Sometimes sites like those have enough info in the url that you can split it into separate uses/customers yourself, and run different volume/reputation checking on each separate thing, and that can be useful.
It does seem like that site has a decent amount of non-spam mail usage, but whether that applies to your users or is enough to care instead of adding to a blacklist is kind of up to you. Brandon On Thu, Aug 27, 2020 at 5:35 AM Benoit Panizzon via mailop < [email protected]> wrote: > Hi List > > In the last couple of days we face an increasing amount of phishing > sites hosted @ firebasestorage.googleapis.com targeting our customers. > > They get taken down rather quickly when added to phishtank.com, but > still they are valid for one or two days after reception, long enough > for stup** customers to send in their credentials. > > *.googleapis.com is whitelisted so it won't get blacklisted by our RBL > blacklist. > > Now I start to wonder, is this URI also being used in legitimate > emails, or is it uniquely used in phishing emails and similar? > > I could manually add firebasestorage.googleapis.com to the blacklist > which would have precedence over the wildcard whitelist entry. > > Mit freundlichen Grüssen > > -Benoît Panizzon- > -- > I m p r o W a r e A G - Leiter Commerce Kunden > ______________________________________________________ > > Zurlindenstrasse 29 Tel +41 61 826 93 00 > <+41%2061%20826%2093%2000> > CH-4133 Pratteln Fax +41 61 826 93 01 > <+41%2061%20826%2093%2001> > Schweiz Web http://www.imp.ch > ______________________________________________________ > > _______________________________________________ > mailop mailing list > [email protected] > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
