Sign in / up

* Posts by LR-SH-CH

3 publicly visible posts • joined 21 Apr 2019

The curious case of Spamhaus, a port scanning scandal, and an apparent U-turn

LR-SH-CH
Reply Icon

Re: A short note by Luc Rossini

Kiwi,

From your description of what was listed, which I gather was a newly registered domain on a newly set up mail server, you probably encountered our ZRD blocklist. ZRD is a blocklist that in fact automatically lists all new Internet domains for 24 hours. The purpose of ZRD is explained properly at the url below - but basically boils down to the vast majority of newly registered domains being malicious. Phish, malware, ransomware, etc., is almost entirely newly registered domains that begin mailing within minutes of appearing, while it's very very rare for normal domains to start sending mail immediately after registration.

Obviously there's always that rare exception where a freshly registered legitimate domain does start mailing right after being set up (such as in your case) and, if the message recipient is a customer of a network that uses the Spamhaus ZRD, the incoming message would be rejected by the recipient's mail server (which I assume is what happened in your case).

Spamhaus ZRD (what is it, how it works, and why):

https://www.spamhaustech.com/news/recently-registered-domains-how-to-avoid-the-risks/

1 1
LR-SH-CH
Reply Icon

Re: A short note by Luc Rossini

My apologies, the correct Twitter link is:

https://twitter.com/LucRossini/status/1120344302847234049

(or see @LucRossini)

1 0
LR-SH-CH

A short note by Luc Rossini

Hi, this "Curious case of Spamhaus" story has a lot of people either incensed at the apparent arrogance of Spamhaus dismissing as codswallop it "has been automatically blocking people for carrying out legitimate network port scanning and failed to provide a prompt means of redress" or, it has people scratching their heads because it's well known that Spamhaus lists certain types of port scanning activity, we even say so in our SBL FAQs. This story therefore opens with a perfectly valid issue, why on earth would Spamhaus dismiss it? (even worse, refer to it as "codswallop"!).

Well, We didn't. If you give me 2 minutes of your time you'll see why:

https://twitter.com/LucRossini/status/1119715551583068161

No matter what your opinion of Spamhaus; whether we're crap, great, evil bastards or good guys; your opinion is always valid as long as it's not based on fallacy. What this Register story bases its entire opening premise on, and sets the scene for you with, is fallacy. Thanks for your time.

0 2