Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by Dilbertic

  1. Dilbertic

    Spamcop not finding link in encoded message

    Seems this spammer has found another way around fooling spamcop processing engine, this time his headers are somehow fooling spamcop to by pass the main body and the links won't be processed so they can be reported: https://www.spamcop.net/sc?id=z6532463121z4c0bbe7b8deabc530d29d6bb703fbdf9z
  2. I have been using spam cop forever via filtering my domain email which caught many of the spam / malware and virus emails sent to my account, BUT since the spamcop split up we can only report spam now which is not really helping to much to stop the flood of spam now in my email boxes for different users on my domain. So has anyone found a spamcop alternative for email filtering via domain forwarding? My provider uses spam assassin which blocks or let's the spam enter, the rejected emails are lost in space and I am still getting malware and spam making my domain email address kinda useless besides the fact I am tried of my mother asking me why she gets so much smut emails. So has anyone found a spamcop alternative for filtering email, it would also be great if it reported it also like spamcop used to, but I would be happy with just spam filtering at this point...
  3. Dilbertic

    Flavor of the week Spammer

    The last few days I have been geting 20 to 40 of these a day, same old job this lcik this link to infect your system blahh blahh blahh blahh I am guessing it a malware robot or a 12 year old living in his mothers basement? They always have a coded message with your name in the subject so it's easy to make a rules to forward to spamcop and filter it and you get tons of them from random names. Tracking: https://www.spamcop.net/sc?id=z6294076520z544262b06ba8799c17f451fadd9f1115z This points to the domain of the week as: Re: (Administrator of network where email originates) To: jichen@druknet.bt (Notes) Re: Forwarded spam (User defined recipient) To: spam@uce.gov (Notes) Re: http:⁄⁄securepagesystem.com/bizz/index.html (Administrator of network hosting website referenced in spam) To: abuse@quasinetworks.com (Notes) Re: http:⁄⁄securepagesystem.com/stop/ (Administrator of network hosting website referenced in spam) To: abuse@quasinetworks.com (Notes)
  4. Dilbertic

    Flavor of the week Spammer

    I got 56 of them last night + extra canada meds emails
  5. For months now this spammer keeps sending me an invoice style email with an attachment that contails virus JS/TrojanDownloader.Nemucod.LP trojan. My virus program always deletes it, but my question is why is spamcop not detecting the virus and more so forged sender? Dil
  6. Thanks for the info, just think it's funny everytime I report it, I get 2 or 3 more, I only used to get 1 a day now I am up to 9 or 10 a day that I am reporting them....
  7. Sorry about that, i got about 10 of them today and another 3 now after I reported the 1st ones, seem to get more after I report them I have been cc'ing Report Malware and vulnerabilities to DHS by e-mail at cert[at]cert.org and soc[at]us-cert.gov. https://www.spamcop.net/sc?id=z6225216524zd52e9f783eb50087d1edf424d9afee24z https://www.spamcop.net/sc?id=z6225217422z65ad432db9248c160700f6b1f52cbfcfz https://www.spamcop.net/sc?id=z6225217624z6ad6d023f15fe8e85da18286b65ff988z Guess the spammer is on a mission to send out this malware to me
  8. Wasn't sure which link you needed, since I posted this I am now getting 2 or 3 a day... Here is a copy to one of the past reports: 6433222363 ( Forwarded spam ) To: spam[at]uce.gov 6433222362 ( ) To: dsl.noctn[at]in.airtel.com 6433222361 ( ) To: incident[at]cert-in.org.in 6433222360 ( ) To: dslnoc.ap[at]airtel.in 6433222359 ( ) To: techsupport[at]in.airtel.com 6433222358 ( ) To: abuse[at]airtel.in 6433222357 ( ) To: manas.kaul[at]in.airtel.com 6433222356 ( ) To: postmaster[at]in.airtel.com 6433222355 ( ) To: dsl.noc[at]airtel.in
  9. Hi, I have had spamcop for a number of years now, but I am having a major issue with only being able to report 100 messages at a time. In the last few weeks a spammer has taken it upon him self to mass mail me the same email over and over so I end up with 2000 emails in a night ( yes the same email title and body ) Now being that it takes about 2 to 4 mins to flag all the messages and report them before the next 100 messages comes up, I spend 20 to 40 mins dumping these emails to clear my spamcop reporting cue Yes the nice guy at Web 2.0 seems to send them every min or less for a day, bug or just pissed because I report him, but in anyways case spamcop needs a better way to stop mass mailings and or to report them in a better bulk. Thanks, Dil
  10. Dilbertic

