Jump to content

SpamSpam

Members
  • Content Count

    21
  • Joined

  • Last visited

Everything posted by SpamSpam

  1. SpamSpam

    Internetwide block for spamchimp?

    Grammatically, is it Mailchimp? Otherwise, I don't know spamchimp. abuse@mailchimp.com
  2. Abuse contact for '95.213.150.0 - 95.213.150.255' is abuse at selectel.ru
  3. 91.246.96.0 - 91.246.103.255 is info at ecotelecom.ru
  4. Abuse contact for '96.30.64.0 - 96.30.127.255' is ip-admin at violin.co.th
  5. SpamSpam

    search-apnic-not-arin

    Also regarding 45.249.70.4, I'd submit the report with the network owner unchecked, so that it is counted towards the spamcop-bl.
  6. https://whois.arin.net/rest/net/NET-8-30-201-0-1/pft?s=8.30.201.18
  7. SpamSpam

    search-apnic-not-arin

    45.249.70.4 I suspect is part of multitudes of world computer-network cesspools that isn't worth reporting directly to the network owner (I've done a brief lookup that leads me to believe nothing would be done; or, the computer-network owner or spam operation would do something spammy like move the spamming to another of their spamming IP addresses--snowshoe. SC and Senderbase have the records of the network owner's IP spamminess (network reputation) that I go by and more-so trust than spammers/spam networks). As an of-this-moment-example, the same network owner is spamming from one IP address 48 of 90 days--one day spam, two days spam...48 days spam...
  8. SpamSpam

    search-apnic-not-arin

    1. Does SC query APNIC at all? 2. ARIN isn't showing the APNIC "referral" (APNIC IP address contacts) that valli.org shows (bottom half of the page). http://multirbl.valli.org/whois-lookup/45.249.70.4.html Is there another link on ARIN to see the APNIC referral; valli is pulling/parsing ARIN together with APNIC data somehow? The only link I've seen so far has no referral to the APNIC IP address contact. 3. Vague SC suggestion: Query ARIN, APNIC, etc offline and build an all-inclusive offline, semi-up-to-date ARIN, APNIC, etc database and query it as one database.
  9. https://whois.arin.net/rest/net/NET-63-236-31-128-1/pft?s=63.236.31.130 (63.236.31.128 - 63.236.31.255) https://whois.arin.net/rest/net/NET-63-236-76-0-1/pft?s=63.236.77.35 (63.236.76.0 - 63.236.77.255)
  10. .Abuse contact for 95.213.128.0 - 95.213.255.255 is abuse at selectel.ru
  11. SpamSpam

    Are we losing the battle?

    One IP address example: www.spamcop.net/w3m?action=checkblock&ip=61.144.230.213 "In the past 89.8 days, it has been listed ... for a total of 72.5 days". I'm against sending typical reports to an ISP that hasn't cleaned up an IP address in 72 days.. www.senderbase.org/lookup/ip/?search_string=61.144.230.213 In the last month the IP address has a "spam level" of "critical", sending out "critical" number of spam. I'm against sending typical reports to an ISP that hasn't cleaned up an IP in 30 days and is sending "critical" numbers of spam from that same IP address.
  12. SpamSpam

    Are we losing the battle?

    Network Reputation: Some networks wouldn't be on "my" preferred internet; it's just not individual "dirty" IPs but whole networks that are dirty with corresponding admins that control/maintain a dirty network. I say bolden the dirty label of the dirty networks. Too many people don't know the dirty network ecosystems vs the cleaner networks. Those people that know the "dirtiness" of networks--some network dirtiness instances--take a look at it's public reputation and it's often "clean" and "green". I've been going by the Senderbase.org verbage of 30-day spam period rating of individual IP addresses, "medium", "very high", "critical", blank (no rating) as one indicator of the overall "dirtiness" of how a network want's to maintain a clean/dirty network. Or, take a look at the SpamCop BL for a dirty IP (maintained by the network) that is dirty for more than say 5 days; how many days does a dirty network need before the network itself is culpable? Another effort that trys to keep track of network reputations is sitevet.com/hosts / hostExploit. I'd like to see more use of send the report to "clean" caretakers / abuse#isp.net[at]admin.spamcop.net (these reports get forward to secret addresses specificly set up to handle SpamCop reports) and more indication on the SpamCop submission page of "dirty" networks that aren't even worth the time to submit a report directly to the dirty network (instead sending the report to clean caretakers).
  13. SpamSpam

