Security Basics mailing list archives
Re: Spoof, Spam & Blacklist
From: Arman <arman () cybersecurity org my>
Date: Sat, 9 Feb 2008 13:45:13 +0800
Hi, There is an options at yahoo.. you can request to release your domain or ip from yahoo blacklist by giving your domain registration.. I've done it once.. but already forgot where did I put the document.. On Friday 08 February 2008 23:50:58 J. Lion wrote:
That is what we thought as well. However company DEF is waaaaay bigger than ABC, and trying to talk with the right group is almost impossible. Does anyone have any experience with getting your company off blacklist example Yahoo - who or how to get in contact with the right group? On Feb 7, 2008 4:42 PM, AJ <heuristix () gmail com> wrote:The onus here is on Company DEF. If they do not understand that spam can be (and very often is) sent from spoofed addresses, that's the primary problem. If this blacklist is DEF's company blacklist you don't have any options other than trying to explain how spoofing works to DEF representatives and convincing them that this attack was indeed spoofed. If the blacklist is a public blacklist, you would complain to the owner/maintainer of the blacklist. As an email admin you should monitor public blacklists to alert you if/when IPs belonging to your company get added to one and then respond as warranted. If you are a trusted partner of DEF or do business with them, you may be able to convince them to whitelist the IP address(es) of your mail server(s) since IP addresses of uncompromised hosts cannot be spoofed in smtp transactions. Aarjav On Feb 7, 2008 2:27 PM, J. Lion <jv4l1n4 () gmail com> wrote:Scenario Bad Guy(s) spoof Company ABC email and launch spam on members of popular search engine and online email provider (Company DEF) Spammed DEF members reported the spam Company DEF respond by looking up Company ABC's IPs and blacklisted them (instead of offending IP address(es)) Questions How do you get Company ABC off DEF blacklist? How do you prevent Company ABC from getting blacklisted again?
-- Muhammad Arman Bin Selamat System Administrator IT Department CyberSecurity Malaysia (formerly known as NISER) An Agency Under MOSTI DL : +603 8992 6965 Fax : +603 8945 3205 HP : +6019 610 1956 http://www.cybersecurity.org.my E-mail Disclaimer Please be informed that NISER is now known as CyberSecurity Malaysia. As such, our e-mail is now changed to [user () cybersecurity org my]. Please use the new CyberSecurity Malaysia e-mail for all correspondence. Disclaimer: This e-mail and any files attached to it are intended solely for the recipient(s) and may contain privileged and/or confidential information. If you are not the intended recipient or if you have inadvertently received this e-mail, you should destroy or delete it and notify the sender by return e-mail. You are not to reproduce and/or distribute it without prior consent from the sender. Opinions, conclusions and other information in this e-mail that do not relate to the official business of CyberSecurity Malaysia shall be understood as neither given nor endorsed by CyberSecurity Malaysia. CyberSecurity Malaysia accepts no liability for the content of this e-mail, or of the consequences of any actions taken on the basis of the information provided.
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Spoof, Spam & Blacklist J. Lion (Feb 07)
- Re: Spoof, Spam & Blacklist Ansgar -59cobalt- Wiechers (Feb 08)
- Re: Spoof, Spam & Blacklist AJ (Feb 08)
- Re: Spoof, Spam & Blacklist J. Lion (Feb 08)
- Re: Spoof, Spam & Blacklist Arman (Feb 11)
- Question Lee Hilt (Feb 11)
- RE: Question David Gillett (Feb 11)
- Re: Question Ansgar -59cobalt- Wiechers (Feb 11)
- Re: Spoof, Spam & Blacklist J. Lion (Feb 08)
- Re: Spoof, Spam & Blacklist ыфзкфт (Feb 08)
- Re: Spoof, Spam & Blacklist Security Basic (Feb 11)