Hi,
Anyone can start a DNSBL and list IP space of people they don't like, as
you surely know. As long as no one uses such a DNSBL to block traffic,
no harm is done.
The interesting part is which "engines" (I guess that you mean antispam
software or antispam saas providers) think that such a DNSBL should be
actually used. Can you disclose which parties you found?
Kind regards,
Tom
On 06-02-19 14:40, Rupert Gallagher wrote:
The spammers at gremlin.ru have just created a homepage, with no
information on how to delist an IP.
Their fake dnsbl is listed as genuine in at least two antispam engines.
On Wed, Feb 6, 2019 at 12:55, Rupert Gallagher <r...@protonmail.com
<mailto:r...@protonmail.com>> wrote:
This is to inform about a new type of SPAM aggression.
We received from Russia, for months, and redirected them automatically
to an administrative address for manual inspection. All emails were
spam with links. From the standpoint of the attacker(s), all emails
were delivered, but none turned into exploits.
Today, we learned that "gremlin.ru" included our IPs in their DNSBL.
We followed the address to de-list, but gremlin.ru does not exist.
So, if you are successful against Russian spam, you will be ...
blacklisted by an unknown gremlin.
