Closed chadwhitacre closed 1 month ago
Resolving using Canadian Shield “DNS resolution only” ^1 correctly returns our GitHub A record.
$ dig osspledge.com @149.112.121.10
...
osspledge.com. 86400 IN A 185.199.109.153
Resolving using Canadian Shield “Malware and phishing protection” returns their “malware blocked” page:
$ dig osspledge.com @149.112.121.20
...
osspledge.com. 0 IN A 99.83.179.4
We’re sorry. This site contains malware content.
The site you are trying to visit contains malicious content that may attempt to steal your personal or financial information. It has been blocked to avoid causing loss to you or harm to your device.
We have also received this potentially related report:
I've contacted CIRA, who run Canadian Shield, to ask for help.
osspledge.com is listed on the Spamhaus Domain Blocklist: https://check.spamhaus.org/results?query=osspledge.com
I've opened a ticket with Spamhaus to ask for this to be corrected.
Weird. I wonder how that happened. 🤔
Maybe we need to set up SPF?
We do already have a deny-all SPF record:
$ dig osspledge.com txt
...
osspledge.com. 43200 IN TXT "v=spf1 -all"
But it shouldn't matter because we're not sending or receiving email at osspledge.com.
When I sent out the partner email, I received a handful of replies that considered my message spam. However, I used my personal email, and the osspledge.com
domain was only included in the content of the email.
But it shouldn't matter because we're not sending or receiving email at osspledge.com.
My hypothesis was that we didn't have an SPF record and someone was spoofing us. Good that we have an SPF record, though. Agree this seems to not be the problem.
Another report: https://x.com/_st0012/status/1828891902076150183.
I've checked against many domain blacklists ^1 and it seems like Spamhaus is the only one we're on. Handling this in a ticket with them.
Might be something to your experience, @Ethan-Arrowood. Just got this warning on an email @selviano sent out w/ me cc'd.
Yikes, wondering how many people from my original member recruiting batch got that. 😭
False alarm, the email doesn't link to osspledge.com at all, but rather to https://cal.com/osspledge/intro. Though it does also include a PDF attachment (the pitch deck).
this gives me an excuse to follow up with everyone I sent the pitch deck to and hasn’t yet responded!
On Aug 29, 2024, at 1:27 PM, Chad Whitacre @.***> wrote:
False alarm, the email doesn't link to osspledge.com at all, but rather to https://cal.com/osspledge/intro. Though it does also include a PDF attachment (the pitch deck).
— Reply to this email directly, view it on GitHub https://github.com/opensourcepledge/osspledge.com/issues/62#issuecomment-2318905999, or unsubscribe https://github.com/notifications/unsubscribe-auth/AXFS7GA76V7IK5DA34S2E53ZT573RAVCNFSM6AAAAABNKEYSOWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMJYHEYDKOJZHE. You are receiving this because you were mentioned.
The plan all along. ;-)
We’ve been removed from the Spamhaus Domain Blocklist. 🎉
Woo-hoo! @st0012 @nicholas-codecov Can you retry and let us know if/when it's fixed for you?
Canadian Shield has also separately unblocked us. 🎉
@chadwhitacre seems like everything is working with Canadian Shield 🇨🇦
Awesome! Thanks for reporting back, @nicholas-codecov. Gonna go ahead and close this out. 🎉
I've seen this crop up a couple places. Latest from internal Sentry Slack: