Jump to content

michaelanglo

Membera
  • Content Count

    288
  • Joined

  • Last visited

Everything posted by michaelanglo

  1. michaelanglo

    How SpamCop can stop bounced emails from forged

    For a webhost, yes, but an ISP usually only allows use of its SMTP server from IP addresses on its own network so abusers are its own clients. An AUTH SMTP user can be anywhere in the world.
  2. When I selected SORBS in addition to the existing block lists I checked this and found one inside a couple of days. Note that the lists are applied in order so the later ones don't get much of a chance unless the source hasn't yet been added to the SCBL etc. lists. I don't think that a list of Dynamic cable or dialup IPs is usable by the SpanCop email blocker because it just looks up every IP in all the Received lines. Only if these are analysed for "Direct to MX" do they suggest a zombie is at work.
  3. michaelanglo

    Yahoo! groups

    Ah, I see. That makes sense if there are just a few groups to whitelist, but it doesn't solve the problem long-term and it means you have to notice/be informed of users joining new lists, which is a bit impractical in my case. I note that the standard advice to enable whitelisting of ALL Yahoo Groups would be to select Return-Path: anything-followed-by returns.groups.yahoo.com HTH
  4. OK after hacking around in the mist for a day or so I can report complete success. I inavertently configured mailhosts for my free reporting account (I am a spamcop-mail subscriber too). Perhaps because of this I first got "Sorry, the email sample you submitted for me.name[at]my-isp.net.nowhere appears to traverse more than one domain" {meaning spamcop-mail ?) So I backed out by clicking the delete link and asked to configure me.name[at]cqmail.net explicitly first which worked fine. then me.name[at]my-isp.net.nowhere then me.name[at]my-other-account-which forwards. and then did test report-spam & cancel on emails to my-isp.net.nowhere and to my-other-account-which forwards which both gave the expected results. If anyone need a reporting account with no mailhosts in its profile I would think an additional free reporting account would be suitable, one only needs a spare email address when setting it up. If Spamcop has many users of a given isp then if it changes its configuration there is a problem. Automatic change for all or reporting freeze or what ? Of course it may then revert to its old configuration so maybe we wnat to keep both. * Suggestion * If mailhosts works, spamcop will be in a position to make TWO (2) entries in the BL when a spam is sent from a webmail provider, the IP of the user (possibly a dial-up or internet-cafe or WIFI zone) AND the webmail's mail sender. Both are spammy.
  5. michaelanglo

    Invision - View new posts bug ?

    The "View new posts" feature works fine except when the "go to first unread post" line turns up. This seems to always go to the last post (possibly provided there are more than three pages) rather than say the middle of the penultimate page that the "time of last use" would indicate. Is this a known error ?
  6. michaelanglo

    Invision - View new posts bug ?

    Just to confirm that it's a different bug. last visit given as Apr 2 2004, 12:44 PM View new posts, clicked on Mailhost system beta testing (Pages 1 2 3 ...13 ) then last unread and it took me to the last post dated Apr 2 2004, 05:44 PM BUT the previous post was Apr 2 2004, 04:42 PM, so Invision should have taken me there, right ?
  7. michaelanglo

    Invision - View new posts bug ?

    I didn't know about that bug ! But no, I think it has happened on the first post I looked at. Thanks anyway.
  8. michaelanglo

    SpamAssassain over limit but not held

    Oops ! Didn't spot the "-", thank you.
  9. As can be seen, SpamAssassin gave a score of 4.5 yet the email was not held even though my threshhold = 3 and at least one email was held at the 4 level in the same batch.
  10. Huh ? What question were you answering ? (212.74.114.58 is mk-pop3-lb.mail.uk.tiscali.com which is where SC mails POP'd it from) The"source" to SpamCop is 200.63.233.237 "Re: 200.63.233.237 (Administrator of network where email originates) Reportid: 724081864 To: jcastill[at]gye.satnet.net" Spamcop says 200.63.233.237 has been on the SC BL for 33 hours. My Spamcop mail account uses the SC BL (no webmail filters were used). The headers show that SC mail noticed that 200.63.233.237 was in the received lines and that SC mail processed it 3-4 hours ago. so why didn't it go to my held mail folder ? Thanks
  11. I got a religious spam in my inbox just now which the headers say was POP'd at 11:30 GMT, 3 hours ago. Subject: If You Need This....OPEN! Manual reporting says the origin was 200.63.233.237 http://www.spamcop.net/sc?id=z315059754z20...304eaaa2a474baz http://www.spamcop.net/w3m?action=checkblo...=200.63.233.237 200.63.233.237 listed in bl.spamcop.net (127.0.0.2) Since SpamCop started counting, this system has been reported about 30 times by about 10 users. It has been sending mail consistently for at least 2.6 days. It has been listed for 33 hours. The headers say 200.63.233.237 was checked, no result. So what went wrong, 33 hours seems to be a good enough tolerance ?
  12. What is in your SMTP logs ? I see a typical spam subject (contains Norton) there, can you search for that ?
  13. michaelanglo

    More about Freeserve...

    Yes, I have had many discussions with their admins without [...] If they would follow the example set by other webmail providers, i.e. Hotmail, Yahoo, etc., and add a received line showing the IP address of the user connecting to their system, the user's IP would end up listed and not their servers. As it is, SC can only trace the spam back to the Freeserve servers, so their servers get identified as the source and wind up listed when the stats exceed the listing thresholds.
×