Like others, the growing tide of spam is getting more than old. I had stopped reporting to SpamCop a while back because I didn't get any sense it was doing any good.

But the spammers have recently started bugging the crud out of me again, and I started reporting again.

But I have to wonder, are we really having an effect on spammers? Or are we just pounding our heads against the wall?

All 4 of my ISPs filter my e-mail for spam and viruses and move it to a trash folder I cannot download on my machine. I still log into the webmail where I can sieve through spam and forward it to spamcop for reporting. It deffinitely makes a difference in my case. I also noted that for the most part the spam is already in SCBL by the time I report it. If anything it confirms that the spam-spew affects other reporters, not just me.

If you notice, another topic is about how ISPs are taking measures to stop spam from leaving their networks. Since reporting first began, there have been many changes on how whitehat internet ISPs, businesses, and newsletter publishers operate so that regular email can work and spam be stopped.

Eventually, people who want to use email for normal, polite use will have options to do so without dealing with spam in their inboxes. Blocklists may reject a lot of spam at the server level and there will still be the need for filtering after acceptance, because in spite of years of enforcement, Nigerian con letters are still mailed and so will those and other con emails be emailed probably no matter what is done to stop them.

It is already controllable for someone who is brandnew to the internet if they follow all the good practices.

The more people who realize that blocklists are the most effective way to handle spam, the quicker there will be an internet with good neighborhoods. Possibly even the bad neighborhoods will die a natural death after a while.

It is similar to working against pollution - particularly litter. Just picking up one's yard makes a difference. Picking up trash on a walk does too. Or you can 'adopt a highway' Or you can contribute to education on why litter is bad and how to prevent it. There are some places where litter is hardly noticeable and others where it is all you notice (and one doesn't have to go where it is noticeable).

Miss Betsy

It would be really nice to have some measure of feedback on how all the dozens of reports I send in each day actually produce some action. At times it seems they just go into a black hole.....

I have also noticed a gradual increase in the number of 'bounced' SPAMs over the last few weeks. Has anyone else noticed this, or is it just a coincidence? Are spammers getting even more devious?

If you are a paid reported, you can turn on an option to receive all replies rather than filtering out the robot ones. At least then you would know at least they made it to the ISP.

I have not seen many "bounced spams" so I have not seen an increase. Perhaps I have been lucky to stay off the From filed of their spams.

A lot of the larger ISPs do not send auto reports to spamcop reports so that's not a reliable indicator either.

'Bounces' like spam seem to go in waves for no particular reason.

The main purpose in reporting spam is to keep that IP address on the bl for as long as possible. Sometimes you may have a jump on someone else and put a spam over the limit. Again, it is more trouble than it is worth to check up on that.

Some open proxies or trojanized machines may be warned and actually be fixed.

But a lot of the satisfaction of spam reporting is feeling as though you are contributing. It is best to have fairly good filters so that on the days when you have other things to do, you can ignore the spam (and JHD for the whole folder).

The more people who know that there is something that can be done, the more effective reporting will be.


Miss Betsy

For all those out there who have never seen an ISP reply:



Here's one from a long time ago from abuse[at]online.cq.cn



Miss Betsy

I always report 419 scams manually as spamcop won't pick up on the inbody response address for instance and I find that, with some noticeable exceptions, I usually get a sensible response and occasionally a thank you from the abuse dept concerned.

With normal spam I just hope that my contributions help to keep the offending domains on the BL and if that's the case I'm happy to do it....

Given the amount of SPAM I report, I tend to not fill in the 'notes' box, especially the ones from China, Korea and S. America. The only time I do fill it in is to report attempted frauds, such as '419', Phishing and Lotto scams. Does anyone believe a report is taken more seriously if it is?

If anyone has a definitive answer to this, please let me know. I am wondering whether or not Spamcop is truly doing us any good. I ask this only because I personally still get overloaded with SPAM on a daily basis and I certainly notice that many of the emails are repeats of things I have already reported to Spamcop. This whole reporting process is extremely tiring. I wonder if I should continue to bother. I hope someone steps forward and tells me that they know unequivocally that our reports are taken seriously by the service providers to whom we send them and SPAM is no longer being sent from many of the places we have reported.

Why is it that we still receive SPAM from many of the same sources even after we have reported that SPAM.

Does anyone else feel that this whole thing might be a total waste of our time?

Please know that I am not trying to be critical. I am asking the questions because I don't know the answers. But I am also tired to spending so much of every day going through the reporting process. It never seems to let up.

Thanks

Trisha

It depends on the size of the ISP or backbone.

