I spoke with someone at Mimecast and we concluded the the customer of mimecast has setup that rule (likely the whole of *.tools), since they could not find anything on there end that didnt like bgp.tools
On Wed, Jan 17, 2024 at 10:54 PM Christopher Hawker <ch...@thesysadmin.au> wrote: > > It'd be interesting to know how Mimecast made the determination that > bgp.tools is compromised. > > Regards, > Christopher Hawker > > On Thu, 18 Jan 2024 at 09:47, Rubens Kuhl <rube...@gmail.com> wrote: >> >> It might be due to usage of a new gTLD like .tools. A number of new >> gTLDs use heavy discounting and this is a magnet for abusive >> registrations, unfortunately. >> >> Rubens >> >> On Wed, Jan 17, 2024 at 2:15 PM Tim Burke <t...@mid.net> wrote: >> > >> > +1 for bgp.tools, it is a superior tool. Sadly, the corporate IT-forced >> > DNS filtering at work for “cybersecurity” (Mimecast) thinks it is a >> > compromised website for some reason, so bgp.he.net ends up being used >> > while I am at the office. >> > >> > On Jan 16, 2024, at 8:44 AM, Ian Chilton <i...@ichilton.co.uk> wrote: >> > >> > Hi, >> > >> > Not a direct answer to your question, but if you're not aware of it, >> > https://bgp.tools/ is a great tool and shows the same info. >> > >> > Ian >> > >> >
