All Activity

This stream auto-updates   

  1. Past hour

  2. KnujOn

    gmacar replied to petzl's topic in SpamCop Lounge

    Is KnujOn still working? This is what I read in my page: Report Index for [myusername] updated Wed Mar 29 12:20:15 EDT 2017 I have been uploading spam every day, so I suppose they haven't processed any emails for four months. If the website is not working anymore, I will stop uploading stuff. Any news?
  3. gmacar started following KnujOn
  4. gmacar joined the community
  5. Today

  6. .2 month still the same mail.

    lisati replied to kolor's topic in SpamCop Reporting Help

    You need to copy the COMPLETE email, body and all, into the submission form, otherwise the SpamCop parser is likely to complain. By the way, what's with the blank quotes that cluttering up your post? It makes me wonder if you're yanking our chains.
  7. jessicamunz joined the community
  8. Ligherva joined the community
  9. Abuse contact for '185.204.180.0 - 185.204.183.255' is 'fcpiran[at]gmail.com'
  10. Appeapp joined the community
  11. Thallywarr joined the community
  12. yimiwi joined the community
  13. dndersjuri joined the community
  14. Lretniod joined the community
  15. Hacsmock joined the community
  16. kaitlynstott joined the community

  17. .2 month still the same mail.

    kolor replied to kolor's topic in SpamCop Reporting Help

    I only copy my header in Gmail and put all for report window.Nothing more .But still received back this information.I do normal procedure .
  18. Abuse contact for '46.36.112.0 - 46.36.119.255' is 'tech[at]piroozonline.net'
  19. Last week

  20. tinyurl parsing

    shentino posted a topic in New Feature Request

    I've been reporting a lot of spam lately that uses sites like bit.ly and tinyurl.com to obfuscate links. I think it would be a good idea for spamcop to keep a list of such "url shortening services" and (automatically or on request by the reporter) dereference them into the links they point to.

