Chandramathi Posted January 20, 2021 ID:1433317 Share Posted January 20, 2021 Hi Team, We, Zoho WorkDrive are a Cloud based Content Collaboration Software provided by Zoho Corporation; check this link - https://www.zoho.com/workdrive/ for more details. Our product has a feature which allows files/folders uploaded to WorkDrive and can be shared to everyone on the internet by generating an external link for the file. These links are hosted in a domain https://workdrive.zohoexternal.com /https://files.zohoexternal.com owned by ZohoCorporation. The former is used for file preview and the later is used for file download (here is a sample link the file downloaded is an image and is not virulent). We learnt that MalwareBytes Browser Guard has categorised this domain as a phishing site and our customers receive alerts (I've attached screenshots of the same). Can you declassify the domain "https://*.zohoexternal.com as non-malicious so that our customers will be able to access the domain without any hassles. Here are the steps we perform to ensure that malware content does not get hosted from Zoho WorkDrive 1. We have an Anti Virus scan in place which validates the files during upload. This ensures that most malware cannot be uploaded to the cloud at all. 2. We also have a spam and fraudulence detection algorithm in place which identifies if the uploaded files are phishing documents. This means most spamming documents get filtered out as spam and never get published. We also regularly monitor abuse complaints from our customers to ensure that the few links that were missed to be captured by our mitigation steps are duly pulled down. Despite our best efforts to identify spam and spammers a few spam files do get published from WorkDrive and in such unfortunate instances the entire domain gets blocked. We'd like to know if the domain can be classified as a "Content Collaboration" site so that in future instances the domain will not get blocked. Regards, Chandramathi M Link to post
Staff Solution gatortail Posted January 20, 2021 Staff Solution ID:1433328 Share Posted January 20, 2021 This is the source of the block: https://www.virustotal.com/gui/file/9abfc3cbeca32f1d0518b15e9cbbd7af3b719ed168237bfc9660b0235a1eda44/detection. It will need to be removed to clear the block. Link to post
Chandramathi Posted January 20, 2021 Author ID:1433335 Share Posted January 20, 2021 We've pulled down the virulent file from our end. Will you be able to unblock the domain now? Link to post
Staff gatortail Posted January 20, 2021 Staff ID:1433339 Share Posted January 20, 2021 The block will be removed. Please allow 2 hrs for it to propagate out. Link to post
Chandramathi Posted January 20, 2021 Author ID:1433340 Share Posted January 20, 2021 Is there an option to change the reputation of the domain "zohoexternal" to a "Content collaboration" site? All files hosted here doesn't belong to Zoho but customers of Zoho. We're a document management store. When one user uploads a malicious file, thousands of other users can't access our service because the entire domain gets blocked. Is there a means to skip this? Link to post
Chandramathi Posted January 20, 2021 Author ID:1433342 Share Posted January 20, 2021 It was previously discussed here too WorkDrive is for businesses to save their files and share them securely. It is a Content collaboration on the cloud solution a blanket ban on any of our domains can affect hundred thousands of users. Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now