    Mass Single Source Reporting HELP

    1st thank you Betsy for your nice reply and thank you Don, I should have posted more information, but since I really only use the Held email tab for a number of years now, it just seems to be the normal method of reporting spam that has been flagged. Wazoo, thanks for trying to be helpful, but your tone in the message is kinda Smart A---y, so please no need to reply to this thread anymore. In general, I have emails forwarded from my domain to spamcop, filtered and then forwarded to pull down acct. I login to spam cop, click on the Held Email Tab, scan the flagged emails and flag the ones for reporting, which by now is almost 99.9% spam to be reported and released. The Held email tab only displays 100 emails at a time, at which time you select the ones to be processed and perform an action, then the next set of emails load in. Quick data reports is on, as well as send report to 3rd party and show technical data. As for the spammer, I am not the only one getting these, he has a few other addresses of people [at] Spamcop.net Dil
  11. I have been a spamcop.net users for years now and I really like the filtering, but this new mail host stuff is a PAIN. Starting a few days ago, I login into my spamcop.net account like normal, look at my held messages for something that shouldn't have been caught and then report the remaining spam like normal. All my mail hosts are setup and everything has worked till a few days ago!! Now it seems the spam I am reporting is being sent to my ISP saying I am reporting myself. I now have 4 messages which trace back to my email address. Since I get like 100 to 400 spams a day, reporting each spam as a single report would take hours. So I am guessing someone found a way to fool the spamcop trace. What should I do? Here is one of the spamcop report links... http://www.spamcop.net/sc?id=z617279343z3e...c75008f2b27c85z Thanks, Owen
  12. I reported my held mail as normal last night before bed and when I checked my mail today the message was flaged in my mailbox as I was the spammer and sent the message. So I have a email from my abuse desk asking whats going on. See message below: Return-Path: <NXBLFKYD[at]saini.com> Delivered-To: x Received: (qmail 5084 invoked from network); 20 Aug 2004 21:06:41 -0000 Received: from unknown ( by blade1.cesmail.net with QMQP; 20 Aug 2004 21:06:41 -0000 Received: from emailwest.com ( by mailgate.cesmail.net with SMTP; 20 Aug 2004 21:06:40 -0000 Received: from HOST ([]) by emailwest.com for <x>; Fri, 20 Aug 2004 14:06:32 -0700 X-Message-Info: 1thwpwuk7sbF/wsRlwHChfrOAvbI714Jlf Received: from bloch ( by mrm20.argentina.phenylalanine.childbear.knowhere.ch (InterMail vY. 25-6-2-89-395-88340132) with ESMTP id <43811.AAYHN8349.cf46-mail.brevet.pa.net.cable.rogers.com[at]maximilian> for <x>; Sat, 21 Aug 2004 10:57:13 -0200 Message-ID: <0361________________________________s999[at]agricola> Reply-To: "Harley Rowland" <NXBLFKYD[at]saini.com> From: "Harley Rowland" <NXBLFKYD[at]saini.com> To: <x> Subject: Shipped Right To You Date: Sat, 21 Aug 2004 07:00:13 -0600 MIME-Version: 1.0
  13. In any case thanks much.... Not sure why it broke, maybe my ISP changed something behind my back, but in any case I will man. report the next batch and see if it gets flagged and report back Thanks Much Owen
  14. I deleted all my mail hosts and started over again just to see if it would fix the issue. 1. Since I have never had any problems till 2 days ago that would be the 1st issue, since I didn't touch any of the mailhost settings until now. Thats a issue 2. Since you said it was a mailhost issue I posted it here 3. Since I don't live on this site, I am trying my best to post what is needed since I have been a spamcop.net members for many many years, things have changed over the years and instead of getting back a simple, this is only whats needed or did you try this like most help forums, I didn't expect someone to bite my head off becuase I didn't meet their standard and still not answer my question. The old days we would just write an email, yes the the guy that started the site!! Thanks..
  15. Dilbertic

    Reported spam says I set it Red Flags!!!