  21. Nobody home at LimeStoneNetworks

    Wrong Planet replied to Wrong Planet's topic in SpamCop Reporting Help

    Well, the vacation from LimeStone Networks was nice but it looks like they're cranking back up again. The past two days I've been getting their spam. I'm not sure if this is possible but I'd like to create my own personal RBL and just delete the messages automatically in Outlook. If I don't see them then I won't get irritated (I hope). https://www.spamcop.net/mcgi?action=gettrack&reportid=6682094190
  22. The domains have been around a while. However, the machines are strictly internal so they will never be seen in the external DNS view. I don't have anything for lereta.com in Mailhost right now. First time I attempted to register this new configuration I tried deleting the existing config and retrying. I will try to get each host in turn to act as a final destination for my address. ETA: There is an incomplete configuration in Mailhost but, so far, I've been unable to "Resolve incomplete mail host configuration".
  23. Was the subdomain newly created and the DNS not had time to distribute the new IP? "IP not found ; scapp02.lereta.net discarded as fake." Not knowing what you currently have configured in Mailhost it is hard to say. However, the last line in above is the key. Start with a path through your mail servers that is only one step added to what you currently have configured, moving out from there.
  24. scarville started following Proofpoint agents and Spamcop
  25. We recently added multiple agents for the Proofpoint system and I am unable to register the new configuration as a mailhost: ------------------------------------------------- Host scapp02.lereta.net (checking ip) IP not found ; scapp02.lereta.net discarded as fake. Sorry, SpamCop has encountered errors: The email sample you submitted for scarville@lereta.com appears to traverse more than one domain. Please ensure that you configure each mailhost individually and in order. Proceed here: <https://www.spamcop.net/mcgi?mhc2=ikZ6h9TJW2NhNjki> ------------------------------------------------- These are the headers from the account configuration email. Received: from mail.lereta.com [10.212.170.192] by scafs02-lnx.lereta.com with POP3 (fetchmail-6.3.17) for <stephen@localhost> (single-drop); Mon, 17 Jul 2017 09:54:22 -0700 (PDT) Received: from scaxc06.lereta.net (10.212.170.70) by scaxc05.lereta.net (10.212.170.139) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Mailbox Transport; Mon, 17 Jul 2017 09:51:58 -0700 Received: from SCAXC03.lereta.net (10.212.170.223) by scaxc06.lereta.net (10.212.170.70) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Mon, 17 Jul 2017 09:52:52 -0700 Received: from scapp02.lereta.net (10.212.165.125) by SCAXC03.lereta.net (10.212.170.223) with Microsoft SMTP Server id 15.0.1236.3 via Frontend Transport; Mon, 17 Jul 2017 09:52:53 -0700 Received: from pps.filterd (scapp02.lereta.net [127.0.0.1]) by scapp02.lereta.net (8.16.0.17/8.16.0.17) with SMTP id v6HGkjgh007366 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from mx02.lereta.com ([198.204.112.74]) by scapp02.lereta.net with ESMTP id 2bqh180f40-1 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from prod-sc-www02.spamcop.net (vmx.spamcop.net [184.94.240.112]) by mx02.lereta.com (Postfix) with SMTP id AB2266000F for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 (PDT) X-SpamCop-Conf: ikZ6h9TJW2NhNjki Received: from [204.45.182.99] by spamcop.net with HTTP; Mon, 17 Jul 2017 16:52:52 GMT From: SpamCop robot <mhconf.ikZ6h9TJW2NhNjki@cmds.spamcop.net> To: <scarville@lereta.com> Subject: [SpamCop] account configuration email Precedence: list Message-ID: <wh596ceb64g6a4d@msgid.spamcop.net> Date: Mon, 17 Jul 2017 16:52:52 +0000 X-Mailer: https://www.spamcop.net/ v4.8.6 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-07-17_13:,, signatures=0 X-Proofpoint-spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707170269 Return-Path: service@admin.spamcop.net Content-Type: text/plain X-MS-Exchange-Organization-Network-Message-Id: d90a198d-4e20-4e2f-235c-08d4cd344410 X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 X-MS-Exchange-Organization-AuthSource: SCAXC03.lereta.net X-MS-Exchange-Organization-AuthAs: Anonymous MIME-Version: 1.0 Another wrinkle is that the intermediate hop could also be scapp03.lereta.net. Any way I can fix this?

  26. .2 month still the same mail.

    lisati replied to kolor's topic in SpamCop Reporting Help

    Do you use the "forward as attachment" (or equivalent) option of your email software/webmail?
  27. Earlier

  28. .2 month still the same mail.

    kolor replied to kolor's topic in SpamCop Reporting Help

    OK but when I submit spam header.All time I see header and body.I just copy all and put for spamcop .Spamcop send it .This is all what I do .

  29. Munging My Address In Body of Email

    emanmb replied to emanmb's topic in SpamCop Reporting Help

    Aha! Yes I remember seeing that somewhere. No I do not have reports sent to me and will try it just to see. This is where I added my address to do this in the preferences. Thanks!

