Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. Dracosse

    No Headers

    Yes. In the morning I delete everything that arrived while I was asleep. I like to keep my reporting time to something less that 2 hours. I've been striving for this since about 2000 using 2 older retired Spamcop accounts. I'm still reporting everything that comes in hourly but I don't think I'll continue doing this, I'm retired and disabled. I have little else I can do these days. Spamcop helped to make me feel useful until this happened.
  3. Lking

    No Headers

    Yes spam seems to be a never ending fight. My count sense midnight is 109. I assume you are reporting/attaching several spam a time. I settled on 15 spam at a time. This is a convenient cumber to visually scan and attach. It also keeps the size small enough to pass all limits Many users report just the number they have time or interest to report. For example reporting just the "Canada drug" spam or other block that catch their eye. The others are just dumped in the trash.
  4. Dracosse

    No Headers

    Maybe of interest to someone. In one hour I have 112 new spam messages. I'm beginning to lose interest in reporting all of these pieces of spam.
  5. Yesterday
  6. Lking

    No Headers

    http://forum.spamcop.net/topic/42877-no-headers/?tab=comments#comment-149703 Link to other thread included for reference. Suggestion: Not sure this would save time, but before submitting a spam the header could be inspected for "Received:" lines (<ctrl> U) and not report those similar to those reflected in the examples above.
  7. Dracosse

    No Headers

    I have been submitting spam to SpamCop for years but I'm afraid that I don't have the experience or the terminology to always understand what I read in the forums. Please don't come down on me if I am duplicating other requests. As LKing can attest I have been posting in the lounge a problem that has been plaguing me for the last 2 or 3 weeks. I'm not getting any support from Hotmail or Outlook admins either. The problem is that I receive literally hundreds of spam messages every day and Spamcop reports "No source IP Address Found", "Probably not full headers, See FAQ". I use Thunderbird to forward messages as attachments. Because of this I provide Spamcop with the entire message. I would like to request a feature that I can turn on or off that would allow Spamcop to NOT send me a link that reports the no IP address condition. Below I provide examples of my problem. https://www.spamcop.net/sc?id=z6600151198z37eab1d8d676ae74bc0275d270b9c72az https://www.spamcop.net/sc?id=z6600151200z386f959d2ff11ff3fb10c11c0f8d6233z https://www.spamcop.net/sc?id=z6600151201z0c8ee99f58cc4eb4d0335674c468e352z
  8. Last week
  9. Hanco

    No Headers

    Heck, sorry about that. Thanks for removal. And thanks other user for DM!
  10. Dracosse

    No Headers

    Oops, Thanks 🙂
  11. Lking

    No Headers

    edited to removed, @Dracosse email. This of course is why a tracking URL should be used. - hiding users email and providing all other contend AND the results from the parser.
  12. Dracosse

