Monthly Archives: January 2007

LBL Blacklist Mysteriously Resurfaces

We have been flooded with calls and emails this morning regarding the LBL Blacklist. A large range of users–from self hosted to ISP hosted–have reported being listed on LBL and, subsequently, having their mail blocked. The website, however, seems to be defunct. Users are seeing two different messages:


 








LBL


Listed


LISTED


LBL was terminated MAR 2004. Stop using it.
Return codes were: 127.0.0.1


21568


31


OR










LBL


Listed


LISTED


Wildcard to 127.0.0.1 added 23 JAN 2007
Return codes were: 127.0.0.1


21599


141


Today is the first time we have seen IP Addresses blocked by LBL. We are working to understand the problem and will post updates here. We have had some people ask us to remove LBL from our lookup tool. At this time, we are leaving it up because: a) the fact that it is on our tool is not at all related to the fact that IP Addresses are being blocked, and b) if it is on our tool, then at least users will be able to see what is causing the problem.


WE HIGHLY DISCOURAGE ANYONE FROM USING THIS LIST TO BLOCK SPAM. IF YOU ARE USING THIS LIST TO BLOCK SPAM, WE SUGGEST THAT YOU REMOVE IT IMMEDIATELY.   


Check back for updates… 

Storm Worm Trojan Horse Spreading Fast

An email worm with the subject lines “230 dead as storm batters Europe,” “U.S. Secretary of State Condoleezza,” and “A killer at 11, he’s free at 21”  has spread rapidly across Europe yesterday and today.

Storm Worm is a Trojan horse with an executable file as an attachment. Cybercriminals took advantage of social engineering, using the news of the European storm to get people to open the attached malicious file, which promises more news on the weather emergency. The recipient must open the file for it to execute.


The file creates a back door to a computer that can be exploited later to steal data or to use the computer to post spam.

BLARS Removed From MX Toolbox Blacklist Lookup Tool

MXToolbox.com announced that it has removed the BLARS Blacklist from its Blacklist lookup tool.



[ClickPress, Wed Dec 20 2006] MX Toolbox announced today that it has removed the BLARS Blacklist from its popular Blacklists Lookup tool. The company stated that they removed BLARS as part of on-going quality assurance efforts. The BLARS website has been taken down and there is no available contact information.

According to company representative, the BLARS Blacklist is a notoriously unreliable list for blocking spam, because it practices net blocking, where large ranges of IP addresses are blacklisted. The list?s aggressive net blocking practices have historically led to very high numbers of false positives.

Company representatives stressed that removing BLARS from the blacklist results will not diminish the quality of the lookup tool at all. Instead, it will ensure that the lookup results are as meaningful and accurate as possible, and that users are not inadvertently startled to find their mail server address on a blacklist when there is no reason for concern.

###

About MX Toolbox
MX Toolbox offers on-demand messaging infrastructure to the small and medium business market throughout North America. The company provides leading edge ?Flip the Switch? on demand services, including email spam and virus filtering, blacklist protection, hosted groupware and email, remote data backup, email encryption, email archiving, IM Filtering, IM Archiving, and Web Content and Virus Filtering.


http://www.clickpress.com/releases/Detailed/23913005cp.shtml