  30. Munging My Address In Body of Email

    Lking replied to emanmb's topic in SpamCop Reporting Help

    We assume you have set/checked your reporting preferences. Have you sent yourself a copy of a spam report? As noted elsewhere what you see looking at a report id or Tracking URL is not the same as the report that is actually sent.
  31. alvarnell started following Munging My Address In Body of Email
  32. In several brands of spam I get, my email address is also in the subject and/or in the body of the spam, either built into links or more frequently, "Dear emanmb@_______". Now I realize that changing any part of the spam being reported to SC is frowned upon, but in such cases, what else can I do to remain anonymous except to delete my email from wherever it appears in the report? A sample of the html incorporating my email in their link is below. <html> <head> <title></title> </head> <body> <a href="http://w0yoorncgn.cu.cc/7viV3yWAetrXvFFdyiMU/emanmb@--------"> <h2>Get $5730 deposited in your account to go back to school.</h2> <img src="http://w0yoorncgn.cu.cc/img/picture12.jpg/emanmb@---------" usemap="#edu" alt="Click here to Apply Now" /> </a> <map name="edu" id="edu"> <area alt="" title="" href="http://w0yoorncgn.cu.cc/7viV3yWAetrXvFFdyiMU/emanmb@---------" shape="default"/> </map> <br><br><br><br><br> </a> <a href="http://www.w0yoorncgn.cu.cc/1a8bb1a7bf24c6016ceaaa727a_92ba6759-01010101e4c5/C/">To Unsubscribe Click Here</a> <h5>To enable all links in this message (including unsubscribe link), please click Not spam on a toolbar</h5> </body> </html>
  33. emanmb started following Munging My Address In Body of Email
  34. Yes lisati, the Spamcop website rejects me when I try to login through Acrobat and I cannot therefore do what I can through the Telnet Communications website, that is create and append as I drill down the site. For whatever it's worth Spamcop does allow drilling and appending as you go, it does not with the "secure" side. That is what I am requesting be changed.
  35. The point of registering "mailhosts" on your spamcop reporting account is to help Spamcop distinguish between your email provider and the other providers which may (or may not) be the true source of unwanted email. There's very little point in reports being sent your provider, or adding their details to the "spam source database" when their only role was to deliver it to your inbox or junk folder. As I understand it, the role Spamcop plays in the mix is to try to identify the true source of unwanted email, and build a database of known spam sources. They make this available via the Spamcop Blocing list. Any reports it sends to providers is a bonus, and any problems that fixed as a result is a double bonus. It is freely available for email providers to use as part of their spam filtering processes. The "report spam" button that some providers have as part of their webmail service is usually more limited in its scope, and usually only helps that particular provider tune its spam filters.

  36. .2 month still the same mail.

    Lking replied to kolor's topic in SpamCop Reporting Help

    Because nothing has changed. If you look at the bottom of the example you provide inline, again, you will see there is no body to the email only the header.

  37. .2 month still the same mail.

