Jump to content

db17

Members
  • Content Count

    27
  • Joined

  • Last visited

Community Reputation

0 Neutral

About db17

  • Rank
    Member

Profile Information

  • Gender
    Male
  1. Thanks for the help with this. Had me freaked out for a bit.
  2. Just to be absolutely clear, since this was highly unusual, can I assume from "Black swans do exist" that the e-mail I received was forwarded by SC from the hosting svc?
  3. Hi Lking, Thanks for the reply. "Munged...obscure identifying informaiton" was already selected in Preferences. After all this time, did I finally run into an ethical, conscientious hosting svc? Body of message included "Dear xxxxx@.net" To: my emailaddress <10 digit number @reports.spamcop.net> "thank you for contacting us...." "...our team will get back to you as soon as possible...." and "how am I doing...email my manager at...." So does this look forwarded from SC? Very puzzled since it's a first.
  4. I may have been mistaken, but I thought that abuse was always reported anonymously by SC. If not, I would never use SC, which I have been using for a number of years. Just now, not long after reporting spam to the identified hosting svc, I received an email from them notifying me that they have opened a ticket. This is the first time this has happened. As far as I know, nothing changed in the way I reported the spam. The LAST thing I need is for this hosting svc to have my personal email address. Note to mod: couldn't quite find the right location to post this. Please relocate if necessary.
  5. I would like to make a few points. First, I did not do this "gleefully." Unwittingly, yes, and I will try to explain how that happened as best I can by trying to reconstruct what I was thinking at the time. And, second, although one warning should have been sufficient, there were no "multiple" exhortations, only one. As far as I know, there were no "repeated requests." What I did--and will not do again-- was to paste some of the SC results that appear after processing. They were from the page that shows what look to be three ten digit reference numbers, only the third of which is an actual SC report ID (and which only shows as such after a report has been sent). I did not see that I was posting any spam URls as live links. What I did not realize was that those first two ten digit numbers, which I took to be some kind of SC internal reference numbers, are in fact live links to the spam--live links in just the same way the third perfectly safe one does stay internal to SC. The URLs that appear inside the parenthesis next to the those numbers do not appear, themselves, to be live links (when I hover only on those they do not appear as links), and that was why I left those intact. I only edited one appearance of one of those, an excerpt, from .info to dotinfo, where I thought it was needed--but this does show that I am conscious of not wanting to link to a spammer. Hindsight is 20/20: had I hovered on those first two ten digit numbers and looked at my Firefox Status Bar, I would have seen that they are direct links to the spam site. I'm not excusing myself, but the documentation at SC is scattered all over the place and often very confusing, especially to a beginner here, like myself. At least for me, a lot of using SC is trial and error, because searching for clear jargon-free explanations of things often ends quite fruitlessly. (One example of this was my question about the items in Preferences, which I asked above. Those items are listed in Preferences as if they are current and meaningful, but as it turns out, should just be ignored; my question was arcane and "under-the-hood." Usually ones selected Preferences have some meaningful impact on the way a site will work for one). Quite baffling much of this. I would also point out that, although this was obviously a serious error, I did not murder or dismember anyone. And still getting spammed by eonix.net. There are numerous reports about this, so no idea why it it does not appear to be in the SCBL.
  6. OMG, I was certain I had edited those from .info to dotinfo, so they couldn't be parsed. Deeply regret that. Won't happen again.
  7. Looks like the latest ones may be examples of what we've been talking about. Or it's simply that SC can't find a valid host? Or maybe none of the above. The host for that spamvertised domain (treereadmastkenpdotinfo) resolves to serverhub.com (from 104.140.95.253). http://forum.spamcop.net/forums/topic/14094-serverhubcom/ Plus lots of additional hits https://encrypted.google.com/search?hl=en&output=search&sclient=psy-ab&q=serverhub.com+spam+from&btnG=&oq=&aq=&aqi=&aql=&gs_sm=&gs_upl=&gs_l=&pbx=1 So where does delwyn#tiburonhost.com, which can't be found anywhere, come from? What's going on here?
  8. Thanks for the info Steve. So, do I assume that, if it was recommended to send a silent report (which I understand would only end up at SC), I would somehow be notified of that option before I sent out a regular one to an abusive abuse desk? That is, if an abuse desk was known to SC as being "abusive."
