Gromit Posted November 14, 2004 Share Posted November 14, 2004 I've gotten like 20 of these over the past month of so: http://www.spamcop.net/sc?id=z691992361z71...d5a978351fc7abz I keep getting something to effect of "cannot <whatever> the site, yet when I click on it, I have no problem accessing it. They blocking you or something and not me? Link to comment Share on other sites More sharing options...
Wazoo Posted November 14, 2004 Share Posted November 14, 2004 Let;s make the assumption that you're talking about the Domain of axthemax.com .. whois -h whois.crsnic.net axthemax.com ... Redirecting to INNERWISE, INC. D/B/A ITSYOURDOMAIN.COM whois -h whois.itsyourdomain.com axthemax.com ... Domain: axthemax.com Registrant John Livingston na toms5454[at]yahoo.co.uk 21 Read Way harrisonburg, va 22801 US +1.1111114678 Record created on September 19, 2004 Record last updated on September 19, 2004 Record expires on September 19, 2005 Domain Name Servers: NS1.DNS25.COM NS1.STANDARDTECHS.COM Yep, tht crap looks like really good data ... Dig axthemax.com[at]ns1.dns25.com (222.134.66.53) ... Authoritative Answer Recursive queries supported by this server Query for axthemax.com type=255 class=1 axthemax.com SOA (Zone of Authority) Primary NS: ns1.dns25.com Responsible person: hostmaster[at]dns25.com serial:2004112102 refresh:3600s (60 minutes) retry:1200s (20 minutes) expire:21600s (6 hours) minimum-ttl:2400s (40 minutes) axthemax.com NS (Nameserver) ns1.dns25.com axthemax.com NS (Nameserver) ns2.dns25.com axthemax.com A (Address) 221.5.250.105 ns1.dns25.com A (Address) 222.134.66.53 ns2.dns25.com A (Address) 213.159.119.125 Dig axthemax.com[at]ns1.standardtechs.com (202.99.172.143) ... failed, couldn't connect to nameserver Dig axthemax.com[at]199.5.157.128 ... Non-authoritative answer Recursive queries supported by this server Query for axthemax.com type=255 class=1 axthemax.com NS (Nameserver) ns1.standardtechs.com axthemax.com NS (Nameserver) ns1.dns25.com axthemax.com NS (Nameserver) ns1.dns25.com axthemax.com NS (Nameserver) ns1.standardtechs.com ns1.dns25.com A (Address) 222.134.66.53 ns1.standardtechs.com A (Address) 202.99.172.143 Some possible issues there ... http://www.spamcop.net/spamgraph.shtml?spamstats shows a max messages of 6.9 messages per second ..... think about it ... server is accepting new spam, analyzing it for content & structure, extracting data from that spam, doing external look-ups on those certain data bits (and having to wait for responses from all those externl resources) then taking those results, crunching them a bit more, then generating a parse report output page to offer up for user agreement, then generating an e-mail to go out to each of the selected targets .... Some of those outside resources have time limits imposed on them so as not to tie up the SpamCop servers inot a mode of doing nothing but waiting, waiting, and more waiting. So although there have been some that went to the work to block a SpamCop query, the more likely is that the parser request for DNS info simply timed out ... whereas you doing this lookup on your system that has a much longer delay built-in, seems to work just fine. For example of what's being discussed, note the major differences in time in the following trace-route request to this IP .. 11/14/04 03:59:36 Slow traceroute axthemax.com Trace axthemax.com (221.5.250.105) ... 144.232.8.218 RTT: 28ms TTL:208 (sl-bb20-chi-4-0.sprintlink.net ok) 144.232.26.113 RTT: 28ms TTL:208 (sl-bb25-chi-8-0.sprintlink.net ok) 144.232.9.26 RTT: 52ms TTL:208 (sl-bb23-fw-10-3.sprintlink.net ok) 144.232.18.242 RTT: 77ms TTL:208 (sl-bb20-ana-8-0.sprintlink.net ok) 144.232.1.46 RTT: 76ms TTL:208 (sl-gw23-ana-9-0.sprintlink.net ok) 160.81.244.170 RTT: 264ms TTL:208 (sl-chinnet-4-0.sprintlink.net ok) 219.158.3.13 RTT: 260ms TTL:208 (No rDNS) 219.158.5.10 RTT: 387ms TTL:208 (No rDNS) 219.158.4.38 RTT: 409ms TTL:208 (No rDNS) * 219.158.10.30 RTT: 324ms TTL:208 (No rDNS) 221.5.254.106 RTT: 432ms TTL:208 (No rDNS) 221.5.254.1 RTT: 431ms TTL:208 (No rDNS) 221.5.254.30 RTT: 443ms TTL:208 (No rDNS) 221.5.248.219 RTT: 428ms TTL:208 (No rDNS) 221.5.250.105 RTT: 436ms TTL: 47 (axthemax.com ok) That in excess of 400milli-seconds is more than likely the kill-point situation. It has been suggested that sometimes "refreshing" the page (on a paste-your-spam-in-here resulting output) can get some of these to "clear" up, appearing that at the first parse, the query timed out as far as the parser was concerned ... but the query eventually got a response and was then cached .. such that the page refresh then causes the result to be "found" .... If you're doing an e-mail submittal, it's hard telling if this works or not ... Link to comment Share on other sites More sharing options...