    kolor replied to kolor's topic in SpamCop Reporting Help

    Hi may someone explain my why I still receive this email .2 month still the same mail. ########################## SpamCop AutoResponder do mnie SpamCop encountered errors while saving spam for processing: SpamCop could not find your spam message in this email: Return-Path: <return@wemailfast.com> Received: from vmx.spamcop.net (prod-sc-smtp8.sv4.ironport.com [10.8.129.218]) by prod-sc-app004.sv4.ironport.com (Postfix) with ESMTP id 69FEC123002 for <submit.75S8g29jjzxyqJKv@spam.spamcop.net>; Thu, 13 Jul 2017 08:45:35 -0700 (PDT) Authentication-Results: vmx.spamcop.net; dkim=pass (signature verified) header.i=abuse@wemailfast.com X-IronPort-AV: E=McAfee;i="5700,7163,8589"; a="1114885135" X-IronPort-AV: E=Sophos;i="5.40,354,1496127600"; d="scan'208,217";a="1114885135" Received: from mail4.wemailfast.com ([173.214.162.225]) by vmx.spamcop.net with ESMTP; 13 Jul 2017 08:45:36 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=wemailfast.com; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; i=abuse@wemailfast.com; bh=wx59JrQhT11kSHl8T57baWjRLTU=; b=MAzG1uURakb6kOdMCyk/PekJeq+/Kh8bTQqEDYsYtJNxL3qLc9iiDaAFRagXE47zj6FkLTjNnEz7 76w4kHlCyPhyNvGIeBkQUggbu/SA0EaobYL9vL/GazzBdreaCCOx8yDgyiV5AqPV3RnDuG/38P8k 9P553wpV9HTGPS6XtGQ= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=wemailfast.com; b=ztBmicQkK5WStMEzXJ2Ri25ZbGamHuIwPeVrXIuXnmyFo5Ttx0BCVovS/NvmtclucWSDpyTplAL4 BPdsm2g96IX+COh3/10MM4SRotcfFkvb+NvpLZXrPEfZKBQRvY4yytiKSg8nUoV8IQiIkZnZHcJj MAApmYu3JXqGtdIakS0=; To: submit.75S8g29jjzxyqJKv@spam.spamcop.net Subject: BitcoFuture Quickest 12x1 Straitline Matrix ever... Message-ID: <c5b357aa6f6deff0c205bb4eaf77a49c@wemailfast.com> Date: Thu, 13 Jul 2017 10:52:14 -0300 From: "Robert Schmitt" <robert@wemailfast.com> Reply-To: robert@wemailfast.com MIME-Version: 1.0 X-Mailer-LID: 3 List-Unsubscribe: <http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18> X-Mailer-RecptId: 129243 X-Mailer-SID: 18 X-Mailer-Sent-By: 2 Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_144fd3bb622545f00c3e8fe0c53b5524" Content-Transfer-Encoding: 8bit --b1_144fd3bb622545f00c3e8fe0c53b5524 Content-Type: text/plain; format=flowed; charset="UTF-8" Content-Transfer-Encoding: 8bit Hi Friends, Just Launched...is quick and easy This is a Quick and Simple, entry fee 0.01 12x1 = 12 Referrals and earn 0.10 is about $235.00 Friends and Strangers Helping each other That's it! So simple! Don't miss out now http://wemailfast.com/turbo/link.php?M=129243&N=18&L=3&F=T Cheers Robert Your email client cannot read this email. To view it online, please go here: http://wemailfast.com/turbo/display.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&S=18&L=3&N=4 To stop receiving these emails:http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18 --b1_144fd3bb622545f00c3e8fe0c53b5524 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: 8bit <html> <head> </head> <body> Hi Friends,<br /><br />Just Launched... is quick and easy<br /><br />This is a Quick and Simple, entry fee 0.01<br />&nbsp;<br />12x1 = 12 Referrals and earn 0.10 is about $235.00<br /><br />Friends and Strangers Helping each other<br /><br />That's it! So simple!<br /><br />Don't miss out now<br /><br /><a href="http://wemailfast.com/turbo/link.php?M=129243&N=18&L=4&F=H" title="bitcofuture">is worth looking at</a><br /><br />Cheers Robert<br /><br /><br /><br /><a href="Unsubscribe" nh-safe-redirect data-saferedirecturl="https://zasobygwp.pl/redirect?sig=cd2410bd4ca7594ce72c5dc9dd967e414b34e7db05e685dbbbc6dc0b0dca3a60&url=aHR0cDovL3dlbWFpbGZhc3QuY29tL3R1cmJvL3Vuc3Vic2NyaWJlLnBocD9NPTEyOTI0MyZDPWYyZDI0NTBlZjBiNTc2MzE0YjFiZDJlZmRjYTAzZGFhJkw9MyZOPTE4Ij5VbnN1YnNjcmliZQ==" target="_blank">http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18">Unsubscribe me from this list</a> <img src="http://wemailfast.com/turbo/open.php?M=129243&L=3&N=18&F=H&image=.jpg" height="1" width="10"></body> </html> --b1_144fd3bb622545f00c3e8fe0c53b5524-- The email which triggered this auto-response had the following headers: Return-Path: <return@wemailfast.com> Received: from vmx.spamcop.net (prod-sc-smtp8.sv4.ironport.com [10.8.129.218]) by prod-sc-app004.sv4.ironport.com (Postfix) with ESMTP id 69FEC123002 for <submit.75S8g29jjzxyqJKv@spam.spamcop.net>; Thu, 13 Jul 2017 08:45:35 -0700 (PDT) Authentication-Results: vmx.spamcop.net; dkim=pass (signature verified) header.i=abuse@wemailfast.com X-IronPort-AV: E=McAfee;i="5700,7163,8589"; a="1114885135" X-IronPort-AV: E=Sophos;i="5.40,354,1496127600"; d="scan'208,217";a="1114885135" Received: from mail4.wemailfast.com ([173.214.162.225]) by vmx.spamcop.net with ESMTP; 13 Jul 2017 08:45:36 -0700 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=default; d=wemailfast.com; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; i=abuse@wemailfast.com; bh=wx59JrQhT11kSHl8T57baWjRLTU=; b=MAzG1uURakb6kOdMCyk/PekJeq+/Kh8bTQqEDYsYtJNxL3qLc9iiDaAFRagXE47zj6FkLTjNnEz7 76w4kHlCyPhyNvGIeBkQUggbu/SA0EaobYL9vL/GazzBdreaCCOx8yDgyiV5AqPV3RnDuG/38P8k 9P553wpV9HTGPS6XtGQ= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=default; d=wemailfast.com; b=ztBmicQkK5WStMEzXJ2Ri25ZbGamHuIwPeVrXIuXnmyFo5Ttx0BCVovS/NvmtclucWSDpyTplAL4 BPdsm2g96IX+COh3/10MM4SRotcfFkvb+NvpLZXrPEfZKBQRvY4yytiKSg8nUoV8IQiIkZnZHcJj MAApmYu3JXqGtdIakS0=; To: submit.XxXxXxXxXxXxXxXx@spam.spamcop.net Subject: BitcoFuture Quickest 12x1 Straitline Matrix ever... Message-ID: <c5b357aa6f6deff0c205bb4eaf77a49c@wemailfast.com> Date: Thu, 13 Jul 2017 10:52:14 -0300 From: "Robert Schmitt" <robert@wemailfast.com> Reply-To: robert@wemailfast.com MIME-Version: 1.0 X-Mailer-LID: 3 List-Unsubscribe: <http://wemailfast.com/turbo/unsubscribe.php?M=129243&C=f2d2450ef0b576314b1bd2efdca03daa&L=3&N=18> X-Mailer-RecptId: 129243 X-Mailer-SID: 18 X-Mailer-Sent-By: 2 Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_144fd3bb622545f00c3e8fe0c53b5524" Content-Transfer-Encoding: 8bit

