Code Included In Spam Messages

[Bob]

I am a user of the reporting service. Recently, the majority of the spam I receive has arrived containing "=7utf-8?q?" embedded in one or more of the From, To or Subject content.

Is this code an identifier that correlates to my email address? If so, should it be removed before reporting (since I assume the ISP's can and some do forward the reports directly to the senders)?

Also, a different but similar question. If I receive spam that correctly displays both my username (or name) and the email address, Spamcop removes the address but not the username (or name), particularly if the username (or name) is in parentheses. For example, ["Joe Smith" <joe[at]aol.com>] seems to be reported as ["Joe Smith" <x>]. In such a case, should the username (or name) be deleted before reporting?

I would appreciate any insight you can provide. Thanks.

[Wazoo]

As seen elsewhere in the Forum, a "good" answer would be based on a specific example as would be seen if you'd provide a Tracking URL of one your "problematic" spams.

Your first query about "code" could be nothing more than a different character set, it might be Base-64 encoded, it might be something else .... again, seeing an example would allow for a "correct" acnswer ...

Your second one is a bit of a mix .... FAQ / rules state that one shall make no material changes that would cause the parser to "find" something that it wouldn't have found on its own .... However, in the same FAQ (having to guess you haven't bothered to look it up) also does state that removing instances of personal data may be allowable.

The problem is that you are asking for a blanket statement/approval on something not seen ....

[Bob]

Thnaks for the reply. I had read the FAQ and assumed that replacing a valid name or username with <x> was acceptable. I will post header information from the next pertinent message I receive (with any vaid email address replaced by <x>) for you to look over.

[Wazoo]

A Tracking URL is a lot easier and more definitive.

[Jeff G.]

UTF-8 is a transformation format - please don't worry about disclosing it. Thanks!

Reference: Internet Standard 63, RFC 3629 (UTF-8, a transformation format of ISO 10646)

[Bob]

Jeff G:

Thank you -- I'll disregard the "=7utf-8?q?" concerns when reporting.

Regarding Wazoo's FAQ response above, can I assume that replacing my valid name with <x> in the TO information before reporting will not cause any problems with the parser? I.e., changing {"Joe Smith" <jsmith[at]aol.com] to {<x> <jsmith[at]aol.com>]. It seems to me that not doing so, and having the reports sent containing {"Joe Smith" <x>] could still validate the name (and possibly the associated email address) to the spammer. Please advise -- thanks.

Bob

[StevenUnderwood]

I believe that is permittable. THe only problem I could see is do not send reports to any sites requesting unmunged data (which you probably already avoid if your worried about it).

I do not munge ANY data on my reports and have had no problems to this point (getting close to my 2nd anniversary submitting through spamcop now). Some lists dissappear but others are constantly finding me so my traffic has not been affected compared to other accounts I have.

[Wazoo]

In general, the To: address is usually munged by the parsing/reporting engine. Try hitting the Preview button on a parse result page and look to see what actually does go out.

Way back when, yes there were spammers that ttok the time to develop their list of names/addresses. Yes, it probably wasn't that hard back then to track down the lowlife that reported said spammer. These days, it's pretty much given that the topp 100+ spammers don't waste their time .. email address lists are developed on the fly ... relays/proxies/compromised machines used to send the spew, so any responses (be it non-delivery, bounces, rejections, etc.) at the time of spew aren't even noticed ...

Years ago, retribution from a spamked spammer did happen (I can vouch for that personally) .. but these days, about the closest thing you can find is that your address ends up being forged into spam spew as being the sender ... and I can tell you that this happens to folks that know nothing about reporting spam as it does to those that do report ... just a luck-of-the-draw thing .. back to that addresses created on the fly situation, or yes, maybe from a list someone other idiot compiled and sold to the new-wanna-be-rich idiot.

The major point it that the spammer already has your address .. else you'd have not received the spam in the first place ...

[Bob]

Steven & Wazoo:

It seems as though both of my concerns were probably unfounded. I'll go the straight unmunged route and not worry about validating the address by doing so.

Thanks to all for your feedback & advice.

Bob

[showker]

I keep getting these spams that are totally unreadable,

composed of odd strings of characters and symbols

which look like some kind of encoding or foreign language.

There are dozens of them.

spam Cop gets them all but a few, which are ALWAYS

in the inbox.

Generally they don't contain anything but more weird code,

sometimes nothing at all -- message area is empty.

What are they? Chinese Terrorists? Virus? What?

How do I prevent them - block them, or filter them?

Thanks

Fred

[Jeff G.]

Would you care to post a Tracking URL for one or more of them? Thanks!

[turetzsr]

...And Wazoo, please consider moving this from "SpamCop Email Setup" to "Email," since it seems to have nothing to do with Email setup. TY.

[Wazoo]

I figure this Topic is about as good as any, especially with no sample to look at. So going with the probable alternate / foreign text code-set being inovolved ...????

Poster again advised of the move/merge via PM ....