammed DEF members reported the spam Company DEF respond by looking up Company ABC's IPs and blacklisted them (instead of offending IP address(es)) Questions How do you get Company ABC off DEF blacklist? How do you prevent Company ABC from getting blacklisted again?
Current thread:
- Spoof, Spam & Blacklist J. Lion (Feb 07)
- Re: Spoof, Spam & Blacklist Ansgar -59cobalt- Wiechers (Feb 08)
- Re: Spoof, Spam & Blacklist AJ (Feb 08)
- Re: Spoof, Spam & Blacklist J. Lion (Feb 08)
- Re: Spoof, Spam & Blacklist Arman (Feb 11)
- Question Lee Hilt (Feb 11)
- RE: Question David Gillett (Feb 11)
- Re: Question Ansgar -59cobalt- Wiechers (Feb 11)
- Re: Spoof, Spam & Blacklist J. Lion (Feb 08)
- Re: Spoof, Spam & Blacklist ыфзкфт (Feb 08)
- Re: Spoof, Spam & Blacklist Security Basic (Feb 11)