Security News > 2021 > February > Countless emails wrongly blocked as spam after Cisco's SpamCop failed to renew domain name at the weekend

Countless emails wrongly blocked as spam after Cisco's SpamCop failed to renew domain name at the weekend
2021-02-01 07:04

Cisco's anti-spam service SpamCop failed to renew spamcop.net over weekend, causing it to lapse, which resulted in countless messages being falsely labeled and rejected as spam around the world.

When the domain name expired, *.spamcop.net resolved to a domain parking service's IP address.

If SpamCop returns a valid DNS entry for that lookup, then it's an IP address known to have sent out spam in the past and should be treated with suspicion.

Spamcop.net lookup would succeed, as it's pointing to a parking service, meaning every email received by a server checking SpamCop for known spammers would be flagged up as spam and rejected.

"We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors, but also disrupting criminal online infrastructure and, wherever possible, recovering ransom payments extorted from victims," said Acting Assistant Attorney General Nicholas McQuaid.

"Developers are responsible for creating and updating the ransomware and making it available to affiliates. Affiliates are responsible for identifying and attacking high-value victims with the ransomware, according to the affidavit. After a victim pays, developers and affiliates split the ransom."


News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/01/in_brief_security/