    I haven't changed a thing for sometime now with my mail setup. I completed my mailhost setup months ago!! I guess I can run it again and see what happens. As for reporting it as spam, I get about 100 to 400 spams a day and I look down the held mail list for misstakes and then report the spam. Owen
  16. Dilbertic

    Reported spam says I set it Red Flags!!!

    I have no idea if I reported it or not, I might have... I have gotten abuse emails with a link to spamcop, if I respond to the spamcop message it comes into my mailbox, so I am guessing I reported it..... This is the spamcop logic... No idea what is needed to I copied and pasted it... Thanks, Owen Parsing header: 0: Received: from unknown ( by blade2.cesmail.net with QMQP; 21 Aug 2004 03:20:33 -0000 Internal handoff at SpamCop 1: Received: from emailwest.com ( by mailgate.cesmail.net with SMTP; 21 Aug 2004 03:20:33 -0000 Hostname verified: emailwest.com SpamCop received mail from sending system 2: Received: from star-ag.ch ([]) by emailwest.com for <x>; Fri, 20 Aug 2004 20:20:24 -0700 No unique hostname found for source: Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust anything beyond this header Tracking message source: Routing details for [refresh/show] Cached whois for : hostmaster[at]he.net Using best contacts abuse[at]he.net Message is 17 hours old not listed in dnsbl.njabl.org not listed in dnsbl.njabl.org not listed in cbl.abuseat.org not listed in dnsbl.sorbs.net not listed in relays.ordb.org. not listed in query.bondedsender.org not listed in iadb.isipp.com Finding links in message body Parsing HTML part Resolving link obfuscation Tracking link: http://edited [report history] Cannot resolve http://www.worldwidemedstoday.com/?wid=000023 Reports regarding this spam have already been sent: Re: (Administrator of network where email originates) Reportid: 1186940734 To: abuse[at]he.net If reported today, reports would be sent to: Re: (Administrator of network where email originates) abuse[at]he.net Re: (Third party interested in email source)
  17. Dilbertic

    Reported spam says I set it Red Flags!!!

    And another one from my isp abuse desk, spamcop traced it to my machine it says and it's pretty locked down, so the spammers must have found a way to fool spamcop or spamcop is not tracing the headers right: Return-Path: <j_christian_ni[at]terena.nl> Delivered-To: x Received: (qmail 26484 invoked from network); 21 Aug 2004 03:20:33 -0000 Received: from unknown ( by blade2.cesmail.net with QMQP; 21 Aug 2004 03:20:33 -0000 Received: from emailwest.com ( by mailgate.cesmail.net with SMTP; 21 Aug 2004 03:20:33 -0000 Received: from star-ag.ch ([]) by emailwest.com for <x>; Fri, 20 Aug 2004 20:20:24 -0700 Received: from by smtp.terena.nl; Sat, 21 Aug 2004 03:02:06 +0000 Message-ID: <e133______________________0e97[at]star-ag.ch> From: "Jaclyn M. Christian" <j_christian_ni[at]terena.nl> To: x Subject: Buy cheap Pharmaceuticals through us! Date: Sat, 21 Aug 2004 07:01:42 +0400 MIME-Version: 1.0
  18. Hi, I signed my parents up for spamcop since I am a long time user and they started getting a ton of spam. I setup the account Sunday!! The issue I am having is held emails won't release, they report but stay in the held email screen no matter what I do!! I need a sys admin to look at the new account I made for them and see whats going on, since I don't have this issue, I know it's not system wide. thier account is BGWEST at spamcop dot net... Thanks Much Dilbertic PS: They really need to have a email for reporting this type of stuff, the old days I used to get problems or report problems via email and they got addressed pretty fast, now it seems like the machine is getting slow.