undefined | Better HN

0 pointsAachen10mo ago0 comments

I became a bit disillusioned with quad9 when they started refusing to resolve my website. It's like wetransfer but supporting wget and without the AI scanning or interstitials. A user had uploaded malware and presumably sent the link to a malware scanner. Instead of reporting the malicious upload or blocking the specific URL¹, the whole domain is now blocked on a DNS level. The competing wetransfer.com resolves just fine at 9.9.9.9

I haven't been able to find any recourse. The malware was online for a few hours but it has been weeks and there seems to be no way to clear my name. Someone on github (the website is open source) suggested that it's probably because they didn't know of the website, like everyone heard of wetransfer and github and so they don't get the whole domain blocked for malicious user content. I can't find any other difference, but also no responsible party to ask. The false-positive reporting tool on quad9's website just reloads the page and doesn't do anything

¹ I'm aware DNS can't do this, but with a direct way of contacting a very responsive admin (no captchas or annoying forms, just email), I'd not expect scanners to resort to blocking the domain outright to begin with, at least not after they heard back the first time and the problematic content has been cleared swiftly

0 comments

Quad910mo ago

What is your ticket #? Let's see if we can get this resolved for you.

AachenOP10mo ago

Oh hey, didn't expect this to actually be seen by many people, let alone you guys!

There was no ticket number yet because I was mainly trying to resolve it upstream (whoever made it get into uBlock's default block list, Quad9, and probably other places) and then today when I checked your site specifically, the link in "False Positive? <Please contact us>" (when you do a lookup for a blocked domain) just links back to itself so I couldn't open a case there either. Now that I look at the page again, with the advice in mind from a sibling comment to just email you, I now see that maybe this is supposed to go to the generic contact form and I needn't go through this domain status page. Opening the contact page now, I see that removal from blocklist is a selectable option so I'll use that :)

The ticket number I just submitted is 41905. Not that I'd want you to now apply preferential treatment, I didn't expect my post above to be seen by many people though I very much appreciate that you've reached out here. Makes me think you're actually interested in resolving this type of issue for small website operators, where the complete block without so much as a heads up felt a bit, well, like that might not get me anywhere. If the process just works as it normally should, that's good enough for me! Thanks for encouraging me to actually open a ticket!

Quad910mo ago

Glad to hear you were able to submit a ticket! The website form wasn't working a brief time ago. But YES, we want to help! You can DM me in the fedi if you need anything: https://mastodon.social/@quad9dns

dmitrygr10mo ago

Why not address the REAL issue:

> I haven't been able to find any recourse. [...] there seems to be no way to clear my name.

seb120410mo ago

From the parent comment the path of recourse is a ticket. Does not help if hn is needed to have it looked at.

BenjiWiebe10mo ago

Looks like no ticket was actually created until now though.

mnordhoff10mo ago

You should email them about the form and about your domain. Their email address is listed on the website. <https://quad9.net/support/contact/>

Sometimes the upstream blocklist provider will be easy to contact directly as well. Sometimes not so much.

ajdude10mo ago

I've been the victim of similar abuse before, for my mail servers and one of my community forums that I used to run. It's frustrating when you try to do everything right but you're at the mercy of a cold and uncompromising rules engine.

You just convinced me to ditch quad9.

AachenOP10mo ago

In the ticket I just opened (see sibling thread), I asked which blocklist my domain was on. Maybe let's see what comes out of it, perhaps they can improve the process (e.g. drop that blocklist, or notify the abuse record of domains which they're blocking so that domain owners are at least aware of where they can go to fix things)

I don't see contact info on your profile or website/blog, but I can post here what the outcome is

Edit: I love your blog's theme btw!

j / k navigate · click thread line to collapse

0 comments

Quad910mo ago

What is your ticket #? Let's see if we can get this resolved for you.

AachenOP10mo ago

Oh hey, didn't expect this to actually be seen by many people, let alone you guys!

Quad910mo ago

dmitrygr10mo ago

Why not address the REAL issue:

> I haven't been able to find any recourse. [...] there seems to be no way to clear my name.

seb120410mo ago

From the parent comment the path of recourse is a ticket. Does not help if hn is needed to have it looked at.

BenjiWiebe10mo ago

Looks like no ticket was actually created until now though.

mnordhoff10mo ago

You should email them about the form and about your domain. Their email address is listed on the website. <https://quad9.net/support/contact/>

Sometimes the upstream blocklist provider will be easy to contact directly as well. Sometimes not so much.

ajdude10mo ago

You just convinced me to ditch quad9.

AachenOP10mo ago

I don't see contact info on your profile or website/blog, but I can post here what the outcome is

Edit: I love your blog's theme btw!

j / k navigate · click thread line to collapse