Jump to content

anyone8

Members
  • Content Count

    97
  • Joined

  • Last visited

Everything posted by anyone8

  1. anyone8

    Forwards not working

    Good point, although they finally quit trying to use my mail server as a relay. I guess getting told "no" a couple dozen (estimated because I didn't bother to count) times a day eventually got the point across.
  2. anyone8

    Forwards not working

    It seems like it would be foolish for a spammer to dictionary attack any of us who report spam.
  3. Glad to see I'm not the only one trying to report spam this morning. Now if only it was working LOL
  4. I had written a reply for this, but the forum apparently decided it was a good time to forget I was logged in
  5. It looks like a topic is started for each IP address. If not, please let me know. I know some folks like to see the tracking URLs, so here's that: http://mailsc.spamcop.net/sc?id=z5994241831zd90dd68b1ffe9f395f85090604eed6ecz And the error: A whois on this IP doesn't turn up anything (assuming my Linux box is setup correctly), so is there even any way to report them? Thanks in advance!
  6. anyone8

    Keep getting hacked please read

    It's a good possibility. I probably assumed the email client I was using on that phone would use SSL or whatever to make a secure connection. Rather than going to the trouble of setting up a VPN or SSH tunnel as the article suggested, I'd be more likely to simply switch off wi-fi when I leave the house. I just hope the cellular network is secure.
  7. Thanks! I had assumed typing whois [ip address] at the command prompt would give the basic info (such as contact email) if it was available. It only dawned on me right as I was finishing up that post that I don't even know if there is anything I should have configured on my Linux box. Although it looks like using senderbase to get the domain and then abuse.net to get the address is better since it gives an abuse address instead of the NOC or NIC addresses. Embarrassingly, this is probably stuff I should have known since I've been using SpamCop reporting for about 15 years. Is this something SpamCop usually updates so that the reports won't go to devnull.spamcop.net? I know Don has made adjustments for some things that go on with finding the reporting address for an IP, but I'm not sure if that fits in this category.
  8. Regarding "appears to have..." here's a way to confirm. I just sent myself a test message, and one of the received headers is: My spamcop address was right in front of the date before I replaced it with [removed]. This forum seems to be replacing the "at" sign with [at] too... but point being, if you find that header in one of the emails that appear to belong to someone else, then you will know for sure if someone else's spamcop email is getting forwarded to you. Also, that header line would likely be helpful if you manage to reach someone who can fix this somehow. If it appears to be legitimate mail (i.e. not spam), would it make sense to contact the sender and perhaps they can contact their intended recipient and let them know? This assumes someone isn't intentionally dumping their SC email on you. That would be strange. If it appears to be spam, perhaps a spammer is doing to spamcop what I've seen happen on other email services: spam shows up, but my email address isn't on the to or cc lines. I'm not sure if that would ever make it through SpamCop's email filter, but I don't have enough information to rule it out either ... they haven't told us a lot about the new spam filters. If it's not being forwarded through another spamcop account besides yours, it would certainly seem like reportable spam, of course being careful not to report any of your own providers. Now if it's really being forwarded from another SC account, I'm not sure one person can report someone else's spam.
  9. anyone8

    What is Knujon On About?

    Thanks for your comment. It cheers me up to know I'm not the only one that doesn't think it's too much trouble. Of course, efficiency is a key. For example, since Yahoo tends to have issues with the "forward as attachment" option from time to time (as discussed in at least two threads on this server), I keep it efficient by using an IMAP client that lets me get the message source quickly and easily. For anyone who is finding it time-consuming to report spam because of hassles getting the message source or forwarding to spamcop, I would suggest posting a message in an appropriate place on this server, so that your fellow users can try to help you. However, as noted above, there are already a couple threads on Yahoo and they've pretty much reached the point where all possible workarounds have been discussed. For anyone who needs a little cheering on, just think, when enough spams are reported, spammers get rejected like this: rejectlog.6.gz:2014-10-08 04:15:05 H=([192.168.2.33]) [87.235.36.76] F=<test[at]live.com> rejected RCPT <inzaclubc[at]yahoo.es>: DNSBL listed at bl.spamcop.net I don't know what they see on their side, but I'm sure it isn't welcoming.
  10. anyone8

    What is Knujon On About?