  38. CloudFare Problems

    Lking replied to Jazzwineman's topic in SpamCop Lounge

    It has been noted before that sometimes the ISP is more focused on the bottom-line that on being a good member of the internet community. In those cases your solution maybe an only recourse. Reporting them to SC does help those that use the SCBL.
  39. billcole started following Abuse contact for '195.208.0.0 - 195.208.7.255' is 'ip-box[at]ripn.net'
  40. That seems stale, and the reporting system says "I refuse to bother ip-box[at]ripn.net" The RIPE reply to a whois query lists that address in a comment but the actual records include: abuse-mailbox: abuse@nic.ru

  41. CloudFare Problems

    gare replied to Jazzwineman's topic in SpamCop Lounge

    How can one "go after" cloudlfare? Being about as technically incompetent as one may be, the best I finally did was learn how to go into my cpanel and block the ip range of worst spam...I would much prefer having cloudlare just stop the emails. I filed two reports with them, they closed them out as they "do not have responsibility' for what does through them.... I also started reporting on abuseipb, but guess who hosts the site? I started getting errors when I tried to log into abuseipb. This is the little text blurb across the top of the page when it returns the error: This page (https://www.abuseipdb.com/) is currently offline. However, because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by Cloudflare | Hide this Alert
  42. gare started following CloudFare Problems
  43. Abuse contact for '45.120.184.0 - 45.120.187.255' is 'tousu[at]90qh.com'
  44. I refer to this image, copied from the first post in this thread:
  45. Thanks, lisati, got that. But what is the point of doing the mailhosting registration and all that? And I have another question - how do you deal with the increasing amount of spam that comes in with no headers? Getting to be more and more of that. Thanks.
  1. Load more activity