All Activity

This stream auto-updates   

  1. Past hour
  2. Today
  3. You need to copy the COMPLETE email, body and all, into the submission form, otherwise the SpamCop parser is likely to complain. By the way, what's with the blank quotes that cluttering up your post? It makes me wonder if you're yanking our chains.
  4. Abuse contact for '185.204.180.0 - 185.204.183.255' is 'fcpiran[at]gmail.com'
  5. I only copy my header in Gmail and put all for report window.Nothing more .But still received back this information.I do normal procedure .
  6. Abuse contact for '46.36.112.0 - 46.36.119.255' is 'tech[at]piroozonline.net'
  7. Last week
  8. I've been reporting a lot of spam lately that uses sites like bit.ly and tinyurl.com to obfuscate links. I think it would be a good idea for spamcop to keep a list of such "url shortening services" and (automatically or on request by the reporter) dereference them into the links they point to.
  9. Well, the vacation from LimeStone Networks was nice but it looks like they're cranking back up again. The past two days I've been getting their spam. I'm not sure if this is possible but I'd like to create my own personal RBL and just delete the messages automatically in Outlook. If I don't see them then I won't get irritated (I hope). https://www.spamcop.net/mcgi?action=gettrack&reportid=6682094190
  10. The domains have been around a while. However, the machines are strictly internal so they will never be seen in the external DNS view. I don't have anything for lereta.com in Mailhost right now. First time I attempted to register this new configuration I tried deleting the existing config and retrying. I will try to get each host in turn to act as a final destination for my address. ETA: There is an incomplete configuration in Mailhost but, so far, I've been unable to "Resolve incomplete mail host configuration".
  11. Was the subdomain newly created and the DNS not had time to distribute the new IP? "IP not found ; scapp02.lereta.net discarded as fake." Not knowing what you currently have configured in Mailhost it is hard to say. However, the last line in above is the key. Start with a path through your mail servers that is only one step added to what you currently have configured, moving out from there.
  12. We recently added multiple agents for the Proofpoint system and I am unable to register the new configuration as a mailhost: ------------------------------------------------- Host scapp02.lereta.net (checking ip) IP not found ; scapp02.lereta.net discarded as fake. Sorry, SpamCop has encountered errors: The email sample you submitted for scarville@lereta.com appears to traverse more than one domain. Please ensure that you configure each mailhost individually and in order. Proceed here: <https://www.spamcop.net/mcgi?mhc2=ikZ6h9TJW2NhNjki> ------------------------------------------------- These are the headers from the account configuration email. Received: from mail.lereta.com [10.212.170.192] by scafs02-lnx.lereta.com with POP3 (fetchmail-6.3.17) for <stephen@localhost> (single-drop); Mon, 17 Jul 2017 09:54:22 -0700 (PDT) Received: from scaxc06.lereta.net (10.212.170.70) by scaxc05.lereta.net (10.212.170.139) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Mailbox Transport; Mon, 17 Jul 2017 09:51:58 -0700 Received: from SCAXC03.lereta.net (10.212.170.223) by scaxc06.lereta.net (10.212.170.70) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Mon, 17 Jul 2017 09:52:52 -0700 Received: from scapp02.lereta.net (10.212.165.125) by SCAXC03.lereta.net (10.212.170.223) with Microsoft SMTP Server id 15.0.1236.3 via Frontend Transport; Mon, 17 Jul 2017 09:52:53 -0700 Received: from pps.filterd (scapp02.lereta.net [127.0.0.1]) by scapp02.lereta.net (8.16.0.17/8.16.0.17) with SMTP id v6HGkjgh007366 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from mx02.lereta.com ([198.204.112.74]) by scapp02.lereta.net with ESMTP id 2bqh180f40-1 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from prod-sc-www02.spamcop.net (vmx.spamcop.net [184.94.240.112]) by mx02.lereta.com (Postfix) with SMTP id AB2266000F for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 (PDT) X-SpamCop-Conf: ikZ6h9TJW2NhNjki Received: from [204.45.182.99] by spamcop.net with HTTP; Mon, 17 Jul 2017 16:52:52 GMT From: SpamCop robot <mhconf.ikZ6h9TJW2NhNjki@cmds.spamcop.net> To: <scarville@lereta.com> Subject: [SpamCop] account configuration email Precedence: list Message-ID: <wh596ceb64g6a4d@msgid.spamcop.net> Date: Mon, 17 Jul 2017 16:52:52 +0000 X-Mailer: https://www.spamcop.net/ v4.8.6 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-07-17_13:,, signatures=0 X-Proofpoint-spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707170269 Return-Path: service@admin.spamcop.net Content-Type: text/plain X-MS-Exchange-Organization-Network-Message-Id: d90a198d-4e20-4e2f-235c-08d4cd344410 X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 X-MS-Exchange-Organization-AuthSource: SCAXC03.lereta.net X-MS-Exchange-Organization-AuthAs: Anonymous MIME-Version: 1.0 Another wrinkle is that the intermediate hop could also be scapp03.lereta.net. Any way I can fix this?
