gstenstrom

Gonzo - We removed both accounts and files and appreciate how fast you jumped on this, and Porthos' help, as well. The files are gone: hxxp://xmail.net/harun/adobe.exehxxps://xmail.net/docx/1F4/h.html THANKS!

Porthos - Thank you very much - I really appreciate your assistance. I have been trying to isolate malicious files and we'll remove the one you found immediately. I saw that Malwarebytes Safe Browser notified me that the URL was malicious, and then I force downloaded the file and scanned it, and verified that it was, in fact, malicious. As I mentioned above, we use Malwarebytes ourselves and are happy users because it works very well in identifying malicious subdirectories and files, and my objection was that Malwarebytes was blocking the entire root domain (xmail.net) versus allowing Malwarebytes to scan for malicious files and block individual subdirectories. As an email service hosting provider, it is a virtually impossible task to monitor tens of thousands of email users and their accounts in real time for malicious files, and a service that few, if any, other hosting platforms provide, or can support - which is why we rely on individuals taking individual responsibility to protect themselves and run programs and extensions, like Malwarebytes. I'm hoping that Malwarebytes administrators will help us by whitelisting our domain, and either assisting us, or allowing us the opportunity, to reasonably mitigate risks without blacklisting our entire domain and service. Thanks again, I truly appreciate it.

Gonzo - Like Gmail or Microsoft Onedrive shared folders, individual users sometimes put executable files and sometimes malicious files in public facing URL's that do not reflect the security and usability of the root domain (gmail.com and live.com, respectively). Xmail has many tens of thousands of users, and has a user public file sharing feature - just like Gmail and Live (Onedrive). The list in the link you provided shows only 4 negative detections in all of last year (2020) for those tens of thousands of Xmail.net users. Yandex and Forcepoint web safety services are two out of approximately 40 other different web safety ranking services you monitor with the balance of those 40 showing xmail.net is "clean." Malwarebytes Safe Browser and malware detection already has the capability to catch and block those 4 individual user's public shares without having to blacklist the entire Xmail.net domain. If you applied the same standards to the millions of Gmail, Live, Network Solutions or GoDaddy hosted domains and blocked all of their domain name URL's and/or IP's for a handful of offending users, or blocked Gmail, Onedrive, Dropbox, Live.com, or other big tech house hosted public file URL's and email services for a handful of users, then the Internet, in general, would be unusable for anyone using Malwarebytes Safe Browsing. You are holding Xmail.net accountable for 4 errant files over a 1 year period simply because of a smaller user base - and you can - where if you held Gmail, Microsoft, Network Solutions, and GoDaddy hosting services to the same standards - then no one would use Malwarebytes because it would block so many domains that users would uninstall or disable it. We totally understand and agree that Malwarebytes Safe Browsing is a powerful and essential tool to protect end users - and we use your product ourselves and are advocates - but we expect equal treatment and protection for everyone, and not giving a pass to hosting giants Malwarebytes does not want to offend or cross swords with, or otherwise alienate your customers - and apply a different standard to Xmail.net. We cannot possibly scan the hundreds of millions of emails and files across all our systems anymore than any other large service provider could - which is why we, and other people, should use Malwarebytes and other like products. I am 100% certain that Malwarebytes would individually block the 4 errant files reported in 2020 without having to block and blacklist the entire Xmail.net domain.

Gonzo - Thank you very much for your quick response on Patriot.Online. We'll address the Xmail.net issues you provided the link for, and I think I understand why it has been marked and we can remediate. Will update this thread in that regard asap. Thanks!

Dear Sir/Madam - Would you please review and remove the following websites we own from the Malwarebytes Browser Guard block list? We have checked them thoroughly and are certain there is not a trojan, nor our our sites inflammatory or malicious. The first is a Mastadon micro-blogging site, and the second is our email server. When we proceed to the site after seeing the Malwarebytes block and warning page, no further indications of a trojan or virus are noted or apparent. http://patriot.online http://www.patriot.online http://www.xmail.net http://xmail.net Safe Site List.zip