OpenDNS systematically blocking legitimate businesses with broken appeal process
The core issue: OpenDNS flagged our legitimate URL shortening domain as "phishing" during our first major marketing campaign, causing immediate traffic collapse and wasted ad spend. When we tried their official appeal process, the form returned "invalid origin" errors - making it impossible to dispute false positives.
Why this matters beyond my case: - They're serving wrong SSL certificates, triggering browser security warnings - Their broken appeal system suggests they don't want to fix false positives - Small businesses can't afford individual legal action against Cisco-owned OpenDNS - Users trust OpenDNS as "security" but don't realize it's actively censoring legitimate sites
I'm organizing affected businesses for potential legal action, but public attention could pressure them to fix their systems faster than courts. Other victims are afraid to speak publicly - understandably, since OpenDNS could retaliate with more blocking.
Would any of you be interested in investigating this story? I can provide full documentation and connect you with other affected businesses.
Best regards, Roberto Capodieci
P.S. For those of you that are interested, I have put together a short recap at rcx. it / opendns
Something you did (ie: a mass marketing campaign) made the filters think you're doing something that looks like phishing. There are a lot of reasons this can happen like actual recipients of your "marketing campaign" who reported you as phishing. In this case you're unlikely to just get whitelisted.
But it's not always that black-and-white. There are a variety of factors which go into assessing an org. Just some samples:
- How long has the domain been registered? - How much mail volume has been sent from a domain over time (and has there been a large deviation... for example if a domain typically sends 100s of emails per day for 5 years and then suddenly starts blasting emails in the millions per day this can be an indication of a problem) - Is there suspicious script (or perhaps specific scripts) running on the site - Is the site nothing but a URL redirection
These are just a few things that come to mind but there are many others. SO if you're blasting out emails by the thousand (or more) and you're redirecting people to your site which then installs some software surreptitiously and redirects people to another site invisibly, then yeah, your site probably looks like phishing. Compound this with reports from those email recipients who report your emails as phishing then OpenDNS is gonna list your site as phishing, too.
In my experience OpenDNS has been very responsive to challenges to their ratings at least from their customers. I'd say if the a perceived phishing site operator were the one to ask to be delisted they (OpenDNS) may not be inclined to do so... but if one of their customers (a paying OpenDNS customer) opened a support ticket they would likely get an answer. Not that the answer will necessarily be to whitelist your site, but they will look at the site and make a determination.