    Using the SpamCop Blacklist at the desktop

    Thanks lisati. I read the FAQ upon your mention.
  14. Multi-part question: 1. Why is it worthwhile to a SpamCop user to submit reports of already SpamCop-blacklisted IP addresses? Examples of what the SCBL may show about an IP address, "Causes of listing > SpamCop users have reported system as a source of spam about 10 times in the past week", why is me reporting it one more time going to change me getting spam when it's already blacklisted and one more report does nothing to curtail persistant spamming IP networks? I've seen up to "70 times"; how many reports of spamming are needed, rhetorical? I consider it pointless to me as a spam recipient to submit a report to certain networks that do nothing to overall diminish their spamming? "Listing History > ...it has been listed ... a total of 67 days". Me reporting it one more time is very unlikely to change the spam from this spamming IP address [i have my own Idea of what a spamming network is and me reporting to such a network operator does nothing nothing to overall diminish their spamming). Right now, it seems pointless to me to display such stats to SpamCop reporters. These numbers give no context of what a number of spam reports and number of spamming days is categorized as (is 7 days of spamming "high"? Is 14 days high? Is 67 days high? Or, is 67 days or 70 SpamCop user reports a "critical" amount--Senderbase uses the verbage of 30-day period of "medium", "very high", or "critical" rating)? 2. As a followup, and what I've been investigating to perhaps only report not-already-SpamCop-blacklisted IP addresses is: Is there a way to run the SC Blacklist through a filter in a desktop (non-mailserver) implementation of Thunderbird? The closest I've found so far is: 1. SpamPal; which supposedly requires additional software for use with web-based email accounts (I tried SpamPal and couldn't get it to filter my web-based email; but didn't try installing the supposedly required additional software to get it to work with "non-standards-based" web-based accounts); 2. SpamAssassin for Windows (which didn't install on my medium-old version of Windows; and, I don't wish to keep installing tons of additional scripting and Windows packs to get it to work on my production desktop.
  15. SpamSpam

    Using the SpamCop Blacklist at the desktop

    Do "bad" networks always get treated the exact same way as "good" networks? Meaning a bad network may reset the 24-hour clock for the next century every few days? I suppose the added reports count towards devnull reports too that I read up on some today for the first time. (I've actually been a member of SC since perhaps 2000 - 2005, or whatever year it was. Having lots of nuances to SC and SC spam-reporting it's difficult to know all the aspects of SC). Guess my point is, that with the "bad" networks that consistantly spew "very high" and "critical" numbers of spams, as Senderbase puts it, that it seems SpamCop treats "bad" networks too nicely by resetting a 24-hour clock when the network as a whole has "very high" or "critical" numbers of spams for days, reported up to a month by Senderbase for the exact IP address(es). At least for particular 30-day high spam sending IP addresses, they could care less--as the spewing continues for commonly days. Where's my days- or months-long clock for "bad" networks that spew for days or more than a month, rhetorical?
  16. SpamSpam

    Using the SpamCop Blacklist at the desktop

    Thanks for the reply petzl.
  17. SpamSpam

    SpamCop and Thunderbord plug in

    Old versioning info for what it's worth: Testing on TB 3.0--beta 3, if that makes a difference--the Hubul versions for TB 3 are mislabeled. I only found Hubul 1.14.0 to work with TB 3.0. Hubul 1.18, 1.20, 1.21 are mislabeled to be compatable with TB 3.
  18. klappa, by nomenclature I'm meaning make the part of the email address before the [at] sort of a password, one not as easy to guess. For example, random two or three words. From what I'd seen the current CA Pharmacy spam is routed from mostly different networks every time.
  19. SpamSpam

    SpamCop and Thunderbord plug in

    What about reposting HabuL 1.14.0, then?
  20. SpamSpam

    SpamCop and Thunderbord plug in

    Couldn't the Habul v1.20.0 be re-uploaded to sourceforge, even if under a different page with credits and reference to the other page? (Even add a hash of the file for verification).
  21. I'm curious what email provider(s) you use. I have one Yahoo account which is notorous for accepting all Canadian Pharmacy spam. I've been reporting the Canadian Pharmacy spams for a few months and the amount hasn't decreased. Experience-wise: I have a couple of Yahoo.com email accounts and accounts with other email providers, that never get Canadian Pharmacy spam, and next to never receive spam. Recommendation: Create another email account and/or use another email provider (I don't recommend Yahoo's free email account spam control, if you happen to get spam). Also, when creating a new account, I tend to use nomenclature that is very uncommon before the "[at]" of the email address. This is all a drastic, quick solution (compared to reporting spams for months which never diminish).
×