Re: Spoof, Spam & Blacklist

[Arman <arman () cybersecurity org my>]

Hi,

There is an options at yahoo..
you can request to release your domain or ip from yahoo blacklist by giving 
your domain registration..
I've done it once..
but already forgot where did I put the document..

On Friday 08 February 2008 23:50:58 J. Lion wrote:
> That is what we thought as well. However company DEF is waaaaay bigger
> than ABC, and trying to talk with the right group is almost
> impossible.
>
> Does anyone have any experience with getting your company off
> blacklist example Yahoo - who or how to get in contact with the right
> group?
>
> On Feb 7, 2008 4:42 PM, AJ <heuristix () gmail com> wrote:
> > The onus here is on Company DEF. If they do not understand that spam
> > can be (and very often is) sent from spoofed addresses, that's the
> > primary problem.
> >
> > If this blacklist is DEF's company blacklist you don't have any
> > options other than trying to explain how spoofing works to DEF
> > representatives and convincing them that this attack was indeed
> > spoofed. If the blacklist is a public blacklist, you would complain to
> > the owner/maintainer of the blacklist.
> >
> > As an email admin you should monitor public blacklists to alert you
> > if/when IPs belonging to your company get added to one and then
> > respond as warranted. If you are a trusted partner of DEF or do
> > business with them, you may be able to convince them to whitelist the
> > IP address(es) of your mail server(s) since IP addresses of
> > uncompromised hosts cannot be spoofed in smtp transactions.
> >
> > Aarjav
> >
> > On Feb 7, 2008 2:27 PM, J. Lion <jv4l1n4 () gmail com> wrote:
> > > Scenario
> > > Bad Guy(s) spoof Company ABC email and launch spam on members of
> > > popular search engine and online email provider (Company DEF)
> > > Spammed DEF members reported the spam
> > > Company DEF respond by looking up Company ABC's IPs and blacklisted
> > > them (instead of offending IP address(es))
> > >
> > > Questions
> > > How do you get Company ABC off DEF blacklist?
> > > How do you prevent Company ABC from getting blacklisted again?


-- 
Muhammad Arman Bin Selamat
System Administrator
IT Department
CyberSecurity Malaysia (formerly known as NISER)
An Agency Under MOSTI
DL      :  +603 8992 6965
Fax     :  +603 8945 3205
HP      :  +6019 610 1956
http://www.cybersecurity.org.my


E-mail Disclaimer 

Please be informed that NISER is now known as CyberSecurity Malaysia.  As 
such, our e-mail is now changed to [user () cybersecurity org my]. Please use 
the new CyberSecurity Malaysia e-mail for all correspondence.

Disclaimer:  This e-mail and any files attached to it are intended solely for 
the recipient(s) and may contain privileged and/or confidential information. 
If you are not the intended recipient or if you have inadvertently received 
this e-mail, you should destroy or delete it and notify the sender by return 
e-mail.  You are not to reproduce and/or distribute it without prior consent 
from the sender.  Opinions, conclusions and other information in this e-mail 
that do not relate to the official business of CyberSecurity Malaysia shall 
be understood as neither given nor endorsed by CyberSecurity Malaysia.  
CyberSecurity Malaysia accepts no liability for the content of this e-mail, 
or of the consequences of any actions taken on the basis of the information 
provided.

Attachment: signature.asc
Description: This is a digitally signed message part.