Jump to content

All Activity

This stream auto-updates     

  1. Yesterday
  2. petzl

    Spoofed email?

    yes, it also give a better understanding of ones problem
  3. Sorry I missed this before. I started to just mung the poster's email. Then I started on all the other emails and links. Spammers do crawl through this forum (who would have though?) an search engines do base ranking on number of links, among other things and we would not want to help them out. This is why a Tracking URL is the preferred way to reference received spam
  4. gnarlymarley

    Can I copy reports to my ISP

    When you add fuel to your account, there is a third party report option that shows up on each report that you can add your ISP's email. I am not sure I would use it as your ISP would probably just turn off the reports such as noted with sendgrid in this forum post.
  5. gnarlymarley


    Also, the (Notes) portion is a link to some text boxes further down on the page where you can add some information to the particular report that goes out. The group text box for is up by the "Send Reports" button, and the individual text boxes are below.
  6. emanmb

    Spoofed email?

    I see, this is what is used to post spams in the forums so others can see it, correct?
  7. This last 2 weeks has been spam hell for me. Literally at least 30 spams a day (and I'm just a guy with an email address, I'm not a business). I can barely keep up with sending in the reports before more come in. Obviously my cut-rate ISP has turned off their filter or something. And I'm not just talking about spam that tries to sell you something you don't want, I mean the type that wants you to click a link and enter a credit card. Anyway, I was thinking that when I send the spam reports to the spammer's ISPs (chinanet, ru, and other criminal providers who seemingly don't lift a finger to stop the activity), could I also copy my own ISP -- to give them a taste of exactly how badly they're doing in letting all this crap seep through to their customers? My thinking is that they might then bestir themselves to use the Spamcop list. But I wanted your opinion on whether this would be a huge no-no. I don't want to harm Spamcop in any way. So please let me know if this would be ok for me to do. Thanks.
  8. petzl

    Spoofed email?

    BEFORE you submit spam, after you parse at top of page there always is SpamCop v 5.0.0 © 2019 Cisco Systems, Inc. All rights reserved.Here is your TRACKING URL - it may be saved for future reference:https://www.spamcop.net/sc?id=z6572437903zd60f155c1fe49e83c6c1c3a6bf21da31z I don't get much spam so this is a few days old. click the link and you can see it.
  9. emanmb

    Spoofed email?

    Thanks @petzl. eman al guhani isn't my name. I got a reply back from DRI which said "Dear Eman Al Guhani,Unfortunately, we do not handle the customer service for Adobe. Please contact them directly with your request through one of the following methods:" This is odd that they addressed that guy despite my actual name being attached to my email account when writing and was in my sig at the end of the email. I'm on Mac OS so I only run Malware Bytes occasionally and AV's are really unneeded. I've only found the Genieo malware once a looong time ago via MB. But to empirically confirm this, I downloaded and ran 2 different antivirus scans and MalwareBytes. Nothing there. LOL now I need to delete the antivirus as it eats up resources when it runs. Anyway, RE: the tracking URL. Why would I do that? Can you run me thru the process? I received another email from Adobe today titled "Welcome to our Creative Cloud family, Eman" despite writing to their abuse team yesterday.
  10. Last week
  11. petzl

    Spoofed email?

    "They" seem to have your name, which is a worry. Make sure you are running a virus/malware program like windows defender Often it's one of your contacts that don't do this, meaning your information is stolen from them Learn how to copy and past a "Tracking URL", Found top of page BEFORE you submit spam.
  12. abuse@yahoo.co.jp returns an auto-response every time. Yahoo! JAPAN asks us to use an email address of the domain yahoo.co.jp.
  13. emanmb

    Spoofed email?

