bjoeg Posted July 19, 2021 Share Posted July 19, 2021 Due to a recent wave of continuous received phishing mails, I started to do some little investigations rather than just the usual reporting. The emails received all originate from a serviceprovider called SendInBlue, and many of the emails came from IP 185.41.28.115 As usual I did my reports to Spamcop, where the notifications for abuse@sendinblue is devnulled due to bounces. At some point I also checked TalosIntelligence, which to my amaze still sees the sender as a "trusted" IP, despite my reports. I then filed a ticket with Talos, that I find the reputation for the IP incorrect, but instead I received a somewhat auto-answer with closure of my ticket, that I should use SpamCop to report my spam. Hence my question here. Do SpamCop and Talos sync one another? Which should be a neat internal job since both operated by Cisco. Also, is there a certain limit of reports needed for an IP to be added to SpamCop's BL? Since I still see it as not blacklisted. Quote Link to comment Share on other sites More sharing options...
gnarlymarley Posted July 23, 2021 Share Posted July 23, 2021 On 7/19/2021 at 6:20 AM, bjoeg said: At some point I also checked TalosIntelligence, which to my amaze still sees the sender as a "trusted" IP, despite my reports. At one time I suspected they would sync, but I am not sure. While looking at the spamcop IPv4 statistics, I noticed the results are very low. It appears either a sync issue or else only one in a hundred are being reported as spam. Maybe people are not reporting as much spam as they should be? 185.41.28.0/24 [SB] Total Email: 13302.00 spam: 100.00 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.