My server at 66.13.172.18 is now running ASSP in front of the original MTA. This is great most of the time, but ASSP does occasionally miss a well done spam. Those are the ones I assume are the most valuable to report, so I'm trying to do so. spamcop.net is refusing the reports now. For example reporting:

Return-Path: <root[at]admin.xfloyd2.net>
Received: from admin.xfloyd2.net ([127.0.0.1]) by nt2.massmind.org
(Post.Office MTA v3.5.3 release 223 ID# 0-0U10L2S100V35)
with ESMTP id org for <webmaster[at]massmind.org>;
Tue, 8 May 2007 07:39:35 -0700
Received: from 209.216.249.72 ([209.216.249.72] helo=admin.xfloyd2.net) by
ASSP.nospam; 8 May 2007 07:39:35 -0700
Received: (qmail 16277 invoked by uid 0); 8 May 2007 06:08:24 -0500
Date: 8 May 2007 06:08:24 -0500
Message-ID: <20070508110824.16271.qmail[at]admin.xfloyd2.net>
To: webmaster[at]massmind.org
Subject: Your Payment has been sent to payments[at]diamondjewelry.com
From: service[at]paypal.com <service[at]paypal.com>

followed by the source of the actual email results in this response:

Parsing header:
0: Received: from 209.216.249.72 ([209.216.249.72] helo=admin.xfloyd2.net) by ASSP.nospam; 8 May 2007 07:39:35 -0700
No unique hostname found for source: 209.216.249.72

Possible forgery. Supposed receiving system not associated with any of your mailhosts
Will not trust anything beyond this header

No source IP address found, cannot proceed.

I assume this is due to the inclusion of ASSP.

So I tried to re-register the mailhost for 66.13.172.18 following the procedure outlined. I entered my regular email address and tried "massmind.org" for the "standard name of this email provider " the first time and "assp.nospam" the second time. After following the return link, posting in the header and account configuration email (and removing the extra spaces from the X-SpamCop-Conf: line (would it kill you to add a trim command to the scri_pt? ) )

Both times, the result was a Mailhost name of "interestingdevices.com" with Hosts/Domains: set to "computeam.nl" and a relaying ip of 217.148.95.15. Not only are those domains and addersses NOT in any way associated with me, they are not even found anywhere in the headers or body of the configuration email.

The pull downs for Hosts/Domains: and Relaying IPs: DO include the accurate values "assp.nospam" and "66.13.172.18" but since there is no submit button on the page, and no text field to hit enter in, I don't see how I can post the corrected information back.

Interestingly enough, with the incorrect information in the mailhosts list, the reporting of the above mentioned phish appears to work, although I have no idea how.

I really don't care if you respond or not, I'm just trying to report my experience in hopes that it will make you wonder how people can avoid being confused as all get-out by your system.

Go ahead wazoo, tell me what an idiot I am.

Full/Technical details would have shown in the parse that this line was ignored due to being an 'internal' handoff ....

The "problem" here is that ASSP.nospam is not a FQDN (Fully Qualified Domain Name) ... specifically, there is no Top Level Domain name of "nospam" .... this is where the parser would be having a bit of a problem trying to 'resolve' this 'server' to anything in existence. No DNS, no rDNS, no records of any kind of any value anywhere but "within your network/routing tables" which are not used "by the Internet" ....


This line never gotten to, but wold be ignored anyway ...

Not really ... or at least in my mind ... what I see is an e-mail server that "doesn't exist" as far as 'the Internet' knows, much less the SpamCop.net parser ... thusly, the "only" IP address seen in those headers is associated with a system that is not yours or in your MailHost Configuration ....

What I'm thinkong is that this ASSP server needs to be configured so it has a 'real' Domain address associated with it .. such that the lines inserted into the e-mail headers have a 'real' value included.

If you are asking/bitching at me, you really need to look at Section 8 - SpamCop's System & Active Staff User Guide and Credits and thanks to find a better direction for your venting ....