  9. Just came across this in Preferences, and I am a bit puzzled by the following: So, according to this, spammers are able, in theory, to see my email address by way of the tracking codes, even after they've been munged. (Thought Steve dispelled that one, above, so puzzled as to why it's here and just what the implications are). Or does this mean that reports used to be sent with the Tracking Code (is that the same as the Tracking URL?) but no longer are? What is a "silent" report? Is there an option somewhere for that ("we now offer the ability to send reports silently" would imply that there is such an option)? And if abuse[at] reports are not emailed, I assume they are still going out to abuse desks, so by what means do they get to an abuse desk?
  10. Thanks for both replies. It was only a casual remark--didn't really think there was a correlation, but the replies--unexpected--have been quite interesting. Tongue-in-cheek-post alert: I'm beginning to think that, maybe with the help of someone like Brian Krebs, who could search the dark net for all the spam lists for sale, I could just get it over with and offer the spammers some kind of wholesale ransom to guarantee that none of my email addresses will appear on any lists for the next five years. Might work better than any of the reporting I've been doing.
  11. Changing gears a bit. It may only be coincidence, but it seems like the more spam I report, the more I receive. Before I started reporting to SC, I would usually just delete the spam. In order to copy the raw headers I need to open the spam. I am certain there is no other way of getting those headers. Of course, I have remote images disabled in my Mail client, which I would have thought would eliminate web bugs or any other way a spammer could know that I had opened a message. Am I missing something? Is it possible that, even though I have remote images disabled, they are able to see if a message has been opened and from where through some means other than an embedded web bug or anything else from images? And despite my SC reports to their abuse[at], the flurry of spam from servermania continues relentlessly and unabated.
  12. I'm all in favor of getting spammers into the SC database, however, what I need is some more immediate relief. I would have thought that an abuse[at] report from SC might carry some weight, and hopefully get the spammer kicked off a (responsible, ahem) host. Not so? Nothing's going to happen until a host gets blocklisted? And still then maybe nothing?
  13. I not very optimistic that reporting abuse to servermania.com will have any effect. That quote and link, http://www.webhostingtalk.com/showthread.php?t=1252348, was from over a year ago. We'll see.
  14. Short answer to my question. It doesn't work. Just got new spam after blocking badorcluelesshost.com (servermania.com) Already reported, but sent new reports again. This is looking hopeless. Even if that hosting site bans them, which is very much in doubt, they'll just move on to another. http://www.reddit.com/r/webhosting/comments/1s62ma Except for AHBL, they don't appear to be blacklisted by SpamCop, or anyone else, for that matter. http://i58.tinypic.com/2mf0s3l.png
  15. Sorry about that. Not sure how I missed that, but I hadn't seen any live links when I looked through it. I'm usually very conscious of things like that. Re. my setup, I'm not sure you really need to know all that much, or maybe I don't understand what you are asking about my setup. Maybe more what you would need to know is how or in what form email arrives at my email provider, and what my email provider does with that as it's sent on its way--and perhaps you can't know the specifics, but maybe you do know in general terms. The email client on the Mac is Apple Mail, set to connect to my email provider/ISP. Incoming is POP Port 995 SSL and outgoing is SMTP Port 465 SSL. The question really is, if the spammer is hosted at badorcluelesshost.com, will blocking that domain name in the Blocked Senders at the ISP/email provide keep out the spam? I suppose my question arises because I don't know if it arrives at my email provider with badorcluelesshost.com to be seen in some form as a blockable host. I thought that perhaps from the message details I provided, you would be able to know if it arrives that way or not. Boiled down to a general question: can a hosting service--the host of a specific incoming message (incoming to the email provider, that is) at least in principle, be blocked ? I would love to be able to use SC's block list, but I have no way of employing that, as all the email comes in by way of the server at the ISP/email provider, and obviously I can't put anything in front of that. And, as I said, SpamAssassin would do quite nicely on the Mac client, but can't be installed on my wife's iPad, where the identical spam is also being received. I've tried putting badorcluelesshost.com in Blocked Senders at the email provider's end, and I'll see what comes of this (at least until this or another spammer uses a different host), but perhaps now you may have a better idea about the setup, or have a suggestion.
×