  13. Do you use the "forward as attachment" (or equivalent) option of your email software/webmail?
  14. Earlier
  15. OK but when I submit spam header.All time I see header and body.I just copy all and put for spamcop .Spamcop send it .This is all what I do .
  16. Aha! Yes I remember seeing that somewhere. No I do not have reports sent to me and will try it just to see. This is where I added my address to do this in the preferences. Thanks!
  17. We assume you have set/checked your reporting preferences. Have you sent yourself a copy of a spam report? As noted elsewhere what you see looking at a report id or Tracking URL is not the same as the report that is actually sent.
  18. In several brands of spam I get, my email address is also in the subject and/or in the body of the spam, either built into links or more frequently, "Dear emanmb@_______". Now I realize that changing any part of the spam being reported to SC is frowned upon, but in such cases, what else can I do to remain anonymous except to delete my email from wherever it appears in the report? A sample of the html incorporating my email in their link is below. <html> <head> <title></title> </head> <body> <a href="http://w0yoorncgn.cu.cc/7viV3yWAetrXvFFdyiMU/emanmb@--------"> <h2>Get $5730 deposited in your account to go back to school.</h2> <img src="http://w0yoorncgn.cu.cc/img/picture12.jpg/emanmb@---------" usemap="#edu" alt="Click here to Apply Now" /> </a> <map name="edu" id="edu"> <area alt="" title="" href="http://w0yoorncgn.cu.cc/7viV3yWAetrXvFFdyiMU/emanmb@---------" shape="default"/> </map> <br><br><br><br><br> </a> <a href="http://www.w0yoorncgn.cu.cc/1a8bb1a7bf24c6016ceaaa727a_92ba6759-01010101e4c5/C/">To Unsubscribe Click Here</a> <h5>To enable all links in this message (including unsubscribe link), please click Not spam on a toolbar</h5> </body> </html>
  19. Yes lisati, the Spamcop website rejects me when I try to login through Acrobat and I cannot therefore do what I can through the Telnet Communications website, that is create and append as I drill down the site. For whatever it's worth Spamcop does allow drilling and appending as you go, it does not with the "secure" side. That is what I am requesting be changed.
  20. The point of registering "mailhosts" on your spamcop reporting account is to help Spamcop distinguish between your email provider and the other providers which may (or may not) be the true source of unwanted email. There's very little point in reports being sent your provider, or adding their details to the "spam source database" when their only role was to deliver it to your inbox or junk folder. As I understand it, the role Spamcop plays in the mix is to try to identify the true source of unwanted email, and build a database of known spam sources. They make this available via the Spamcop Blocing list. Any reports it sends to providers is a bonus, and any problems that fixed as a result is a double bonus. It is freely available for email providers to use as part of their spam filtering processes. The "report spam" button that some providers have as part of their webmail service is usually more limited in its scope, and usually only helps that particular provider tune its spam filters.
  21. Because nothing has changed. If you look at the bottom of the example you provide inline, again, you will see there is no body to the email only the header.