A provider like Sprint has millions of emailers hanging on their coat tails. If they shut down 1000 spammers a day, there's a 1001 right behind them.

So you'll continue to get spam through sprint no matter how diligent they are. As long as the spammers stay one step ahead and are prolific it's more akin to dampening the flames than extinguishing them.

It's like pulling weeds in your yard. For every one you pull two may sprout back but if you don't keep pulling you'll only have weeds.

Some ISP's are all weedy because they tolerate weeds.

And so there's no misunderstanding again, trisha506 was notified that this last post was merged into a previous Topic dealing with the same thoughts.

Thanks flagginator. You put that into very good perspective for me. I guess I'll just keep on weeding.

Please do Trisha, and please remember there is no better weed removal tool than SpamCop is.

Hello to everyone,
I am new to this forum and a paid member of SpamCop.
I have been reporting Spam now for over 6 months.
I have to question if SpamCop really helps reduce Spam.
It seems I am getting more Spam today then I was when I first signed up with SpamCop. I do not plan on renewing my subscription unless someone can tell me that it's all worth it. Reporting Spam does take time away from my day and I don't mind as long as I know that I am doing some good in the fight against Spam.

I have noticed that at least 70% of my Spam is coming from chinanet.net and it just keeps coming. Reporting it does not seem to stop. I get on an average of 150 to 200 Spam emails per week.
Can anyone out there in SpamCop land tell me if this is all worth the effort.
Thanks

Spike

Well I know there are thousands of email administrators that incorporate the Spamcop blocklist on their servers and appreciate your effort in reporting. So if you take that a little farther down the line that leaves countless users who appreciate what you are doing.

Spike143 post was merged into thus existing Topic. User PM'd with notice of movement.

Besides reporting, what are you doing to reduce the spam getting into your inbox?
To repeat, reporting alone will have absolutely no benefit in reducing the spam that you receive. It does help those who use the SpamCopBl. So the answer is YES it does help a lot to report spam. But if you want to experience the benifits of reporting you have to make use of filtering/blocking.

I submitted this thread because I am beginning to have doubts. I am a end user consumer as opposed to a commercial (business user), although many of the problems are mutual. I use several ISPs and mail accounts, although my primary one is a major sized general ISP.

I now spend at least an hour each day forwarding SPAM to SPAMCop, from several accounts I have been doing this for several months. I cannot discern any reduction in the amount of SPAM, even though I am unable to actually log the activity.

I do not know of a better alternative than SpamCop for a user like me, but I would be interested in others experiences. I suspect filtering is just a cosmetic, not reducing Internet traffic. Perhaps some combination of methods would improve my experience. I think Email is the greatest addition to human communication this century, but it seems to me that it is being perverted.

Objective evaluation of SPAM fighting results may be very difficult if not impossible to attain. I sure would like to hear about others efforts.
Thanks

Your experience is on the mark and shared by others including myself. Reporting spam to SC does not reduce spam, period. I do see fluctuations in spam amount but it eventually picks up at an even more aggressive rate. So I am falling in the same quandry as you myself. To what purpose am I reporting spams on a daily basis if none of my ISPs use the SC block list? Bottom line is that once your name (e-mail ID) has got on a spammer list it will perpetuate like a virus. The only solution is to drop that ID altogether, a solution that is not teneble for people like myself who use that ID for publication in the public domain.

Yours and my only hope is that at least some of our reporting results in correcting problems like hijacked machines by responsible ISPs. Unfortunately spammers also use ISPs that take no action in response to our reports. Those constitute the majority of spam I get after reporting diligently for one year.

So once again, reporting may help other people that use the lists to block spam. That knowledge may in the end be the the only satisfaction you may get from reporting.

Merged ressr's post into an exising discussion .. advised of move/merge via PM ...

Quick note, there are other third-party applications that can be used "at home" that also have the capability of using various BL's, to include SpamCop's ... Picking up, installing, and using one of those tools will also benefit from "your" feeding of the SpamCopDNSBL, which would in turn better your results ....

As dra007 has stated, unless you are using the SCBL, you are not going to see any direct benefit from reporting you spam.

Some people (like myself) started here just for the good of the fight. I still do so for my work account (reduced recently to only my personal account by workload) but changed over to a paid email account for my personal email, which allows me to see at most 2 spam/day in my inbox and eases my reporting of everything else.

I am also starting to use that account as my main email address as my current forwarding address has become too problematic.

Also, be careful when preparing to report spam that you are not triggering any of the html code in many of the spams. That code seems to be letting the spammers know which accounts are being viewed as easily as clicking the false remove me pages.

Please, only report what you have time for and I thank you for your submissions to date. They have helped keep some spam from my inbox.

