What the parser does not do:
SC doesn't use the dns/rdns setup of the server. Doing so would result in reports winding up in the hands of spammers, who often have control of their dns setup.

Instead, the system looks to the whois records, finding the owner of the block, providing it is a /24 or larger. It searches the addresses in the whois record. If a role account address is found, the domain for the role account address is checked with abuse.net.

This is the results of several years of trial and error. The current configuration, in place for at least the last three years is the most successful at keeping reports out of the hands of the front line spammers. The only way around this for this situation is to direct route reports for the block so it goes around the abuse.net lookup.

The previous is taken from a post by Richard W. - SpamCop Deputy
Link to original post

How the parser chooses abuse addresses:

The parser looks to the whois records, finding the owner of the block, providing it is a /24 or larger. It searches the addresses in the whois record. If a role account address is found, the domain for the role account address is checked with abuse.net.

This configuration, in place for at least the last three years, is the most successful at keeping reports out of the hands of the front line spammers. After several years of trial and error, the SC parser doesn't use the dns/rdns setup of the server because too often that resulted in the reports going to the spammer.

In certain cases, the deputies will manually direct route reports for the block so it goes around the abuse.net lookup so that conscientious ISPs can receive spamcop reports directly. They may also manually direct route reports upstream for known spammers in control of a /24 block.

This information is taken from a post by Richard W. - SpamCop Deputy
Link to original post

My preference is for the explanation to come first and also more of an explanation of how the 'route reports' can be changed.

Miss Betsy