I have read and re-read the above, and I don't understand at all .... I was of the thought that this post was made becaise it "didn't" work ...????

Once again, as a volunteer trying to provide support for tools I have no input on, no access to, other than the same interface that you have, what exactly do you want me to actually do? I can only respond to data you've provided, apply that to what I do know, and give it a best shot ....

If you want exact amd specific answers on the MailHost Confiduration of your Reporting Account, then I will direct you to the Pinned entries from Ellen in this Forum area. Those are the folks that have anything close to direct access to that part of the system, and, based on previous replies to other issues, I'm can't even say that anymore without thinking of some caveats .. but not my place to say ....

I'll try to tackle this specific question. Because many mailhost configuration will use multiple possible routes (think Yahoo where mail can be routed through any one of numerous mail servers), the mailhost system tries to determine if you are working with a mailhost configuration that might already be set up by someone, and simply adds any new IP addresses to it. In this case, someone is using a configuration that passes through one of the same IP addresses at some point (possible the ASSP service you are referring to), so instead of creating a brand new mailhost configuration, the system simply adds the new IPs to the existing mailhost configuration.

The dropdown box on the page IS a bit misleading, as it is not intended to select anything, just a way for it to show you all the IP addresses associated with that mailhost configuration without taking up a lot of space.

Thanks for trying Will. I must say that the responses to this post have been polite and at least attempt to be helpful. Even wazoo was not rude this time. (so far)

ASSP is not a "service" it is an anti-spam filter that sits in front of my main MTA on my same machine, as a proxy, checks incoming email via RBL's, Bysian, Regx, grey listing, etc... and blocks spam AT the instant of connection, letting the sender know it was not accepted. I certainly agree that it should report itself in the headers as my host rather than as "ASSP.nospam" and I have reported that suggestion in the past to the ASSP developers. I will do so again. But it doesn't. And it is popular. So if SpamCOP wants to accomodate it's users, SpamCOP needs to deal with that, or warn ASSP users to stay away.

My mailhost is on my machine on my IP address. 66.13.172.18 is mail.massmind.org. Check the reverse DNS. It also sends email for piclist.com, efplus.com and sxlist.com. All of those domains are mine, and only massmind.org was among the options listed by the config. That server is totally, 100%, and in every way under my exclusive control. No one sends an email out of that machine without my permission. I OWN 66.13.172.18. I pay my ISP for exclusive use of that static IP. interestingdevices.com, nothing at a .nl address and none of the other stuff that showed up is in any way sending anything through that ip or that mailhost.

The hosts listed in the pull down for the example above make no sense. interestingdevices.com has never been registered to my IP as far as I can tell. It is certainly the case that no .nl domain was ever registered to an IP in the USA.

Even if there is some reason why all that should be there, why not change the documentation to explain it? It amazes me that people continue to use SpamCOP given the poor user experience that results.

The thing about the spaces after the ID in the registration email just blows me away. Here you have what is apparently a common user issue, as evidenced by the existence and viewing statistics of the sticky post in the forum, and yet when the developers are repeatedly made aware of the issue, and help is offered in the simple task of adding an RTRIM to the parsing scri_pt the only response is "We sent the test message in properly formatted plain text. There were no spaces after the X-SpamCop-Conf line when it got to you."

Well, yeah... Duh... YOU were perfectly right and in "perfect land" you would never have to compensate for anyone else doing something that, as far as I can see, doesn't violate any RFQ, but doesn't happen to fit with your narrow view of how the world should be. In the real world, if you want users to use your system, you compensate for common user interface issues.

