Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Spamhaus flagged a domain 24 hours after its creation?
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Spamhaus flagged a domain 24 hours after its creation?

sgheghelesgheghele Member

I bought a domain and Spamhaus has flagged it roughly one day after purchasing it. Porkbun sent me an email to tell this to me.

There is not even a mail server installed on the server pointed by the domain. Fresh Ubuntu install.

Has this ever happened to you?

Comments

  • deankdeank Member, Troll

    By "bought", do you mean you purchased it from some wanker?

    or is it a newly registered domain? Have you looked up the domain's history?

    I have not created a single thread. Verify it if you dare.

  • @deank said:
    By "bought", do you mean you purchased it from some wanker?

    or is it a newly registered domain? Have you looked up the domain's history?

    Newly registered. I came up with its name. All I did was to point it to a server, which I had hardened a bit (usual stuff, change ssh port, ssh keys, no root ssh, fail2ban), and then I installed powerdns on the sever. There is literally nothing else there.

  • deankdeank Member, Troll

    Then I'd check the header of the email you've gotten. Smells like scam to me.

    I have not created a single thread. Verify it if you dare.

  • sgheghelesgheghele Member
    edited June 10

    @deank said:
    Then I'd check the header of the email you've gotten. Smells like scam to me.

    Not only is the e-mail valid, the domain is really in Spamhaus dabatase. That is so odd. And, no history for the domain. It really is brand new.

  • deankdeank Member, Troll

    Then somebody at PMSbaus must hate you and wants you suffer.

    Thanked by 1serversHQ

    I have not created a single thread. Verify it if you dare.

  • @deank said:
    Then somebody at PMSbaus must hate you and wants you suffer.

  • thedpthedp Member

    Are you positive that it has no history?

  • JarryJarry Member

    Maybe the IP you pointed the domain to has some "history"...

    Thanked by 1sgheghele
  • deankdeank Member, Troll

    Gosh, nothing is more haunting than histories with ex...

    Thanked by 1netomx

    I have not created a single thread. Verify it if you dare.

  • @Jarry said:
    Maybe the IP you pointed the domain to has some "history"...

    Bingo! I temporarily pointed the A record to my home dialup IP (I am developing my own dyndns, have dynamic IPs at home) and dialup IPs of my ISP are automatically flagged.

    I did not even think about the IP because the domain is so new. Spamhaus is fast.

    Thanks!

  • deankdeank Member, Troll

    Dump your host for giving you porn IP.

    I have not created a single thread. Verify it if you dare.

  • jarjar Provider

    This is normal. I bought a new domain and set up an IP range on it to be one of MXroute's relays (customers were asking for mxroute.com to be hidden from headers at the time), the domain was on the DBL the next day. I bought another domain and used it to send emails from WHMCS (mxroutemail.com) and it was also listed on the DBL soon after.

    Purchasing new domains and spamming, then dumping them for a new domain has become far too common with low domain prices. Just reach out to spamhaus and let them know what's up, they'll remove you no problem.

    Thanked by 1sgheghele
  • @deank said:
    Dump your host for giving you porn IP.

    I want my $1.50 refunded.

    Removal Procedure / Removal of IP addresses within this range from the PBL is not allowed by the netblock owner's policy.

    Interestingly, my ISP has chosen to blacklist itself on its own.

  • sgheghelesgheghele Member
    edited June 10

    @jar said:
    This is normal. I bought a new domain and set up an IP range on it to be one of MXroute's relays (customers were asking for mxroute.com to be hidden from headers at the time), the domain was on the DBL the next day. I bought another domain and used it to send emails from WHMCS (mxroutemail.com) and it was also listed on the DBL soon after.

    Purchasing new domains and spamming, then dumping them for a new domain has become far too common with low domain prices. Just reach out to spamhaus and let them know what's up, they'll remove you no problem.

    This might also be the case as my home IP hasn’t been the A entry for very long. Maybe in the last 2-3 hours.

  • deankdeank Member, Troll

    Some bitch made a huge PMSing deal out of 1.25 not long ago.

    Just saying.

    Thanked by 1netomx

    I have not created a single thread. Verify it if you dare.

  • @deank said:
    Some bitch made a huge PMSing deal out of 1.25 not long ago.

    Just saying.

    Yeah I was referring to that but I was too lazy to go check on the precise amount.

    Anyway, how have you been flagged as a troll here? Spamhaus hit again? Half the fun goes away with a disclaimer.

  • deankdeank Member, Troll

    You cite the end is nigh long enough, you will earn it.

    A natural progression.

    Thanked by 1WSWD

    I have not created a single thread. Verify it if you dare.

  • jackbjackb Member, Provider
    edited June 10

    @sgheghele said:

    @deank said:
    Dump your host for giving you porn IP.

    I want my $1.50 refunded.

    Removal Procedure / Removal of IP addresses within this range from the PBL is not allowed by the netblock owner's policy.

    Interestingly, my ISP has chosen to blacklist itself on its own.

    The PBL (policy block list) is primarily used for residential networks that have no business sending a large volume of email without using an external mail server. This is why your ISP chose to be blacklisted.

    Thanked by 1TimboJones

    Afterburst - Awesome OpenVZ&KVM VPS in US+EU

  • @sgheghele said:

    @Jarry said:
    Maybe the IP you pointed the domain to has some "history"...

    Bingo! I temporarily pointed the A record to my home dialup IP (I am developing my own dyndns, have dynamic IPs at home) and dialup IPs of my ISP are automatically flagged.

    I did not even think about the IP because the domain is so new. Spamhaus is fast.

    Thanks!

    Did you have "dynamic" autocorrected to "dialup"? Otherwise, wtf? Are you from year 2000?

  • Tony40Tony40 Member
    edited June 11

    A VPS provider here gives me a blacklisted IP, suspended my account for "Email Abuse", I just had installed the new OS and was not even using the VPS, It was powered off on localhost.
    No domain setup yet, went I check the IP he give me was already blacklisted before he gives to me., I was guilty, I had to prove my innocence... so finally the Email came

    "Yes, there was one listing for several months prior to your usage. Then it quadrupled.

    I have re-activated your server and submitted for the removal of those listings. Please verify your server for any signs that it may have been compromised."

    "Service Unsuspension Notification"

Sign In or Register to comment.