    No Headers

    I have been in contact with Comcast/Xfinity support several times This issue has been escalated 2 times. I am now waiting to hear from level 3 support. Contacting Hotmail results in the expected zero support. I've tried many times and the Hotmail Admins do not care. I should be noted that they DO care that I am sending so many messages to Spamcop. They think that I AM A SPAMMER. I have continued to submit messages to Spamcop but it is getting old to submit 100 messages and only 5 or 6 of them are successfully reported. I may have to quit it is beginning to feel like a failed and time wasting exercise. In the interest of providing as much information as possible to this community I have pasted the entire contents of one of these offending email messages. ____________________________________________________________________________________________________________________________________________________ [snip] Return-Path: <Support@sienZMuc.de> Reply-To: "Health Care News" <reply@bestforever.space> From: "Health Care News" <Support@WGwCKu84.de> To: <xxx> Subject: CBD Infused Coffee Now Available In All 50 States! Date: Wed, 11 Dec 2019 04:55:14 -0800 Message-ID: <b767e49b-203c-41a4-98e9-3e79e1eeb8a8@BN3NAM04FT018.eop-NAM04.prod.protection.outlook.com> Content-Type: multipart/alternative; boundary="----=_NextPart_000_0483_01D5AFF7.E937D170" X-Mailer: Microsoft Outlook 14.0 List-Unsubscribe: <mailto:JaPvtSarimHynd.sara@bestforever.space?subject=unsubscribe&body=unsubscribe> X-MS-Exchange-Organization-AuthSource: BN3NAM04FT018.eop-NAM04.prod.protection.outlook.com X-MS-PublicTrafficType: Email Thread-Index: AQKOwwDqY+pyKnUJwshSFArqZQUGfg== X-OlkEid: F564B82D245306C0684BE1478011FAB7D691B2E8 MIME-Version: 1.0 ------=_NextPart_000_0483_01D5AFF7.E937D170 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit <http://flexibleme.myddns.me/t?0pyH6Ye7SYwA=nG%2FauCRUrh1EjN10iFhVarQ0JVmfvvhs1sgGpM9%2BYD%2F%2B%2B7r12tARB1Ja43W1WRPx8H%2FHhBQwYr5xx1hOvU8jGiaFx8Z0LG30O%2FVTCYqflItvZ2Rmnq3bs5M6rqeG%2F%2ByaCSlG4MrOM%2FS8bhmGNa%2F86lwv5NoeQVJOdp9P7ovVb5%2FY0PPVFpnb1S%2B6D0iEAH4naoqwXGlUOPxiL%2BfRzPUmFJSAn0S%2FgUQ%2Bch9zuI5GoX1UQc8YOi8nnhUsgezT4SzAT9bjFc9tu2FhDvbEcFZFQhUqNH%2B6Wy9WHZbB9JXwOkWkZUblD5%2Bpi2EktHjxLSzZ%2FR70E6RiRC4FTPVPutHByqEJ5zud4Qihs%2FbkI5JTCkYq49DjHhqg3vnJUjhzOaN3> <http://flexibleme.myddns.me/t?5IVfvf9wst5l=7nW5gOPW4ZVJLEglxeUGWpq0ZTDIgJwUg6K4%2BdQCpqJRLeJhdwjuzTFre%2BFDGKD4wHqprnjJcXNuWeDjyuV0iOER7PnbpXCgNcgjoid2uDDkrsq9izvsWb6f4ICtZdNGpW8x2Spjlz6j2aCTpo75P53AxoioKD7f8gh3zQNi96%2B3REdF9Tens%2FyNRQuuOKIEdR5AVJjO98Xe%2BqZtxkt%2B7RmD3fSTFx6N7Rxo0fyUY1HqdYvZ2upeINyHqJn4nj5h> CLICK HERE TO UNSUBSCRIBEIf you wish to unsubscribe from future mailings please click here<http://flexibleme.myddns.me/t?5IVfvf9wst5l=7nW5gOPW4ZVJLEglxeUGWpq0ZTDIgJwUg6K4%2BdQCpqJRLeJhdwjuzTFre%2BFDGKD4wHqprnjJcXNuWeDjyuV0iOER7PnbpXCgNcgjoid2uDDkrsq9izvsWb6f4ICtZdNGpW8x2Spjlz6j2aCTpo75P53AxoioKD7f8gh3zQNi96%2B3REdF9Tens%2FyNRQuuOKIEdR5AVJjO98Xe%2BqZtxkt%2B7RmD3fSTFx6N7Rxo0fyUY1HqdYvZ2upeINyHqJn4nj5h> or write to:1261 S 820 E Suite 210 American Fork UT 84003 ------=_NextPart_000_0483_01D5AFF7.E937D170 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.= w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns=3D"http://www.w3.= org/1999/xhtml"><head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> <title>AMAZING DEAL!</title> <style> img { width: 100%; height: auto; } </style> </head> <body> <p>&nbsp;</p> <table width=3D"auto" height=3D"auto" border=3D"0" cellspacing=3D"0" cellpa= dding=3D"0" align=3D"center" style=3D"border:1px solid #ccc;"> <tr> <td height=3D"auto"> <a href=3D"http://flexibleme.myddns.me/t?0pyH6Ye7SYwA=3DnG%2FauCRUrh1EjN1= 0iFhVarQ0JVmfvvhs1sgGpM9%2BYD%2F%2B%2B7r12tARB1Ja43W1WRPx8H%2FHhBQwYr5xx1hO= vU8jGiaFx8Z0LG30O%2FVTCYqflItvZ2Rmnq3bs5M6rqeG%2F%2ByaCSlG4MrOM%2FS8bhmGNa%= 2F86lwv5NoeQVJOdp9P7ovVb5%2FY0PPVFpnb1S%2B6D0iEAH4naoqwXGlUOPxiL%2BfRzPUmFJ= SAn0S%2FgUQ%2Bch9zuI5GoX1UQc8YOi8nnhUsgezT4SzAT9bjFc9tu2FhDvbEcFZFQhUqNH%2B= 6Wy9WHZbB9JXwOkWkZUblD5%2Bpi2EktHjxLSzZ%2FR70E6RiRC4FTPVPutHByqEJ5zud4Qihs%= 2FbkI5JTCkYq49DjHhqg3vnJUjhzOaN3"><img src=3D"https://pbs.twimg.com/media/E= Lf6MeHWkAEG1IY?format=3Dpng&amp;name=3Dsmall"></a><tr></tr></td> <td><center> <font size=3D"2px"><a href=3D"http://flexibleme.myddns.me/t?5IVfvf9wst= 5l=3D7nW5gOPW4ZVJLEglxeUGWpq0ZTDIgJwUg6K4%2BdQCpqJRLeJhdwjuzTFre%2BFDGKD4wH= qprnjJcXNuWeDjyuV0iOER7PnbpXCgNcgjoid2uDDkrsq9izvsWb6f4ICtZdNGpW8x2Spjlz6j2= aCTpo75P53AxoioKD7f8gh3zQNi96%2B3REdF9Tens%2FyNRQuuOKIEdR5AVJjO98Xe%2BqZtxk= t%2B7RmD3fSTFx6N7Rxo0fyUY1HqdYvZ2upeINyHqJn4nj5h"> CLICK HERE TO UNSUBSCRIB= E</a> </font> </center></tr></table> <center> <p style=3D"color:#919191; font-family:Arial, Helvetica, sans-serif; font-s= ize:10px; text- align:center">If you wish to unsubscribe from future mailings please click <a href=3D"http://flexibleme.myddns.me/t?5IVfvf9wst5l=3D7nW5gOPW4ZVJLEglxeU= GWpq0ZTDIgJwUg6K4%2BdQCpqJRLeJhdwjuzTFre%2BFDGKD4wHqprnjJcXNuWeDjyuV0iOER7P= nbpXCgNcgjoid2uDDkrsq9izvsWb6f4ICtZdNGpW8x2Spjlz6j2aCTpo75P53AxoioKD7f8gh3z= QNi96%2B3REdF9Tens%2FyNRQuuOKIEdR5AVJjO98Xe%2BqZtxkt%2B7RmD3fSTFx6N7Rxo0fyU= Y1HqdYvZ2upeINyHqJn4nj5h">here</a> or write to:<br> 1261 S 820 E Suite 210 American Fork UT 84003 </p> </center> </body> </html> [snap]
  13. Lking

