VirusTotal and other domain reputation sites say the domain is malicious. Specifically there have been multiple malware samples that were scanned (latest was 10-09-2023) that had this domain hard coded in it.
https://www.virustotal.com/gui/domain/bonesinjars.com
You may want to get a new domain. Other option is to contact Akamai and see if they can whitelist this domain. Charter uses threat intel from Akamai to block certain "malicious" domains.
-Rich
?On 10/25/23, 1:54 PM, "NANOG on behalf of Bryan Fields" <nanog-bounces+rich.compton=charter.com@nanog.org <mailto:charter.com@nanog.org> on behalf of Bryan@bryanfields.net <mailto:Bryan@bryanfields.net>> wrote:
CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.
On 10/25/23 2:41 PM, Greg Dickinson wrote:
> If it helps troubleshooting, when I click the domain in the email Mimecast
> tells me:
>
> “We checked the website you are trying to access for malicious and
> spear-phishing content and found it likely to be unsafe.”
I saw nothing referencing Mimecast in the original email. Where did you see this?
bonesinjars.com is not signed with DNSSEC. This is trivial to setup and might
prevent some of this.
Probably not a good idea for your customers to rely on $BIGCABLE DNS servers.
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net <http://bryanfields.net>
E-MAIL CONFIDENTIALITY NOTICE:
The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.
https://www.virustotal.com/gui/domain/bonesinjars.com
You may want to get a new domain. Other option is to contact Akamai and see if they can whitelist this domain. Charter uses threat intel from Akamai to block certain "malicious" domains.
-Rich
?On 10/25/23, 1:54 PM, "NANOG on behalf of Bryan Fields" <nanog-bounces+rich.compton=charter.com@nanog.org <mailto:charter.com@nanog.org> on behalf of Bryan@bryanfields.net <mailto:Bryan@bryanfields.net>> wrote:
CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.
On 10/25/23 2:41 PM, Greg Dickinson wrote:
> If it helps troubleshooting, when I click the domain in the email Mimecast
> tells me:
>
> “We checked the website you are trying to access for malicious and
> spear-phishing content and found it likely to be unsafe.”
I saw nothing referencing Mimecast in the original email. Where did you see this?
bonesinjars.com is not signed with DNSSEC. This is trivial to setup and might
prevent some of this.
Probably not a good idea for your customers to rely on $BIGCABLE DNS servers.
--
Bryan Fields
727-409-1194 - Voice
http://bryanfields.net <http://bryanfields.net>
E-MAIL CONFIDENTIALITY NOTICE:
The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.