Can't Tweet my netlify pages

I found my netlify page can’t be tweeted.
And I found netlify.app is listed in spamhaus.
https://www.spamhaus.org/dbl/removal/record/netlify.app

I think all netlify pages arn’t able to tweeted.

I want to how to fix this issue? Have Netlify known this issue?

I can tweet netlify.app now!
I found netlify.app is not listed in spamhaus now.

Hi, @inajob, Spamhaus doesn’t recognize that Netlify is a web hosting service. We offer free webhosting and people do create phishing sites with our service. We take them down when reported but malicious sites are a reality for every web hosting company.

Each time a subdomain of netlify.app is flagged as phishing Spamhaus adds the apex/bare/root domain of netlify.app to their domain block list. They do this even though this is different than the domain name used for the phishing.

Taking this shortcut and reporting the apex domain makes things easy for Spamhaus. They only have to keep track of the apex domain, even if the apex domain isn’t the actual bad actor. They oversimplify reality.

However, this isn’t accurate or helpful has it then blocks millions of sites instead of just one phishing site. It doesn’t directly affect Spamhaus though so it is of little concern to them.

Again, this makes things easy for Spamhaus but hard for Netlify. How does someone appeal this behavior at Spamhaus? Answer: No one can!

There is no appeal process at Spamhaus. Sure, there is a web form but there is no way to get them to change this false reporting of the apex domain for a phishing site on a subdomain.

There is no way to talk to anyone at Spamhaus about this. They keep adding our domain and we keep submitting removals from the DBL. However, this is all automated systems and speaking to a person is impossible. I know. I’ve tried.

As much as Spamhaus has the best of intentions, I consider them flawed and unfair in their real world practices. All I want them to do is accurately reflect reality, but reality is complex and doing so takes more effort than their current gross oversimplification does.

(Does it show that I’m bothered by their behavior?) :wink:

If there are other questions about this, please let us know.

2 Likes

@luke assume this will resolve once Spamhaus updates their copy of the public suffix list?

Seems that netlify.app is still being listed as a single domain on the Alexa 1m (whereas web.app, for example, is being treated separately for each subdomain). Looks like netlify.app was added to public suffix list on 4/9 and in doing some digging, it seems other platforms that reference the public suffix list can take a while to update.