    What do you mean register with Google? The reason I'm asking is, I also set up a new domain because of SpamCop email services being discontinued, but I don't think it's registered with Google in any way. I pretty much figured it would get spam since .us domains don't seem to have the privacy option. That's why my spamcop address is the domain contact, technical contact, etc. I assumed the spammers were getting the info from whois databases, especially since most of the first few spams were congratulating me on my new domain and advertising various services that people running other domains might be interested in.
  11. anyone8

    Keep getting hacked please read

    The password was 8 characters, randomly generated, not used anywhere else or shared with anyone. If not brute force, my other guesses would be either the email app on my Android didn't use a secure connection or maybe the phone had malware. I was using an app called K-9 mail (or something like that) because the gmail app kept making the "new mail" sound for mail I'd already read. Anyway, it's all history now. I don't really count on my login being secret since it's my email address. Even where I'm at now, all they have to do is remove the part after the [at] sign. I better hope my new password is good. I quit using USB drives after losing the data when one randomly became blank, but I do use a a password manager called KeePass2 now. It stores them encrypted as far as I know. I have to enter a password when I open the program, so it better not be storing them plain text, or that's all pretty pointless. Regarding blocking brute-force attacks, that's one disadvantage of my current email setup: I'm the sys admin and I'm not aware of any way my server would tell me if someone tried to log in repeatedly. I was using gmail back when someone almost got into my account. I would imagine they would block brute force password guessing. Fortunately, they blocked the login based on what the IP was, as that's when I got a message from them and changed my password.
  12. Thanks for this information. I didn't realize they allowed IMAP. Now I can get the message headers for the occasional spam without POPing all my Yahoo mail.
  13. anyone8

    can't forward as attachment in yahoo

    I used to report spam using Pine, using the "forward as attachment" option. I think there may have been a setting to enable this. As far as getting the spam from Yahoo via POP, I think I had to enable that in the settings as well. It was working as of a few days ago, then someone told us Yahoo allows IMAP access, so I've been using that. Since all I was after is getting the message source to copy/paste into spamcop, IMAP makes more sense to me than POPing all my Yahoo mail just to report one spam. Let us know if you need help finding either setting (Pine "forward as attachment" or Yahoo POP spam).
  14. anyone8

    Forwards not working

    Yeah it's pretty confusing. Your financial stuff isn't getting through, but an advertisement from my domain registrar came right through. I'm assuming Cisco applied a "one size fits all" filter instead of importing our filtering settings from CES, which would mean that we all have the same filtering settings now. However, I haven't quite figured out how it decides what is spam. Test messages from my mail server don't get through, but test messages from my Yahoo account do. I've had the IP for 77 days, and certainly don't send spam. However, I even checked CBL and SCBL in case someone somehow got in and sent something from my IP. As far as I can tell it's clean, but then who knows whether Cisco even looks at these DNSBLs or something completely different. It also occurred to me that the Cisco filter might not like the fact that the reverse DNS for my IP is a subdomain of compute.amazonaws.com rather than mail.mydomain, but I'm not sure there's anything I can do about that.
  15. anyone8

    yahoo header problem

    Yes, Squirrelmail has a plugin called spamcop. I had never taken the time to check whether it was for filtering spam or reporting it. It's for reporting, so it's probably the plugin you were thinking of. That's too bad your server died. Mine is an Amazon EC2, so it better not die.
  16. anyone8

    Keep getting hacked please read

    I'll 2nd what Steve said earlier about a strong password. However, even with an 8-character randomly generated password, someone almost got into one of my email accounts a few months ago. The only thing that stopped them was the provider's server didn't think it was me based on the IP address the connection came from. Perhaps either more than 8 characters are needed (to make the password harder to guess) or someone got it some other way. The provider used https and I never wrote my password down, so I'm not sure how it got out. It happened close to the time I started using an android app called K-9 mail to check my email, so I don't use that app any more. The timing might have been a coincidence, but it was easier for me to stop using the program than to figure out how my password got out. Needless to say, I changed my password since it had got out somehow. As far as I can tell, it hasn't happened again. Another thought I had was if someone put a keylogger on your system or if there was some virus/malware on your system, but if you've replaced both your computer and your phone, that would seem unlikely. I'm no security expert. There are no doubt other possibilities as well. I'm kind of curious to find out how it works out trying to track these guys down through the legal system, if you happen to be inclined to share any updates with us.
  17. anyone8

