Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. Last week
  3. @petzl: Thanks for your response. I reported the error via Apple's feedback assistant. The feedback# given by Apple is: FB7387063 I hope I will get an answer. Michael
  4. https://www.iphoneblog.de/2018/02/27/ipad-e-mails-als-anhang-weiterleiten/ used Google translate to put it in English best defense against spam is to report it. https://is.gd/ce67fQ
  5. Thanks for your comments, both @petzl and @Hanco. @Hanco: AltaMail is free of charge for 30 days only. After that it's 0,99$ per month. In the iOS-mail program - on the iPad only - there is/was an option to "convert" an eMail into an .eml-file (.eml-files can be handled by SpamCop, I tested this succesfully) as an attachment. With iOS13 this no longer works. The process of converting a Mail into the eml-format gets stuck and can only be cancelled (with no output unfortunately). How this works in iOS12 can be found here (in German only): https://www.iphoneblog.de/2018/02/27/ipad-e-mails-als-anhang-weiterleiten/ Unfortunately there seems to be a bug in the iOS13-version of Apple's mail program. Maybe this will be fixed some day. I keep looking. Any further suggestion is most appreciated. Thanks, Michael
  6. RobiBue

    obscuring personal IDs in reports

    I use Firefox, and if I open the tracking URL in a “private tab” even if I’m logged in, the private tab won’t be logged in — the Login credentials don’t carry over into new private tabs — and you can see the munged report right away without logging out first (but it has to be in a private tab) In the following link, there are several ways explained on how to accomplish this with ie, Firefox, and chrome as well as other methods with the aforementioned browsers: https://www.howtogeek.com/126621/how-to-log-into-multiple-accounts-on-the-same-website-at-once/
  7. gnarlymarley

    obscuring personal IDs in reports

    hank, it is a good idea to make sure it was munged before sending the reports to the admins. (The admins that "could be" the actual spammers.)
  8. Hanco

    New botnet spamming

    I’ve noticed that when I get the emails for home warranties, incredible nerve problem cures, weight loss keto miracle, loans etc., then I don’t get Ulrika’s pouting pic and how delicious her friends want to be to me. When I do get the dating emails, the others are very few and far between or non-existent. Suggests to me it’s the same group of crazy criminals. Edit: Seems like the end of the daily deal junk phase approaches. So probably it is the same group. I do wonder if the “Instant Translator” device they emailed me several times about this weekend would be useful for a date with the hot Asian beauty I’ll hear about in the next week or so...
  9. I don't know, but as of late, I submit spams (to seekrit.email@spamcop.com) but only occasionally am able to submit the spam. the others are lost in limbo... maybe that has to do with the green spikes?
  10. Lking