All of this, combined with the fact that SpamCOP keeps blocking innocent gmail users (again, yes YOU are pefectly right, and you can shoot yourself in the foot all day if you wish, but don't expect me to trust your judgement anymore) leads me to believe that SpamCOP is no longer worth recommending.

http://techref.massmind.org/techref/langua...pam-rpt-vbs.htm

2007.05.11 08:38:27 Update: I no longer recommend or use SpamCOP. Their MailHosts configuration has become more and more convoluted and confusing, the "user to user" help forum is populated with rude, elitist, and unhelpfull people (e.g. wazoo) and Their developers are uninterested in improving the user experience. For example, when registering a mailhost, there is an ID number in the header that must match the ID in the body of the email they send. Some MTA (including ASSP) pad header lines with spaces (which, as far as I can see, does not violate any RFQ), but this causes the match to fail because they do not trim the spaces before comparing the values. Despite the fact that there is a well visited, sticky post on Their forum explaining the issue, the developers (Dan) are totally unwilling to take the few seconds it would require to add an RTRIM to the header parsing scri_pt. Even after manually trimming the values, the resulting MailHosts listing apparently shows every domain ever registered to your IP address rather than your current domain or RIP. This is confusing at best and is not mentioned in any documentation I could find. combined with the fact that SpamCOP keeps blocking innocent gmail users leads me to believe that since IronPort took over, SpamCOP has gone to heck.

Someone please prove me wrong, or convince me that I'm stupid. I would MUCH rather be wrong and/or stupid and see SpamCOP as making sense, but at this point, I don't and I must be honest about it.

Sorry.

I have to take some exception from still being somewhat included in your use of the word "you" here ....

Funnily enough, the 'same' situation is discussed in yet another Topic/Discussion ... that one managing to get the attention of a "paid-staff" member .... please see No source IP address found, cannot proceed for a rollicking good time. Yeah, that elitist, rude, scumbag Wazoo plays no favorites .... though still unkown how 9.5k+ posts can possibly translate into "doesn't like to answer questions" .....

Lemme see, installed, tried out a dozen different FAQ tools, brought a few of them into the light.
Hacked together the single-page-access-expanded version of the SpamCop FAQ 'here' to try to stop the bitching and complaining about the original/official FAQ ...
Thousands of hours lost on building an 'internal' version of that FAQ to this application that disappeared when that tool didn't follow the upgrades of this aplication.
Started the Glossary, then added a Dictionary application for those 'techy' words that no one understood ...
Found, installed, and started populating a Wiki as yet another alternative for FAQ data
Installed and finally got running a mailing-list/newsgroup archiver to replace the one that died 6 months prior
(again noting, I am not a "paid-staff" member .... this is all freely volunteered time and effort on my part)
((and thank the gods, there are others here that also volunteer their time and energy to keep things moving forward!!))

Yes, I do get bothered by questions asked that already have answers porvided in the multiple versions of a FAQ (Frequently Asked Question) resource .... not having to re-read the same queries over and over, then re-typing a response is what the FAQs are all about ..... call that elitist, rude, whatever .....

BTW: the offered link has some bad data .... for example "the developers (Dan)" ..... no idea who "Dan" might be .... but noting that "Don" does not do 'development' work ..... Once upon a time, that was Julian's work ... what one sees these days about an issue is Don/Deputies making the statement "opened a ticket" (when anything is said at all) .. and that 'ticket' is handled by folks described (or not) in the 'official' FAQ at Credit and Thanks

I said elitist and rude, not scumbag. I also said unhelpful, but you certainly have been that at times, so I revised my statement on the web page to remove your name (more below).


I'm sure you are a wonderful person and an asset to the organization. I don't know you, but I'll be happy to give you the benifit of the doubt in any area I haven't seen evidence to the contrary. You HAVE been a royal jerk to people, including myself, in the past. I must say, and I did say, that you were pretty much polite in this thread, and so perhaps people change. Based on that hope, I revised my statement; removeing your name.


And I do call it that. All you have to do is post a link to the FAQ item and leave it at that. Maybe even add "Your question is answered in this FAQ item"


Right, Dan is Don, my bust. Corrected now. I refered to him as a deveoper because he was the only person who responded when I tried to contact the developers to suggest / help get rid of this problem with the ID string not being deblanked.