If it is true that the benefit to others is the only one we can see, and I am not sure that is measurable, some of us sure are altruistic. My original post was Titled, "Are we winning? and I think the answer is becoming obvious. If our efforts improve the value of SCBL, then that is at least tangible, if commercial. If you are following the internet wide initiatives for the next generation of Email, that may be our only hope. I am discouraged.
RES

So we've reached the conclusion that reporting to SC doesn't stop spam. Congratulations, we can add that to the list of EVERY other method also. I guess you folks are sweating this because unlike inbox filters, reporting actually takes time and effort. Well here is a random thought.....
Even if some of you are not fortunate enough to be able to put blocklists in front of your accounts, you may be benefiting indirectly along with those of us that CAN use the blocklists.

See if this makes sense:

1. I put blocklists on my server and all my users get mail bounced from spammers because of the lists (and because of your hard work).
2. Considering all my users and all my spam, that's about 500 pieces of junk per day that are never seen (actually never even delivered).
3. Spammers exist because one in 10,000 people is a moron and actually responds to the spam.
4. That moron never sees the spam because I blocked it.
5. That blocking is done on thousands of servers all over the world.
6. The spammer doesn't make money because the blocklists are working. And they do work. Ask osirusoft.
7. Spammers decide it isn't worth their trouble, they quit spamming and die alone and impotent.

O.k. so it's a bit optimistic. But any good we do is better than nothing. Thank you folks.

I think some of the inbox filters can use blacklists too. Don't they? So although you wouldn't be able to stop them before they got to your server, you can at least keep them out of your inbox.

I rarely use the parser these days outside of examining other people's submittals for analysis. Even the benefit of having a free e-mail account thrown my way hasn't happened. My budget has never allowed the opportunity to purchase anything beyond the free-reporting status. Yet, here I am, all these years later, still volunteering my time.


You must pick your goals and define your terms. It's actually very apparent that the SpamCop tool-set does have some impact, based on all the work going on to try to circumvent the SpamCop parser. Years back, a spammer could make his/her meal-ticket with just a million e-mails .. now you see stories of needing to send out 10's of millions to get around all the filters, blocks, and such placed in the attempt to stop the spew.


Do you have a cite to explain that extra bit of comment?


"internet wide" ..???? surely you jest. There are a number of initiatives all over the place. Agreement, standardization, and "internet wide" adoption ..???? years away at best. SPF, Yshoo's Domain keys, Microsoft's plan to go with the open stuff, then trying to patent their version, putting a basic halt to that whole game plan ... and even with all that, there are still prople putting Exchange servers on-line every day and finding that even the latest software releases aren't secure .... Maybe you've been reading too many press releases of late?

Reporting spam potentially adds a spammer to the blacklist, which DOES reduce spam, and makes life less profitable for the spammer.

It's possible that you might report a spam, get an address blacklisted, and then see no more of the spam from that server. If it's a chronically blacklisted address it probably does no good, but if it's a compromised address or responsible provider you might help the adminstrator shut the spammer down. So yes, you might reduce spam by helping to kill a spam run.

As for the chronic abusers, my feeling is that it's going to catch up with them. No legitimate Chinese or Korean businessperson wants to send mail from a blacklisted address if he or she can help it.

You're not alone. Most of us here receive hundreds a day. In the last 6 months, I've received and reported 12,000 emails.


I haven't found one yet. SpamCop's BL is the largest out there and using SpamCop Mail allows you to use all the available BLs to filter out the spam.


You're right. The only way to slow/stop traffic is to stop it @ the source with the ISPs.

I think you need to see SC for what it is: A method of reporting spam, with hope/intention of stopping spammers from continuing. No program/website will stop spam, but by reporting them, you can help.

[FONT=Arial][SIZE=1][COLOR=red]
Has SpamCop actually done anything for anyone? I have been sending spam to these folks for over 2 months now and I still get between 10 and 20 per day. My average response time is 3 hours "Great" according to the SpamCop website. What is suppose to happen here or am I just sending my email out generating more spam? Is SpamCop Spam? Is all this a fraud to get personal information from me?

iceycool's post was Moved/Merged here (from the Help Forum) .. user advised via PM of this action

For the hosts that use the Spamcop blocklist your spam reporting helps a lot.

Impotent? What about all that unsold Viagra, not to mention all the sexy horsies!

ressr, there appears to be no original content in your Reply.

Well, there actually is .. I even thought about being nice and editing a bit to fix the quoting .. but realized that to make it read 'right' ... I'd actually have to go back and include more 'substance' from the (my) quoted response .. then reading closer, I actually am not sure I understood a couple of the 'responses' provided. So I left it as is ....

