Jump to content
  • 0

emails blocked as SPAM (phising)


deanflan
 Share

Question

Hello,

Our emails are getting blocked as SPAM (phising) because the URL in the emails contain caspio.com. When we replace caspio.com with the IP address then it works. However, then google blocks the email. Not to mention using the IP address is probaly not a good solution. I tried out point a DNS record from our domain to that address and use that in the email, but then it does not work for form submission. We can probably use the AWS cname record that our b6.caspio.com points to, but that URL is pretty long. Any other suggestions? I think Caspio should work to get off the phising SPAM list as well, here is the output from our SPAM firewall:

X-Barracuda-BRTS-URL-Found: caspio.com (*Phishing.Email)

I do not want to whitelist it, as that solves our problem, but not those of other potential users.

Thanks!

Dean

Link to comment
Share on other sites

11 answers to this question

Recommended Posts

  • 0

Hello,

Caspio has requested whitelisting from Barracuda but we are not sure if and when they will do it. In the meantime, it is up to the administrator of the Barracuda appliance to whitelist caspio.com if they want. The reason that they are considering us suspicious is “Link tracking is considered suspicious in nature and can be flagged as suspect in the event of malicious urls that are published, that we may pick up in our systems.” (from barracuda Support)

Regards,

NKamalan

Link to comment
Share on other sites

  • 0

This will keep happening.

Caspio allows no-hold-barred free trials and that invites miscreants to setup forms used for "phishing". We just had our entire userbase hit with an idiotic "fill this form to prevent your account from being locked" phish which through a redirect landed here:

https://b4.caspio.com/dp.asp?AppKey=261 ... c744019f3f

Caspio has no abuse@ or noc@ contacts for victims to report this abuse of their service, which in this day and age tells me they are new to the internets - it's just bad form to offer an easily abused service and not allow ISPs and other technical contacts to reach a 24/7 reporting mailbox.

I will certainly be doing my best to ensure they are on as many URL blacklists as possible until I hear that they are either responding to abuse reports or setting up the free trial so that's it's less trivial to abuse.

Link to comment
Share on other sites

  • 0

I think you should re-examine "ALL". The form I linked did not. I suspect the people abusing your service might be hiding that under a div, setting the font color to white, or some other trickery.

The fact remains that your website has NO abuse contact and you have no functioning "abuse@" email address.

Maybe you guys are new to this internet thing, but going back over a decade, it's been common practice (and courtesy) to provide an abuse contact, and to do that in an industry-standard way (ie: the "abuse@domain.com" contact).

I'll also note that some people that run constantly-abused form services like this actually have a way to report phishing or similar in real-time and will process removals if the sender has verified they are the phish victim or if evidence is provided that shows beyond a doubt that the form is being used for phishing...

No one can force caspio to do that, but if you'd rather make enemies with ISPs rather than friends, that's up to you.

Link to comment
Share on other sites

  • 0

Thank you for your feedback; we hear you and appreciate your concerns. The abuse link is available during trial in all type of web forms. The link shouldn't be easy to remove or hide using styles as our system detects and replaces another one. Maybe in the case you're reporting the account was a paid one! In that case we don't expect abusing the system but still the complaint could be reported to Caspio's abuse email contact (abuse at caspio.com). I'm sorry for the inconvenience this has caused you.

Best,

Bahar M.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...