    forum url have changed

    The issue is two different but related problems. As you may have noticed there is a difference between the base domain, "SpamCop.net" and the SUB domain "forum.spamcop.net' SpamCop.net is perhaps the more stable of the two. However, when SpamCop was bough by Cisco maintenance of the user interface became a lower priority. In fairness, before the change in ownership there were issues with dead links to the forum were creeping into SpamCop.net (as I remember). The forum is a somewhat different issue of evolution. The forum has always been a user volunteer supported operation. Volunteers have had varying degrees of access, control and time given to the forum. With the changing "personal" several initiatives to improve/structure the wealth of information and history in the forum have been started and abandoned. Add to this the need to change the underlying software forum software and database has resulted in an uncounted number of broken links. All a sad but true result of an irregularly maintained system that is +40(?) years old.
  11. Hello, Nothing very important. The link reported on this page inside the text "please Post it to the forum and we will be happy to add it to this FAQ" is dead. Updating it to the new forum url would be a good idea ! BTW, I want to thank a lot for your help against spammers that I feel more efficient than "signal spam", a dedicated governmental system in France, suspected very ineffective.
  12. Has this happened before? Look at that green “spam submitted” line in the screenshot I attached. Normally spam submitted leads to a higher volume of reports. October though? We see a significant amount of spam reported with reports not sent. If my experience is anything to go by, there was a major increase from one group of spammers (phishing activity actually, but not the overt fake Apple sites, Amazon, Walmart, Netflix etc login pages) And it was mostly email coming from Amazon IP addressees, which I always see SpamCop track but not send reports. Instead, I send the reports directly myself. But is that what this month’s driver was? The group behind these daily deals of loan offers, warranty offers, cures for bizarre conditions etc.? They seemed to be quiet, then boom, daily 12-25 emails. Mostly sites with domain names from Namecheap (they said to someone in response to a domain abuse report, that they have a “huge volume” of support requests at the moment) It seems like volume is down now (or the jerks behind the flow do not work weekends) and Amazon are “caught up” on the backlog of reports. Maybe the green line will go back below the blue...
  13. That’s the problem 😔 Theres no way in iOS, either in the native Apple email app, nor in the iOS Outlook app, that I know of, to: 1) Forward an email as an attachment on a new email 2) To View the email headers/plain text To achieve the capability to report email to SpamCop from an iPhone or iPad, a third party email client is needed because Apple and Microsoft Outlook are not the answer, as far as I can see. Look at AltaMail for one possible solution. Not sure about the attach to email, but it allows viewing of the email headers and plain text. No longer free I think, but has interesting features. Please come back and let us know how you get on Michael. You won’t be the only one who has this question over time!
  14. You must have your mail-host configured correctly Check you are not reporting yourself in a manual test. Do not proceed unless the spam report appears to work correctly (does not identify your own service provider as the spam source). Then "Forward as Attachment" the spam to your 'submit' SpamCop address Don't use my mobile for email so work it out yourself
  15. Hello, I wonder if you could help regarding this issue. I report spam mails using the "normal" reporting features provided by www.SpamCop.net via my Windows 10 notebook. To do so I extract mail-header and mail-body using Microsoft Outlook and paste the information in the respective fields on the SpamCop reporting page. But I do not have access to Windows and Outlook all the time. I would like to use the SpamCop reporting feature from my iPhone and iPad respectively, but found no way so far to do so. Besides the iOS Mail-services I use in parallel Outlook for iOS, but there is no way (at least I do not know any) to forward a spam-Mail as attachment to my SpamCop-Mail-Account (submit.xxxxxxx@spam.spamcop.net) to get it processed. Could someone please "open my eyes" and provide me with an instruction (or refer to solutions I did not find yet) about how to make possible what I tried to describe? Thanks in advance. Best regards, Michael (from Hamburg, Germany)
  16. Earlier
  17. thanks for the tip on the mail host config. Hotmail seems to work after the first spam i submitted (lets hope they keep working). It did ask me to do all of my email addresses, but the netzero one wouldn't work at all. I resubmitted it via email. Hopefully someone else can figure it out. Also I have a ton of gmail accounts, is one gmail mail host config file adequate or do I really need to do each and every one of them?
  18. looks like their IPv4 peer is AS 31343 ( Intertelecom Ltd ) (got it from your dnslytics link ) It seems that Intertelecom is the only peer Romanenko has, so it is likely that he is their customer... maybe they don't know what's going on in their "backyard/neighbourhood" and then again, maybe they do and the money they get is good enough for them...
  19. Ok, it seems that that guy is the same as OOO-Patent-Media etc. and their company Romanenko Stanislav Sergeevich are hosting those spamsite https://dnslytics.com/bgp/as47981 So vvsg180@gmail.com is their and also hawk@diamondc.ru and stell_hawk@mail.ru So it is impossible to stop that spam, if SPAMCOP report to them. Just like i was guessing in my first post. Spamcop report directly to spammer itself. If someone could find who is host behind of their IP range 92.63.192.0-92.63.192.255, then the report could send directly to that ISP.
  20. petzl

    hetzner.de spam source

    Best way to communicate abuse to German providers is to forward as attachment to their abuse address from your account that is being spammed
  21. Hanco

    hetzner.de spam source

    Yes, because.de is a country with very strict privacy rules. Hence they asked a couple of times what they could tell their criminally malicious “customer” about my complaint (before kicking them off their network anyway... and into a Lithuania outfit which seems to have a Russian based parent or at least very similar named company which is now host of most of the targets of the spam in the last 36 hours))
  22. gnarlymarley