  22. Hi may someone explain my why I still receive this email .2 month still the same mail. ########################## SpamCop AutoResponder do mnie SpamCop encountered errors while saving spam for processing: SpamCop could not find your spam message in this email: Return-Path: <return@wemailfast.com> Received: from vmx.spamcop.net (prod-sc-smtp8.sv4.ironport.com [10.8.129.218]) by prod-sc-app004.sv4.ironport.com (Postfix) with ESMTP id 69FEC123002 for <submit.75S8g29jjzxyqJKv@spam.spamcop.net>; Thu, 13 Jul 2017 08:45:35 -0700 (PDT) Authentication-Results: vmx.spamcop.net; dkim=pass (signature verified) header.i=abuse@wemailfast.com X-IronPort-AV: E=McAfee;i="5700,7163,8589"; a="1114885135" X-IronPort-AV: E=Sophos;i="5.40,354,1496127600"; d="scan'208,217";a="1114885135" Received: from mail4.wemailfast.com ([173.214.162.225]) by vmx.spamcop.net with ESMTP; 13 Jul 2017 08:45:36 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=wemailfast.com; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; i=abuse@wemailfast.com; bh=wx59JrQhT11kSHl8T57baWjRLTU=; b=MAzG1uURakb6kOdMCyk/PekJeq+/Kh8bTQqEDYsYtJNxL3qLc9iiDaAFRagXE47zj6FkLTjNnEz7 76w4kHlCyPhyNvGIeBkQUggbu/SA0EaobYL9vL/GazzBdreaCCOx8yDgyiV5AqPV3RnDuG/38P8k 9P553wpV9HTGPS6XtGQ= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=wemailfast.com; b=ztBmicQkK5WStMEzXJ2Ri25ZbGamHuIwPeVrXIuXnmyFo5Ttx0BCVovS/NvmtclucWSDpyTplAL4 BPdsm2g96IX+COh3/10MM4SRotcfFkvb+NvpLZXrPEfZKBQRvY4yytiKSg8nUoV8IQiIkZnZHcJj MAApmYu3JXqGtdIakS0=; To: submit.75S8g29jjzxyqJKv@spam.spamcop.net Subject: BitcoFuture Quickest 12x1 Straitline Matrix ever... Message-ID: <c5b357aa6f6deff0c205bb4eaf77a49c@wemailfast.com> Date: Thu, 13 Jul 2017 10:52:14 -0300 From: "Robert Schmitt" <robert@wemailfast.com> Reply-To: robert@wemailfast.com MIME-Version: 1.0 X-Mailer-LID: 3 List-Unsubscribe: <http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18> X-Mailer-RecptId: 129243 X-Mailer-SID: 18 X-Mailer-Sent-By: 2 Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_144fd3bb622545f00c3e8fe0c53b5524" Content-Transfer-Encoding: 8bit --b1_144fd3bb622545f00c3e8fe0c53b5524 Content-Type: text/plain; format=flowed; charset="UTF-8" Content-Transfer-Encoding: 8bit Hi Friends, Just Launched...is quick and easy This is a Quick and Simple, entry fee 0.01 12x1 = 12 Referrals and earn 0.10 is about $235.00 Friends and Strangers Helping each other That's it! So simple! Don't miss out now http://wemailfast.com/turbo/link.php?M=129243&N=18&L=3&F=T Cheers Robert Your email client cannot read this email. To view it online, please go here: http://wemailfast.com/turbo/display.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&S=18&L=3&N=4 To stop receiving these emails:http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18 --b1_144fd3bb622545f00c3e8fe0c53b5524 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: 8bit <html> <head> </head> <body> Hi Friends,<br /><br />Just Launched... is quick and easy<br /><br />This is a Quick and Simple, entry fee 0.01<br />&nbsp;<br />12x1 = 12 Referrals and earn 0.10 is about $235.00<br /><br />Friends and Strangers Helping each other<br /><br />That's it! So simple!<br /><br />Don't miss out now<br /><br /><a href="http://wemailfast.com/turbo/link.php?M=129243&N=18&L=4&F=H" title="bitcofuture">is worth looking at</a><br /><br />Cheers Robert<br /><br /><br /><br /><a href="Unsubscribe" nh-safe-redirect data-saferedirecturl="https://zasobygwp.pl/redirect?sig=cd2410bd4ca7594ce72c5dc9dd967e414b34e7db05e685dbbbc6dc0b0dca3a60&url=aHR0cDovL3dlbWFpbGZhc3QuY29tL3R1cmJvL3Vuc3Vic2NyaWJlLnBocD9NPTEyOTI0MyZDPWYyZDI0NTBlZjBiNTc2MzE0YjFiZDJlZmRjYTAzZGFhJkw9MyZOPTE4Ij5VbnN1YnNjcmliZQ==" target="_blank">http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18">Unsubscribe me from this