Look, the fact remains: The mailhosts config is a royal pain. It is confusing as all heck (at least to me and the many other people who have posted in this forum) and the documentation could be improved. I've have offered to help update that documentation and that offer stands.

The fact remains: People who need help are often offended in these forums. Right or wrong, that is the case. I can't send people into a system that may well be a negative experience for them; it reflects poorly on me if I do.

And finally, the fact remains: The spamcop RBL is unusable if it takes this hard line approach to gmail and other large ISP's. In the USA we have this thing about it being better to allow a 1000 guilty men to go free rather than commiting one innocent man for something he didn't do. Based on the volume of innocent email gmail sends, that ratio is certainly being violated by spamcop and it is a damn shame.

Ok, it just kills me to admit this, but after extensive searching, the only threads I can find where you replied to me... you were very nice... and kind... and... even... (choke) helpful...

Apparently, after reading all the posts over the years where you were rude to someone else, my memory warped and I ASSumed you had also been rude to me. That is a bad thing to do, and this is a classic example of how people get bad reputations which are some times (not necessarily this time) ill deserved.

I was wrong, you were not rude to me, and I very much apologize for the false accusation.

But my other points ("fact remains..." above) stand and (I think) are valid. I would still love to be wrong.

Julian wrote that application bit a few years back. Eventually, it was considered mature enoigh that 'support' was passed over to the Deputies. What data that was made available at the beginning of this part of the toolset still exists in the Pinned entries within this Forum section.

The single-page-access-expanded version of the SpamCop FAQ here originally had the comment "MailHost Configuraton stuff is not covered here" ..... However, as "here" was the place to bring up issues, and it was seen that there were a lot of Frequently Asked Questions, I in fact did try to start a MailHost Configuration FAQ. Please see MailHost Configuration Problems FAQ started .. note the 'help' I received from the only folks that have access to the code, the database, the influx of folks with problems ... thus the aborting of any thoughts of trying to 'complete' that FAQ entry.

However, some work has gone on ... some noted by the expansion of that FAQ section, now looking like;

How do I configure Mailhosts for SpamCop?
-----> Mailhost System Configuration Explanation
-----> MailHost Configuration Problems FAQ started
-----> Mailhosts Typical Questions A less technical version
-----> One version of a Step-by-step MailHost set-up
-----> "Sorry, confirmation codes do not match:" - Why?
-----> MailHostConfiguration - Wiki Version

Just have to note again .... the volunteers 'here' are just other users, so there is no special insight as to what's going on or gone wrong with this part of the toolset beyond what 'you' also see. And, as noted in that attempted FAQ entry, details on the behind-the-scenes stuff is not available.

So to go the other way, the FAQ here, the Wiki .. all developed from input seen here, in the newsgroups, whereever it can be found .... if you look around, there are invitations all over the place to step up and provide the data, correct the existing data .... but, if you look a bit closer, you will fnd that those actually vounteering their time, knowledge, etc. to do this are few and far between. Yet another repeat, these alternative FAQs exists because of the years of complaints about the 'Official/Original FAQ' that is still stagnant, out-of-date, and very much incomplete ....

Sorry, but GMail (and Yahoo) servers already have their own massive Topics/Discussions. If you look through them, you'll see that numerous folks (to include myself) have tried to talk to them directly about the issues and have gotten nowhere .... the bottom line is that the header data does not contain any data to go beyond the GMail (Yahoo) server (dependent upon the way those servers were accessed .. via web or POP/SMTP .. which is where the "privacy issue" seems to fall apart)

And again, noting that you brought up the word "ratio" .... please do the math involved on how an IP address gets listed/de-listed and note that just as you say, GMail (Yahoo) servers send out ton-loads of e-mail .... which makes it even harder to believe that the ratio of 'seen' e-mail to 'reported' e-mail could ever get to the tipping point of getting itself listed .... other than the obvious remark that there doesn't seem to be an active GMail (Yahoo) abuse team at work ....