It seems like "we" are miles apart over the 'free' use of the SpamCopDNSBL and ressr's depiction of some commercial enterprise application ... and I still haven't figured out where that particular viewpoint has come from. And of course, that last remark .. hasn't everyone been looking for a better solution all these years? .. followed by the alternative view, if SpamCop was so sucky, why is so much time and effort expended by the spammers to try to get around it?

Does it work? I hope so. At least it keeps the #^% out of my inbox and allows me to sort it at my convenience, and then it does so en masse, rather than 1 at a time, the way it used to be before I paid up and subscribed. A great deal at double the cost!

While I still get a few spams that make it through my inbox, fewer are there. Those that make it get reported the old way... A few mails are also held that should go through - but hey, no one's perfect - and some of those domains they are sending through are almost blacklisted anyway (or so I hope)

So amid all the discouraged users, here's one who believes you do make a difference. So, THANK YOU. You have recovered some of what is otherwise lost/wasted time. And that's all we have in the end; what's yours worth to you?

Keep up the fight!

I believe it is doing some good -- and I feel it is my internet "civic" duty
to keep on reporting.

** CONSIDER THIS **

Of the number of email users in my time zone, if 10% of them reported their
spam each morning at 8 AM, chances are, the spammer's server would
be inundated with complaints.

If 20% reported their spam each morning at 8 AM, chances are there would
be sufficient traffic to that site to cause an innocent
(therefore legal) denial of service.

The spammer would get the message real quick.

The problem is, SpamCop does not usually do a very good job of reporting or
replying to THE ACTUAL SPAMMER, but rather targets the IP which the
spammer 'used' -- which can in all likelihood be different
for most recipients.

I wish there were some way spam fighters could form a coalition and REPORT
spam via SpamCop, then COMPARE their results amongst themselves.

I postulate that we would discover SpamCop sending complaints to
DIFFERENT IP owners, since the spammers frequently change the
target IP during spam attacks.

HOWEVER, I also guess that the target DOMAIN (ie: the "Advertiser")
link is always the SAME.

Therefore if there were some way to target the ADVERTISER in the spam,
we'd be shutting them down rather quickly.

For instance:

While analyzing spam over a period of several days, I find anywhere
from a dozen to several hundred spams all linking to the SAME domain.

However each and every spam is from a DIFFERENT sender, at a
DIFFERENT IP address, using a DIFFERENT SMTP. They would all seem to
be "different" spammers and spam, however since they ALL link to
the SAME "Advertiser" it is obvious the Advertiser is the criminal.

Targeting the ADVERTISER would be the magic formula to ending as much
as 50% of the spam we receive today, and would send a strong
signal to the others slipping through.

Too bad we can't do that.

There are various ways to target the advertiser (however, spammers evade them also).

Some of them block the sites. Others attack the sites (not something IMHO is contributing to a better internet).

You may be correct that if the 'big guys' did act promptly, spam would end. However, IMHO, if more people complained and made more noise that even the 'big guys' would be shamed into behaving. Unfortunately most people still think nothing can be done about spam.

Miss Betsy

I wonder whether our effort at reporting spam is misdirected. What if that effort were redirected instead towad some radically different approach to the problem?

Can only suggst that you do some research. There are plenty of "plans" out there, most of them suck, but ..... Some of those "alternatives" are even addressed within this Forum, most dealing with the fallout from the bad implementation ... challenge/response, SRS/SPF, Yahoo's DomainKeys, to name just a few ....

I've even suggested a credit system, whereas the sender deposits a penny per e-mail, and if the receiver "accepts" the message, they get that penny back. But it would take a company the size of AOL, Yahoo, or PayPal to implement such a thing. And turns out it might even require its own protocol.

But it was a thought, and I don't think new thoughts of trying to kill spam should end until spam is dead.

What if the SMTP host rejected, during the SMTP session, mail where the From address isn't whitelisted and the mail doesn't include a key like Cruelmail's "postage"? Rejecting the likely spam during the SMTP session instead of rejecting it by mailing to the return address gets around the problem of spamming innocent bystanders whose mail addresses the spammers have stolen to use as return addresses in spam.

(I am trying to start a similar discussion at http://snipurl.com/c11c; the poster "95h62gq02" there am I).

What if the ISP's removed their spammers?

I believe this would be the best solution!

