Our server is being blocked by Malwarebytes

[Exint]

Hello Malwarebytes,

Since recently we've been getting complaints about our server being included in the malwarebytes software.

We'd like to know why this is happening and maybe some tips as to where your software thinks we are hosting

malware. We actively scan for virusses on our server and also have firewalls and other security software installed.

What i don't appreciate is the fact that malwarebytes blatantly just blocks the server. I feel like they instead should

send an e-mail to our support department with information about malware and a possible block if its not removed within

xxx amount of days.

The server IP is:

109.163.226.68

Kind Regards,

Exint.net

[AdvancedSetup]

I will wait for an official review but the following link shows why it may be blocked.

http://hosts-file.net/default.asp?s=109.163.226.68

Someone should officially review and respond to you within the next 24 hours.

Thank you

[MysteryFCM]

Sorry for the delay.

This block is for two distinct reasons;

1. It's sitting on a Voxility IP, an AS with a history of being criminal friendly, and refusal to deal with abuse reports (incidentally, I spoke to them recently, outlining the reasons, and they still refused to accept them, going further to refuse to accept the fact they refused, despite my having copies of emails from them to that effect).

2. Housing malicious content.

One of them is housing fraud (transuniexp.com), another, whilst it's now removed it's content, is housing a domain used for DOS services (toughboot.info).

Other issues include;

prudentfinancialgroup.org - Phish (and suspiciously, removed its content)

outburst-rs.com/shell.php - DOS script (domain also known as mercy-rs.com)

obongawo.com/mailru/ - Phish

geojlt.com - Phish (and suspiciously, removed its content)

forumfusion.net - Warez

ddodge.org - Malware (ddodge.org/DL/Spammer.rar)

corecrack.net - Warez

areanull.com - Warez

Remaining issues are now showing as dead/suspended (again, rather intriguing timing)

[Exint]

Hello,

I do not feel like it is malwarebytes' business to monitor the hosting of warez. Warez have nothing to do with malware, actually.

We do not allow phishing on our server so if there are any phishing sites i'd be happy to remove them (ToS state this too).

Voxility is our Datacenter but that should not be a reason for our server to be classed as malware. Malwarebytes is taking things

too far if you ask me. Help users out and block phishing sites and sites that are hosting malware, but DOS and/or warez are (and

i'm trying to be nice here) are not really any of your business.

I feel like this has an impact on my clients and the visitors of their websites. While i want to banish phishing sites and even DOS sites,

neither me or voxility really care about warez (files are being linked so nothing is really hosted on the servers anyway).

I hope you understand and remove the block from our system. If you have any sites to report please contact abuse [at] exint [dot] net.

[MysteryFCM]

You may not have a problem with it, but I certainly do, and will keep it blocked as long as it continues to be there.

1. DOS sites are used to attack other servers/IPs (as you well know)

2. Warez has and continues to be, a major source of infections