    IP being used, but not in whois

    Thanks, good to know. Yeah, it was picked up by Media Land as an be seen in BGP tables, https://bgp.he.net/AS206728#_prefixes out of Russia. I had contacted RIPE and all I got is Media Land is what I currently know about it. My contact at RIPE seems to think 185.254.121.0/24 has never been allocated to any organization (which leads me to believe they are only looking at what I can see and their front end support is not very helpful.) Hello, Thank you for coming back to us. The AS206728 belongs to MEDIALAND. However the range is not allocated. https://apps.db.ripe.net/db-web-ui/#/query?searchtext=AS206728 So they are announcing a network with a range which is unassigned from their own servers. Hope to have informed you sufficiently at this stage. Kind Regards,
  23. AJR

    IP being used, but not in whois

    I see the same in the whois records - whois.iana.org says that RIPE is authoritative for the 185.0.0.0/8 IP address range, so ARIN is correct in referring to RIPE. The RIPE whois records have plenty of allocations in that block, but there's a hole spanning 185.254.120.0-185.254.123.254 which RIPE lists with the referral back to IANA (i.e. their "we're not the RIR for those addresses" response.) RIPE publish a daily report of what IP address ranges they're allocated (no contact details shown, just the address ranges, allocation date, and country of the registrant) at ftp://ftp.ripe.net/ripe/stats/, and the entry for these disappeared on 26 September: delegated-ripencc-20190925: ripencc|DE|ipv4|185.254.112.0|1024|20180410|allocated ripencc|AL|ipv4|185.254.116.0|1024|20180410|allocated ripencc|LT|ipv4|185.254.120.0|1024|20180410|allocated ripencc|DE|ipv4|185.254.124.0|1024|20180410|allocated ripencc|DK|ipv4|185.254.128.0|1024|20180410|allocated delegated-ripencc-20190926: ripencc|DE|ipv4|185.254.112.0|1024|20180410|allocated ripencc|AL|ipv4|185.254.116.0|1024|20180410|allocated ripencc|DE|ipv4|185.254.124.0|1024|20180410|allocated ripencc|DK|ipv4|185.254.128.0|1024|20180410|allocated I.e. on 25 September those addresses were listed as having been allocated to someone in Latvia on 10 April 2018, and become unallocated on the following day. There's no entry for these addresses in RIPE's published transfer records (https://www.ripe.net/manage-ips-and-asns/resource-transfers-and-mergers/transfer-statistics), TL;DR: so those addresses don't currently belong to anyone, and if, as they appear to be, the previous holder is still routing them then they are now squatting on those addresses.
  24. Hanco

    (Notes)?

    I see what you mean. Thanks
  25. petzl

    (Notes)?

    Gmail allow to report spam as Phishing which AWS support allow? Last link gives site blocked/fraud warning. Very probable all of amazon will be included https://crypto-marketnews.com/btcprofitnow/index_gm.html?affid=CellX_Globalmarkets&cxd=gm_35731_601854_w5hgt2biq780f4up1to2tafu&bta=35731&nci=5532&afp=w5hgt2biq780f4up1to2tafu
  26. gnarlymarley

    hetzner.de spam source

    A few ways to do this. One is traceroute. If they have a firewall, then this may not get you to their border servers. The other way is to use a looking glass, such as http://lg.he.net. I also use http://bgp.he.net to find the upstream AS number and then I can use it to find the peers. It appears that hetzner.de is much larger than I though as they have 216 peers. That would take way too much time to get their ISPs to chat with them about their spam hosting. It is interesting that all their networks all point to abuse[at]hetzner.de.
  27. Hanco

    (Notes)?

    What do we do to report “as phishing”? I’m not sure how to make the report as phishing. I’ve been using SpamCop for a lot of years - only in forum for a few though.
  28. Hanco

    hetzner.de spam source

    There is that. Yes. Do you mean, to Hetzner’s own ISP? How would we locate the provider? (Sorry for my ignorance)
  1. Load more activity
×