    No Headers

    @Dracosse, thanks for the information. I too have been using FF for years, and forwarding as attachment with FireFly works just fine as a process. The problem remains with the header's lack of "Received:" line as identified by @gnarlymarley Have you gotten any answer for Comcast or you email provider? I would suggest that Comcast/xfinity is just the deliver 'pipe' connecting you to you email host, @gmail, @hotmail, @outlook or whoever. They are the ones that received and passed on to you the email with the badly formed header. NOTE: The previous two post (by @Hanco and copied by @Dracosse) revealed the private code for submitting spam - and have been deleted.
  14. Dracosse

    No Headers

    Yes Thanks for your help but I do not process messages this way. I use Thunderbird to Forward Message(s) as Attachments. 12 to 13 at a time.
  15. RobiBue

    reveal obfuscated url for reporting

    5 years ago, this piece was posted by a now Chief Information Security Officer (CISO), then working for Cybersecurity with NCR: https://isc.sans.edu/forums/diary/How+Malware+Campaigns+Employ+Google+Redirects+and+Analytics/19843/ I agree, feature request is best policy as not everyone has the ability and possibility to run a scri_pt with every submission, whereas every submission runs through a scri_pt 😉
  16. Good answer. It seem a bug or still missing V5 checking headers feature, because in this case evidently it doesn't matches legitimate valid domain and user mail headers.
  17. I had thought they turned off the "Please make sure this email IS spam:" warning when they promote V5 as I have not seen the warning in quite a while. I suspect spamcop is checking the headers for a particular format and it might only pop up if the headers matches legitimate email.
  18. “The SpamCop parser is a tool.. “ but without users which report spam it mean NOTHING! Systems contemplate a potential development tools making simple and practical, why is not use for who have more significant contribution?
  19. What is obvious to the casual observer, is not necessarily obvious to the parser. Depending on the workload, number of spam being processed, the parser may not even look at the body of the email submitted. This has long been a concern of some users because spamvertised links sometimes are not identified The SpamCop parser is a tool.. You as the user are responsible for assuring that the IP addresses added to the SCBL and email reported as spam ARE really spam and NOT any one of the other annoying or objectionable email that we all receive. To remind users of that responsibility, the message is included.
  20. Hanco

