Menu
Reply
Dariela
  • 3
  • 0
  • 0
Tuning in
564 Views
Message 1 of 7
Flag for a moderator

Malicious IP

Hi all,

Since we WFH our security team keep reporting me every day that my IP is malicous. I feel so embarrassed as I did not do anything wrong. But security team keep blocking and disable my work accounts which is giving more headache and I have to explain on daily basis that this my new Virgin IP host. I am really desperate what to I do with this 😞

I am a new user and never been VM customer before. My IP address  is listed in the PBL ( https://www.spamhaus.org/lookup/).

Any ideas or advises highly welcome.

 

Thank you.

Regards 

0 Kudos
Reply
用心棒
  • 5.82K
  • 653
  • 2.02K
Very Insightful Person
Very Insightful Person
538 Views
Message 2 of 7
Flag for a moderator

Re: Malicious IP

Being listed on Spamhaus's PBL is not an indicator of malicious activity emerging from your IP Address.

If your office's security team are harassing you over your public IP Address appearing just on Spamhaus's Policy Block List (PBL) it is they who should feel extremely embarrassed and I quote:


The PBL lists both dynamic and static IPs, any IP which by policy (whether the block owner's or -interim in its absence- Spamhaus' policy) should not be sending email directly to the MX servers of third parties.

… Do not use PBL in filters that do any ‘deep parsing’ of Received headers, or for other than checking IP addresses that hand off to your mailservers.

[source: Spamhaus's Policy Block List (PBL)]

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Dariela
  • 3
  • 0
  • 0
Tuning in
523 Views
Message 3 of 7
Flag for a moderator

Re: Malicious IP

Actually they pose on Alien Vault where AV indicates that I am using this malicious IP and notifying them. As we using VPN to remote virtual desktops, every time I should switch to mobile hotspot which is time consuming in terms of my workload.

0 Kudos
Reply
用心棒
  • 5.82K
  • 653
  • 2.02K
Very Insightful Person
Very Insightful Person
504 Views
Message 4 of 7
Flag for a moderator

Re: Malicious IP

Can you confirm with whoever is reporting your IP Address as malicious that they are doing so because it appears on Spamhaus's PBL.

0 Kudos
Reply
coenoby
  • 1.97K
  • 273
  • 1.21K
Super solver
435 Views
Message 5 of 7
Flag for a moderator

Re: Malicious IP


@Dariela wrote:

Since we WFH our security team keep reporting me every day that my IP is malicous. I feel so embarrassed as I did not do anything wrong. But security team keep blocking and disable my work accounts which is giving more headache and I have to explain on daily basis that this my new Virgin IP host. I am really desperate what to I do with this 😞

I am a new user and never been VM customer before. My IP address  is listed in the PBL ( https://www.spamhaus.org/lookup/).

Any ideas or advises highly welcome.


Just to reiterate what VIP 用心棒 has already posted.

Take a look at the answer to a Frequently Asked Question (FAQ)  in this link to Spamhaus "Help! My IP address is on the PBL! What should I do? 

One key sentence from that answer:

"The first thing to know is: THE PBL IS NOT A BLACKLIST. You are not listed for spamming or for anything you have done."

The emboldening is by Spamhaus not me by the way!

Coenoby

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
0 Kudos
Reply
DJ_Shadow1966
  • 6.86K
  • 1.31K
  • 1.9K
Very Insightful Person
Very Insightful Person
405 Views
Message 6 of 7
Flag for a moderator

Re: Malicious IP

Hello

What your company needs to do is too whitelist your IP address.

Regards Mike

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Dariela
  • 3
  • 0
  • 0
Tuning in
303 Views
Message 7 of 7
Flag for a moderator

Re: Malicious IP

hi,

AlienVault just reported to our team that my current IP address is malicious. I don't think they can whitelisted. Logged a case with VM already.

0 Kudos
Reply