    SpamCop groups on Giganews

    Thanks for passing that along. I was under the impression these forums had replaced the newsgroups long ago. It looks like he posted that message on the old news server years after Jeff thought he shut it down. That must have been one quality server, assuming no one else was maintaining it.
  18. anyone8

    SpamCop groups on Giganews

    I get the following error trying to follow your link:
  19. Another option is: wget http://t.co/[removed] --spider at least on Linux (distribution=Debian, version=wheezy). The "--spider" tells it to just check for the page without downloading it. So once it stops getting "301 Moved Permanently" redirects and gets a webpage, it should stop. Then the last location displayed would be the actual location. The one I tested with (removed so I'm not advertising some random site) actually redirected to a bit.ly one that redirected to the final site, so apparently this method will handle multiple redirects.
  20. anyone8

    yahoo header problem

    Just this morning, I successfully reported a spam someone sent to my Yahoo account, so it can be done. However, my setup isn't exactly typical: Fetchmail downloads my Yahoo mail to my Linux server using POP I log into SquirrelMail, which accesses the mail (on my system not Yahoo) via IMAP For any spam (usually just one), I forward as attachment to my SpamCop submit address I would assume you can do the above with any decent POP client. The reason for all the above is I was already receiving mail on my server (middle step), so when it became difficult to report from Yahoo's system, simply fetching it into a system I'm already using and then forwarding it to my submit addressed seemed easiest. Another option: In one of the other threads, it was mentioned that Yahoo can be accessed using IMAP. I've set up an IMAP client, but have yet to receive any new spam, so I haven't actually tried reporting mail retrieved this way yet. I'll be really surprised if it doesn't work though.
  21. Yes, when I logged in and it presented me with the bounce error, I sent a test mail from my Yahoo account to verify my SpamCop address was working (including waiting for the mail to show up at my forwarding address), then clicked the button in the reporting system to indicate the problem was resolved. It would work that morning, and then the next morning the error would be back. This started in the aftermath of the CES shutdown. I finally decided it might just be me and started this thread this morning. A few hours later, I started getting the reporting auto-replies ("Subject: [spamCop] has accepted 1 email for processing") which I hadn't seen in days. I'm betting that means they fixed something and now it will stop saying my address bounces. However, the true test is whether or not the bounce error comes up when I log in tomorrow morning.
  22. Am I the only one getting a bounce error every day when logging into the reporting account associated with my SpamCop address? Yet, notwithstanding the problems that happened about a week ago when CES shutdown, every test message I send to my SpamCop address from my Yahoo account gets through. I have noticed I no longer receive the auto-reply when submitting spam via email. That's no big deal, but I bet that's what's bouncing. Kind of sad if the Cisco server that runs that can't communicate with the Cisco server that forwards mail, but that's my best guess. Can anyone enlighten me what is going on?
  23. Well, he confirmed that it flags it after one bounce. The question was why this kept happening, given that the reporting part of spamcop should be able to communicate with the email forwarding part of spamcop. However, it seems to have been fixed 2-3 hours ago, based on the header I quote below. I have bolded the two received lines that, if I'm not mistaken show where this mail was delayed. I assume (yes I know that's dangerous) whatever delayed this mail was causing the previous bounces. The headers were very long, so I removed all but the received lines and the from/to/subject/date.
  24. When you say it will accept mail from some addresses but not others, are you referring to submitting spam to the reporting system via email, or the forwarding system that (sort of) replaced the SpamCop email accounts that were ran by CES (cesmail.net)? For the mailhost config, they seem to have silently fixed at least one of the errors, so it might be worth trying again. If it's still having problems, I'd suggest posting back here. It looks like one of the moderators will comment if it's something that can be addressed by the deputies. Regarding disappearing mail, any mail sent to your SpamCop address would be divided into two categories: spam and non-spam. Assuming there are no technical problems at the moment, your non-spam would get forwarded to you and the spam would get deleted. There is no more held mail. There has already been much discussion of this in the section of the forums related to the SpamCop email service, so you may be able to find more answers there.
×