petzl Posted November 14, 2004 Share Posted November 14, 2004 I've gotten like 20 of these over the past month of so: http://www.spamcop.net/sc?id=z691992361z71...d5a978351fc7abz I keep getting something to effect of "cannot <whatever> the site, yet when I click on it, I have no problem accessing it. They blocking you or something and not me? 20147[/snapback] http://axthemax.com/promo.php?id=1 If you think it will help report the website to abuse<AT>cnc-noc.net Sometimes spamcop misses a beat or two so if you have the motivation feel free to step in Even better go to the website and see if there are links to other sites report them also Link to comment Share on other sites More sharing options...
Gromit Posted November 15, 2004 Author Share Posted November 15, 2004 I know it skips stuff, I was wondering why. How does it miss the stuff? So, you're suggesting I run the info on the site itself and then send a personal email to the abuse address? I realize reporting to most China/Brazil/Korea sites is a waste of time, and wouldn't it just give them a live spam target? Or is there a way to report it ala SpamCop to hide my ident? I'm...I'm so confused... < flail > BTW, you guys are great. Link to comment Share on other sites More sharing options...
Wazoo Posted November 15, 2004 Share Posted November 15, 2004 I know it skips stuff, I was wondering why. How does it miss the stuff? I offered the most likely situation, but will asuume your eyes had glazed over before you saw that ..??? So, you're suggesting I run the info on the site itself and then send a personal email to the abuse address? I realize reporting to most China/Brazil/Korea sites is a waste of time, and wouldn't it just give them a live spam target? Or is there a way to report it ala SpamCop to hide my ident? This has been covered a number of times, just in the last week. You could read through other Topics in here to see some of these other discussions. If you've a paid account, you can add these additional addresses to your outgoing reports. If a free-account reporter, then yes, you can write up your own complaint and send it yourself. On one hand, one would like to think that the complaints are going to an ISP that will take some action to stop the spew. As you state, some ISPs are simply a lost cause, so make your own call on whether to send a complaint. As to the question of "identity" ... first of all, somebody already has your address, as you received the spam. There are e-mail accounts / hosts out there that you can generate an e-mail address to send the complaints out ... if they start receiving spam, you kill em off and generate new accounts. (But also noting that some ISPs desire that a spam complaint include the entire / actual spam.) If your eyes are glazing over yet again, I'll just repeat, take the time to read through other people's tales of woe and the responses they get ... sooner or later, the light will go on and things will make sense. I'm...I'm so confused... < flail > BTW, you guys are great. Heck yes, thanks to all that spend the time in here, especially those that jump in and offer their help ... much appreciated. Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted November 15, 2004 Share Posted November 15, 2004 Or is there a way to report it ala SpamCop to hide my ident? No, you can't use SpamCop against web sites you find on your own. Altering spam is definitely not allowed, which means you can't add web URLs so that SpamCop will "find" them and report them. - Don - Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.