    That's what's so odd is this one was not the challenge email but a purchase confirmation with an order # . The first one that arrived was asking for verification. Checking w/my one CC company, there are no new charges and DRI has not replied to me. I'm not gonna sweat it too much but still going to keep an eye out. I thought I was pretty good at spotting spoofs but this one I just can't tell what is going on. Below is the plain text from the emails with the corresponding SC report results in screen shots. FROM ADOBE (no-reply@adobe.com) Hi eman al guhani , Your order has been confirmed, congratulations! Please keep this confirmation as your proof of purchase. If you paid by credit card, the charge for your order will appear on your credit card statement as "DRI Adobe Sales". (E-commerce services are provided by Digital River Ireland Ltd. , an Adobe approved e-commerce reseller) Order Details Order Number: 15377131810 Order Date: 12 September 2019 Seller Address Digital River Ireland Ltd. Unit 153 Shannon Free Zone Shannon, Co. Clare, Ireland Billing Address eman al guhani king khaild street yanbu 46421 Saudi Arabia 530967610 eman.photo@xxx Shipping Address eman al guhani king khaild street yanbu 46421 Saudi Arabia 530967610 eman.photo@xxxx Product Name Qty Ordered Amount Adobe Creative Cloud Photography plan (one-year) 1 SR 37.00 SubTotal SR 37.00 Shipping SR 0 Tax SR 1.85 Total SR 38.85 Payment Digital River will bill each monthly installment of your one-year commitment (plus applicable tax) to the payment information you provide during this sign-up process. Once you receive confirmation from us that your initial payment is confirmed, your service access and one year commitment term will begin. You understand that the cost of your one-year commitment is the total of the monthly installments you will pay during your commitment term. FROM ADOBE (message@adobe.com) You're nearly there Welcome to Creative Cloud, eman. Before we can get started, we need to quickly verify your email address. Click the link below and sign in using your new Adobe ID: eman.photo@gmail.com Verify your email Once your email is verified, sign in to Creative Cloud to get started. We're glad you're here, The Creative Cloud team
  14. whois contains Abuse Contact. We should use the email address.
  15. 5280 Guy


  16. Lking


    Kind of. When you see that a report is send to abc#domain.com{AT}devnull.spamcop.net A report was not sent to abc{AT}domain.com for several possible reasons (that is the spammer, reports have bounced in the past, they have ask NOT to receive spam reports from SpamCop...) The report is added to the local database for statistical use. Your report of this spam does add to the SpamCop Block list and that is no small thing.
  17. 5280 Guy


    Whenever I submit a spam report I see what I have pasted below. Any idea what that means? I get the impression that that means the report is just kept as a note and doesn't really go anywhere. Correct? Thanks. abuse#exacttarget.com@devnull.spamcop.net (Notes)
  18. Lking

    Spoofed email?

    As I remember the email standard includes the "." and "emanphoto@" is different than "eman.photo@" However, some free email providers, like gmail, ignore the "." in the mailbox so the two are effectively the same. Given that, No, your test email to "eman.photo@" was delivered to only one mailbox - you. As for the emails from Digital River, et al, Someone may be trying to using the email address to create an account. Of course without validation no account will be generated. The Digital River system automatically send a challenge email each time an attempt is made. Lots of the challenge email I receive include at the bottom something like "If you did not request this account, please disregard this email"
  19. emanmb

    Spoofed email?

    I am getting emails from Adobe and Digital River Ireland re: an "adobe creative cloud" account which I don't have. "You're nearly there Welcome to Creative Cloud, eman. Before we can get started, we need to quickly verify your email address. Click the link below and sign in using your new Adobe ID: eman.photoATXXXX.com Verify your email Once your email is verified, sign in to Creative Cloud to get started." DRI sent me a "Your Adobe Order Confirmation" email today and the adobe email came yesterday, Bangkok time. My email name is emanphoto@ but the address these emails are addressed to is eman.photo@. Notice the period in the middle. So to test this, I sent an email to eman.photo@ and sure enough it came thru to me! If the email came to me, would it also go to the person who created eman.photo? How is this possible with completely different emails? Admittedly different only with a period. Neither digital river nor adobe have any CC card info on me as far as I know. I have emailed DRI to see what they have to say and how to proceed but thought I'd check with the email/spam experts here for any opinions for which I'll be grateful!
  20. emanmb

    abuse AT linode.com

    I did fwd to them and the replies seem genuine at first but then all of them are the same with just a different person signing them.
  21. th_th

    504 Gateway Timeout

    Thanks. The spams listed in my original post are quite old, but I'll contact the deputies for the next ones - if any.
  22. That edit button could also be based on either time signed up or amount of posts. I have the edit button for some posts of mine in this forum going back to before June 8th. I suspect a forum admin might be able to do it if you no longer have edit access when you are logged in.
  23. gnarlymarley

    Reporting addresses bouncing?

    This is in part why I have to check my whois for my domain every few months to make sure it is correct. I am not sure if they have the same requirement for the whois for IP addresses.
  24. gnarlymarley

    Sendgrid reports dev'nulled?

    Might be good to have this as a new feature since most of these reports are not going any where any way.
  25. I am excited for the time when the whois portion gets fixed and properly redirects on its own.
  26. gnarlymarley

    forum spam handling

    This is in part why I try to put a note for the reports going to legitimate hosters such as "You might want to work with your customer to clean up their compromised system."
  1. Load more activity