A misuse of Spamhaus blocklists: PART 2 – How to limit outbound spam
If you’ve skipped the first part of this series, we strongly recommend you go and read this blog first to understand the misuse of Spamhaus blocklists to block outbound mail. However, if you provide a mail service and want to learn specifically how to limit your outbound spam, read on ... Read More
A misuse of Spamhaus blocklists: PART 1 – blocking outbound email
One issue our folks handling tickets submitted by blocked users experience are messages like: Help! My IP is listed by Spamhaus and now I can’t send emails! My provider is rejecting all my emails! You may be asking “Is this not exactly what is supposed to happen in case of ... Read More
If you query the legacy DNSBLs via GoDaddy move to Spamhaus Technology’s free Data Query Service
Currently accessing the free legacy DNS Blocklists (DNSBLs) via the Public Mirrors, and using GoDaddy's network? You'll need to make some minor changes to your email infrastructure. The changes are simple to implement, but if you fail to do so, you could find that at some point post-September 26th 2024, ... Read More
Too big to care? – Our disappointment with Cloudflare’s anti-abuse posture
Cloudflare, best known for its content delivery network (CDN), is marketed as a “Connectivity Cloud”. Part of its offering is protecting a vast number of websites from DDoS attacks [1]. However, its attitude to abuse management and prevention proves a point of contention and we urge Cloudflare to review its ... Read More
Living-Off-Trusted-Sites (LOTS) or should we say services?
"Living Off-Trusted Sites (LOTS)" is not a new cybercrime tactic, but it continues to pose a significant threat. Join us as we explore the evolution of LOTS, its impact on online trust and safety, and the crucial role the community plays in disrupting the activities of those who engage in ... Read More
Dangling DNS and the dangers of subdomain hijacking
DNS attacks are becoming increasingly prevalent, with 90% of organizations experiencing them, as per the IDC Threat Intelligence Report 2023. Due to its critical function, DNS is a frequent target for cybercrimes, including DDOS attacks, DNS spoofing and DNS hijacking. However, a lesser-known but significant threat is the dangling DNS ... Read More
Botnet Threat Update January to June 2024
Overall Botnet C&C activity decreased by -6%. Misuse of Cobalt Strike also declined by -41%. Meanwhile, android backdoors increased, with new entries from Hook and Coper. One of the most positive developments was that three well-known global network operators have taken action to address active botnet C&Cs. Read the full ... Read More
How Amazon SES works with Spamhaus to protect its network and reputation
When delivering emails is your core business, maintaining a reputable network for a reliable service without problems is EVERYTHING. This is a commitment that email service provider Amazon Simple Email Service (SES) takes very seriously. With a proactive approach to managing millions of IPs and domains, SES is committed to ... Read More
The Policy Blocklist: what is it, and why should you be on it?
It’s not always "bad" to be listed on one of Spamhaus' DNS Blocklists. Despite what you may think, there is one list you may want to be on: the Policy Blocklist (PBL). Want to know more? Let's dive into the PBL, what it is, how it works, and how it ... Read More
Operation Endgame | Botnets disrupted after international action
On Thursday, May 30th, 2024, a coalition of international law enforcement agencies announced "Operation Endgame". This effort targeted multiple botnets, such as IcedID, Smokeloader, SystemBC, Pikabot, and Bumblebee, as well as their operators, and Spamhaus is assisting with the remediation efforts ... Read More