Since you seem to be looking for new ideas: this is mine. The only thing it requires is the 're-education' of ISPs/

The spam problem is essentially UBE. There is already an RFC that bulk email should have in its headers that it is bulk. If ISPs filtered on the bulk email header line, then they could block all bulk email that is not specifically whitelisted by their customers. The whitelist would be one more step in the confirmation process. Then ISPs could block only email from IP addresses that was bulk but did not contain the header line saying it was bulk. That would entail a blocklist like spamcop's where reports drive the blocklist criteria. To keep from being blocked an ISP would have to take measures against people who sent bulk email without the proper header.

In the end, no single email would ever get blocked (as long as it came from a whitehat ISP who made sure bulk emailers used the header) and if it did (because of the glitches that sometimes do happen), it would be a very short time.

Anyone who wants to get *any* bulk email could by prior arrangement with his ISP. It might cost more since the ISP has to accept more email for that end user.

The whole spam problem now becomes a matter of competence (ability to put bulk email in the headers and to monitor outgoing email for that header).

My theory is that either bulk email will become more expensive so it is no longer profitable for the spammers or that they will voluntarily switch to the bulk email header. And then, nobody has to have any filter except the blocklist of incompetent ISPs (or open proxies and trojanized machines) and the white list for bulk emailers that you have confirmed.

The only way that spam can be controlled is at the *sending* end by preventing spammers from sending their spew.

Miss Betsy

Miss Betsy

Read spamhaus' definition of a ROSKO spammer (not the actual criteria - three different ISPs - but the description). To paraphrase, a professional thinks of ISPs as a disposable resource. (Still, I agree, this is the best way to drive the cost of spamming up).

Like you said, read Spamhaus

If the ISP's read Spamhaus they wouldn't bring those ROKSOites on

most spam i get on my server is from free email accounts - i thing that untill free email accounts are banned or identification is required to activate one, the spam will continue

ALL isp's give email accounts so why are free email accounts needed???

im really getting pissed off with the amount of spam i get

Are you sure? Or are you believing the allegeded From: lines?


Not all ISPs offer easy world-wide access to their e-mail accounts. One typical easy answer ...

I have been reporting spam received for six different email accounts on four different domains for almost four years. I keep seeing the same ISP's getting reports and yet I still see them being reported. and the level of spam never decreases on any of the domains. granted two are regular targets of spammers, Yahoo and Excite email accounts... but I even chanced ISP's two years ago on the main email account I used, and avoided submitting it to any places that might seel the address for email and even it gets occasional spam.

does spamcop really work at all unless you subscribe to an email account???

how come I keep seeing the same chinese and domestic ISP's being reported?

I'd love to undertsand why this doesn't seem to be working.


I wish I had such confidence. 4 years into this and no change in sight. what good is SC REALLY doing???

i'll add one more thing to this. I NEVER get replies to my submittals. when I first started using SC four years ago, I got one or two every once in a while, but I have not seen hide nor hair of a response from an ISP in at least a year, probably more.

Just to pipe in on this conversation. I work for an ISP, and deal directing with complaints sent by people and companies like SpamCop. It is making a difference. The ISP I work for is one of the biggest ones in Canada, and we suspend, on average, over 100 customers a day due to complaints regarding email spam. I have just recently started reporting spam myself because of the difference it makes. When we get complaints about spam messages originating from one of our customers' computers, we first send an email warning, advising them of the situation, and how to clean their computer... if we continue to get complaints, we temporarily suspend their service until they call in. We then inform them of the issue on their computer (virus, open proxy, trojan, etc), and tell them they need to clean their computer and call us back. We then reconnect their service once they say their computer is clean. Most of the time, they don't actually fix the problem, however. If we still continue to get complaints, we suspend their service for a week. At this point, we generally recommend they reformat their computer(s), and install an antivirus program and firewall. After the week is up, we reconnect their service. If we still get complaints, we suspend their account for 1 month... and if, after the one month, we still get complaints, we terminate their internet services with us.

That all being said, the majority of broadband companies in North America have similar policies, or at least are starting to impliment them. It's not going to cut out all the spam out there, especially the spam that originates overseas from blackhat "bullet-proof" hosting companies and whatnot, but it will make a big difference if we keep it up.

On a side note, one of the reports I sent off yesterday from spamcop was on one of our customers, and the report got sent to our abuse department. When I came into work today, I checked the account, and they were already suspended... less than a 24 hour turn around time. That one complaint alone made a difference.

So, yeah, there's proof that SpamCop is really making a difference.... Keep up the great work.

An idea: Since it is sometimes difficult to get someone to fix a trojanned machine, why don't ISPs have a 'fixit' plan (that's part of the contract). If you don't fix it the first time, the second time, the ISP will fix it for you - at a price - or you are suspended until you have a bill of health from certain authorized providers.

Miss Betsy