list</a> <img src="http://wemailfast.com/turbo/open.php?M=129243&L=3&N=18&F=H&image=.jpg" height="1" width="10"></body> </html> --b1_144fd3bb622545f00c3e8fe0c53b5524-- The email which triggered this auto-response had the following headers: Return-Path: <return@wemailfast.com> Received: from vmx.spamcop.net (prod-sc-smtp8.sv4.ironport.com [10.8.129.218]) by prod-sc-app004.sv4.ironport.com (Postfix) with ESMTP id 69FEC123002 for <submit.75S8g29jjzxyqJKv@spam.spamcop.net>; Thu, 13 Jul 2017 08:45:35 -0700 (PDT) Authentication-Results: vmx.spamcop.net; dkim=pass (signature verified) header.i=abuse@wemailfast.com X-IronPort-AV: E=McAfee;i="5700,7163,8589"; a="1114885135" X-IronPort-AV: E=Sophos;i="5.40,354,1496127600"; d="scan'208,217";a="1114885135" Received: from mail4.wemailfast.com ([173.214.162.225]) by vmx.spamcop.net with ESMTP; 13 Jul 2017 08:45:36 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=wemailfast.com; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; i=abuse@wemailfast.com; bh=wx59JrQhT11kSHl8T57baWjRLTU=; b=MAzG1uURakb6kOdMCyk/PekJeq+/Kh8bTQqEDYsYtJNxL3qLc9iiDaAFRagXE47zj6FkLTjNnEz7 76w4kHlCyPhyNvGIeBkQUggbu/SA0EaobYL9vL/GazzBdreaCCOx8yDgyiV5AqPV3RnDuG/38P8k 9P553wpV9HTGPS6XtGQ= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=wemailfast.com; b=ztBmicQkK5WStMEzXJ2Ri25ZbGamHuIwPeVrXIuXnmyFo5Ttx0BCVovS/NvmtclucWSDpyTplAL4 BPdsm2g96IX+COh3/10MM4SRotcfFkvb+NvpLZXrPEfZKBQRvY4yytiKSg8nUoV8IQiIkZnZHcJj MAApmYu3JXqGtdIakS0=; To: submit.XxXxXxXxXxXxXxXx@spam.spamcop.net Subject: BitcoFuture Quickest 12x1 Straitline Matrix ever... Message-ID: <c5b357aa6f6deff0c205bb4eaf77a49c@wemailfast.com> Date: Thu, 13 Jul 2017 10:52:14 -0300 From: "Robert Schmitt" <robert@wemailfast.com> Reply-To: robert@wemailfast.com MIME-Version: 1.0 X-Mailer-LID: 3 List-Unsubscribe: <http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18> X-Mailer-RecptId: 129243 X-Mailer-SID: 18 X-Mailer-Sent-By: 2 Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_144fd3bb622545f00c3e8fe0c53b5524" Content-Transfer-Encoding: 8bit
  23. It has been noted before that sometimes the ISP is more focused on the bottom-line that on being a good member of the internet community. In those cases your solution maybe an only recourse. Reporting them to SC does help those that use the SCBL.
  24. That seems stale, and the reporting system says "I refuse to bother ip-box[at]ripn.net" The RIPE reply to a whois query lists that address in a comment but the actual records include: abuse-mailbox: abuse@nic.ru
  25. How can one "go after" cloudlfare? Being about as technically incompetent as one may be, the best I finally did was learn how to go into my cpanel and block the ip range of worst spam...I would much prefer having cloudlare just stop the emails. I filed two reports with them, they closed them out as they "do not have responsibility' for what does through them.... I also started reporting on abuseipb, but guess who hosts the site? I started getting errors when I tried to log into abuseipb. This is the little text blurb across the top of the page when it returns the error: This page (https://www.abuseipdb.com/) is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by Cloudflare | Hide this Alert
  26. Abuse contact for '45.120.184.0 - 45.120.187.255' is 'tousu[at]90qh.com'
  27. I refer to this image, copied from the first post in this thread:
  28. Thanks, lisati, got that. But what is the point of doing the mailhosting registration and all that? And I have another question - how do you deal with the increasing amount of spam that comes in with no headers? Getting to be more and more of that. Thanks.
  29. An example of how Spamcop should behave is shown below when I create a single PDF from multiple pages.
  1. Load more activity