The 'personal' stuff ... whatever .... I'm retired U.S. Army, Viet Nam though Iraq vintage .... I went through a divorce that took about 10 years, my 'dearly beloved' going though a string of 14 lawyers (with me representing myself) .... there are very few things that I haven't been called by now <g>

...Thanks! <g>...Could be that if you read again with your newly-found (and welcome) attitude change regarding how Wazoo actually treated you, I think you'll find that you may have been reacting not to Wazoo actually being rude to others but to others perceiving rudeness on Wazoo's part whereas he was really being either "clever" or "humorous." Indeed, there are times when Wazoo has been on the rude side, normally (IMHO) when he is responding to an attitude on the part of the person to whom he is responding (noting that sometimes that attitude is not necessarily evident from what we see posted but may have been manifest behind the scenes, for example, in private e-mail or SpamCop Forum personal message).

I see that Don has yet to respond to the 'invitation' to drop by this Topic/Discussion ....

So just to get things back on track ... the 'issue' is as was defined in my Post #2 ....

If you were the only person in the world using this ASSP tool, perhaps the MailHost database could be manipulated .... but you sure make it sound like this ASSP thing is 'popular' .. so there's no way that this 'data bit' could then be 'assigned' to you and you only .... somehow, the 'fix' would seem to be you somehow getting this ASSP thing to report it's (RFC compliant) header data like any other server involved with handling e-mail ....

From a totally non-technical point of view, if somebody did manage to get their mailhosts configured with the assap.nospam, then since it doesn't return dns, etc., the mailhosts for it might include a lot of 'other' domains than yours.

I don't remember whether yours was included - which would shoot my theory down. But, when one registers a hotmail account, for instance, dozens of names come up. If the mailhost software is just looking at assap then all the domains who are using assap would be part of the allowed mailhost, IIUC.

IIUC about software and code, it is not so much thinking that its way is 'perfect' as it is that one has to write code for specific situations. If you have written software code for the 'accepted' way (such returning dns) which has good reasons for existing as the accepted way, then is it really reasonable to expect the coder to tweak it every time someone doesn't do things the 'accepted' way?

OTOH, the spamcop parser is not 'user-friendly' - it was written by a techie for techies. I wasn't here in the beginning when Julian frequented the ngs, but I have seen some exchanges between him and others. It is not so much 'being perfect' but expecting a level of expertise that would recognize that if something doesn't work, to try it again in case it was an extra space (again, I am being totally non-technical here - I just vaguely remember the details about using some kind of code to insure that entries are acceptable to the software and that may not be a good example. But I remember when the 'skip technical details' thingy was added at the top of the parser output. All kinds of 'user-friendly' things were proposed at the time, but that was the only one implemented. It is useful only for a techie because non-techs don't turn on technical details. The other user-friendly suggestions were for the benefit of non-technical users). The only concession to non-technical persons was the email service which Julian got out of as soon as he could.

I didn't quite understand the OPs point about gmail and yahoo, but IMHO, it is a darned shame that they and Comcast and RR and the other big players who allow all kinds of spam to leave the IP addresses under their control are not totally blocked by others so that their users get 'educated' and then we wouldn't have such problems with spam. There are no 'innocents' IMHO any more. Everybody knows about the spam problem and they are either part of the problem or part of the solution.

If spamcop is too hard for you to use, or doesn't work the way you want it to, then there are lots of other ways to do whatever it is you want to do. spamcop works just fine for enough people to make it useful for a number of server admins and for spamcop email customers (not all of whom report their spam). OTOH, if you are interested in the concept of the use of blocklists to control spam, the forum is a good place to 'educate' people and to help the non-techie users to resolve their problems with using spamcop. If you stay around, though, you will have to remember that there is almost nothing about spamcop that can be changed, just lived with or worked around.

Miss Betsy