Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About lartingyou

  • Rank
  1. I got a spam this morning, and when I tried to report it, it said netops-ironport[at]cisco.com was the address... but, in the end it just bounces. That is ironic, no? From https://www.spamcop.net/sc?id=z6154803852zb0fee552131aa619c626149cecf5f2f0z
  2. Does anyone know if SURBL takes this phenomenon into consideration? That is, mow.so (or whatever lax shortener) will start to show up on block lists. That's how it's supposed to work, right? EDIT: I just checked SURBL, and mow.so is on SURBL lists: JP SC
  3. Wikipedia has some info about filtering misdirected bounces (aka backscatter): http://en.wikipedia.org/wiki/Backscatter_%28email%29#Filtering_backscatter If it's Russian spam, you may be experiencing a kind of backscatter that seems to be a feature of a spammer's software, perhaps to improve chances of passing a filter (that checks to see if the "from:" field is a real address) or to make sure that bounced spam ends up in a real mailbox. See the discussion/analysis here: http://profs.etsmtl.ca/cfuhrman/backscatter/ -- As others have said, there's probably not anything you can do about it.
  4. lartingyou

    nomaster devnull

    My bad! I've been away too long and made a "beginner" mistake. I edited the original post above to fix this. Come to think of it, so many people make this mistake that perhaps the "past reports" UI could also provide tracking links. Engineers can recognize a bad design when enough people are making the same mistake.
  5. lartingyou

    nomaster devnull

    Hello, I'm chiming in because I've been receiving academic spams (promotion of conferences) out of a Jordanian university using a dirty list for some time. The parses always get a nomaster at devnull for the sending host mail1.just.edu.jo whose IP is Here are examples: [edited to provide proper tracking links] https://www.spamcop.net/sc?id=z6024914306ze257ce5d677054e5ca27c8613c3b4074z https://www.spamcop.net/sc?id=z6034533535z3caace670fe85aa1999af4182a003d4fz https://www.spamcop.net/sc?id=z6032268933zec6ff5cebc9582e426c400d05bcb3c1fz https://www.spamcop.net/sc?id=z6025536261z292043ba8f3b15572f5f8ce5b1cec804z https://www.spamcop.net/sc?id=z6033078631zf3c93670b9d6c39976520477bb952c44z I'm willing to do the legwork to fix the problem, but want some advice on how to proceed. Do I need to contact an admin at mail1.just.edu.jo to point out that their RIPE info is wrong? Do I have a snowball's chance in Hades of making a difference? I'm getting pings back from semi-innocent bystanders whose URLs are spamvertized, but I realize the real force of SC is not being properly applied. Thanks for your advice in advance. EDIT: According to https://who.is/whois-ip/ip-address/ :
  6. Hi, I've been getting spams through an AOL.com (AIM.com) email since November 2011 which I've reported systematically through SpamCop. Here's the latest one: http://www.spamcop.net/sc?id=z4857825360zf...a4b77fad38d3d6z Here are others: http://www.spamcop.net/mcgi?action=gettrac...rtid=5365764922 http://www.spamcop.net/mcgi?action=gettrac...rtid=5360315806 http://www.spamcop.net/mcgi?action=gettrac...rtid=5358946750 http://www.spamcop.net/mcgi?action=gettrac...rtid=5327874122 http://www.spamcop.net/mcgi?action=gettrac...rtid=5302594529 http://www.spamcop.net/mcgi?action=gettrac...rtid=5301055005 http://www.spamcop.net/mcgi?action=gettrac...rtid=5290730760 AOL has taken no action. I even managed to open a trouble ticket with postmaster.aol.com, and got someone about 6 weeks ago to admit the account was compromised. He said he was "escalating it to the appropriate person" but nothing has happened. Any advice? p.s. so sorry to learn about Miss Betsy. I used to contribute on the NNTP forum, but have been gone for around two years.