    Massive spam Attack - Looking For Input

    thought I’d look back and see... One day old 9/25 spam promoted site: highmarket.club - still registered hiotoau.info was created via Namecheap the same day as the spam email was sent: 20 September. Still registered. arstoe.info was created via Namecheap the same day as the spam email was sent: 15 August. Still registered. iornfao.info was created via Namecheap the same day as the spam email was sent: 27 July (shows ClientHold, ServerHold, ClientTransferProhibited) - they took some action on this one camill.icu registered 9/23 and appears action taken: ServerHold, ClientTransferProhibited
  21. Why does the spamcop report always indicated a warning as; verify that the message does not correspond to a spam mail. It does not check the message fields, as the source address which appears as sender? (picture attachment). It is clearly spam mail is masking the source address.
  22. Hanco

    No Headers

    I’ve seen this before but I had inadvertently clicked the link “Select outlook/eudora workaround” on the submission form...Then I was only pasting the entire email headers/plain text into one box on the workaround form!! 🙄 Sounds like not the same cause. But just in case it helps someone in the future, attached images show what my problem was... (well, my problem was me)
  23. Hanco

    Any point in reporting spam from AMAZONAWS?

    This lady/guy is on point. Some of the sites they mention are the same as I have seen. The sweetsumner-dot-com domain mentioned is one of a rare appearance of a domain without Domains By Proxy or other privacy hiding layer. The address for VanillaMud is a UPS store. Does ICANN permit the use of mailbox providers for registration details for domain owners? I would like to get the details for the true owner, but is that possible in the United States? Does it require a lawyer involvement? Tech Contact Support Admin VanillaMud 18766 John J Williams Hwy , #270, Rehoboth Beach, DE, 19971, us (p)
  24. +BFsej@2n

    reveal obfuscated url for reporting

    Placed this thread by purpose in the New Feature Request for SpamCop to look into it and eventually get the obfuscated URL exfiltrated since there is no point of reporting the Google Search URL to Google.
  25. Well .... I do believe the reporting has worked (for now), unless there's a very strange coincidence going on. I've managed to send in all of up to 20+ spams a day recently, then suddenly ..received the very last one at 4am Friday. Not a single one getting to my email provider. I don't suppose it'll last too long, but THANK YOU SpamCop !!!! By the way - it's Boothy99 here. I changed my email address for original account, but after repeated attempts at asking to re-send the confirmation email for me to click on, I've not received anything (checked every folder in Gmail including spam - nothing). Not received a reply from an administrator as yet after clicking the contact button.
  26. Earlier
  27. Lking

    No Headers

    keep us informed.
  28. Dracosse

    No Headers

    Indeed. Nothing will change until something is done to counter the spammers new tactic. Thank you for responding. Your interest/response has given me renewed interest in following this through. My original question was and still is "If spammers have devised a way to send spam without headers what good would it do to continue to use SpamCop in the future? How can the Block list continue to be useful?" I have not contacted Comcast/xfinity to ask how these messages are being handled. It seems to me that ISP's should be able to detect the "No Headers" condition and simply delete them or refuse to forward those messages. I will contact my ISP today and when or if I get a reply I will post it here for all to see. Thanks everyone for bouncing ideas and thoughts around it gives me fuel to run on. Dracosse
  29. Lking

    No Headers

    The reason I ask, is that if nothing has change the results will continue to be unchanged. As noted by gnarlymarley, there are no "Received:" lines in the header you provided. It is by tracing backwards the Received entries in the header, that the spamcop parser identifies the source of the email presented. I am not hopeful but, have you ask your ISP how they delivered an email with a mis configured header? SpamCop or the SpamCop parser can not process an email that does not come close to meeting the email standards.
  1. Load more activity
×