RadicalDad

As the OP on this thread, which is now over two years old, I'm underwhelmed by the responses. To be clear, I'm appreciative of everyone who has responded, and respectful of the time and intellect expended by those who tried to find a way to make the parser work. However, at the end of the day, it is the Spamcop devs who need to fix this problem, and if they even exist anymore, they are nowhere to be found. They certainly aren't active on this forum. Indeed, it seems the lights were long ago turned off over there. As for the advice to try removing the first Received line, that didn't work. I tried that, and also removing the first 2 Received lines, then the first 3 Received lines, and finally all lines which referenced my email host in any way. That last trick worked, with the parser properly recognizing that Sparkpost was the source of the email. But then Spamcop decided amazonaws was the correct reporting address and all reports for amazonaws are devnulled. Here is a link for anyone who wants to look. https://www.spamcop.net/sc?id=z6549409030zca1b5ca2a3591ef1dad9030579e84550z By the time I find and delete all the references to my mail host's server farm, especially when Spamcop incorrectly redirects the spam report and then devnulls it, I'm better off just complaining directly. Spamcop has become useless. No doubt Julian Haight is crying in his beer.

What I am noticing is that Spamcop doesn't work at all for me anymore. Wondering if all my headers have a break in the chain now so that nothing will ever be usable for Spamcop again. I currently use Outlook 2016 with an Exchange 2016 host. Have others reported this as a problem? I use the "Outlook/Eudora" work-around submission form (well, it used to be called that) via web browser (in answer to the question by C2H5OH). Appreciate you breaking the spammy link. Good idea. As above, the Spamcop parser doesn't seem to catch any of those for me now. Is there any way to fix this? spam filtering by my mail host is very good these days, so I only submit stuff to Spamcop that is extra slimy and got through my filter, in hopes it makes it to the Spamcop RBL and will be blocked for others. If that isn't the way things work, then there probably isn't a reason for me to keep using Spamcop at all.

Thanks everyone. I was thinking someone would put the headers and body through the parser themselves. That is also why I left my original email address intact - thought the parser might need it. (I also thought about munging the address, but that address has been harvested many times by spammers, so I wasn't too worried. Still, removal by Lking is appreciated.) Here is the parser tracking URL: https://www.spamcop.net/sc?id=z6357239923z2f559431f437c6b4b950f1c320499087z The "click here" hyperlink is not retained by Spamcop when using the "view entire message" link from the parser. Failing to process these hyperlinks is a problem in addition to Spamcop always pointing at my mail host as the culprit. The "click here" URL is http;⁄⁄winnermistak,xyz⁄ppdpureoffice99888/index.php?userid=xxx@xxx.com (email address munged). Provided here for reference. I don't suggest anyone click on this.

Sometime about a year ago, I complained on these forums that Spamcop has become all but useless when using Outlook on an Exchange server. The spam report ALWAYS comes back pointing to my own email server, even when a cursory look shows the obvious source of the spam. I've all but stopped reporting on Spamcop for this reason. Someone suggested on that ancient thread that I post a sample for folks to look at. OK, here one is. Note also that Spamcop also misses the bogus hyperlink ("Click here!"), not doing any reporting at all on the bogus web host. Are the light still on here? Message header: Received: from MBX01D-ORD1.mex09.mlsrvr.com (172.29.128.27) by MBX01A-IAD3.mex09.mlsrvr.com (172.29.64.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.544.27 via Mailbox Transport; Wed, 15 Feb 2017 20:56:00 -0500 Received: from MBX05C-ORD1.mex09.mlsrvr.com (172.29.128.24) by MBX01D-ORD1.mex09.mlsrvr.com (172.29.128.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.544.27; Wed, 15 Feb 2017 19:56:00 -0600 Received: from gate.forward.smtp.iad3a.emailsrvr.com (204.232.172.40) by MBX05C-ORD1.mex09.mlsrvr.com (172.29.128.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.544.27 via Frontend Transport; Wed, 15 Feb 2017 19:55:59 -0600 Return-Path: liysc25@nottingham.ac.uk X-spam-Threshold: 95 X-spam-Score: 0 X-spam-Flag: NO X-Virus-Scanned: OK X-MessageSniffer-Scan-Result: 0 X-MessageSniffer-Rules: 0-0-0-13735-c X-CMAE-Scan-Result: 0 X-CNFS-Analysis: v=2.2 cv=QPAqfUDL c=1 sm=1 tr=0 a=wMuiOM+aJX97FqABAv1gmw==:117 a=wMuiOM+aJX97FqABAv1gmw==:17 a=n2v9WMKugxEA:10 a=KXl77lDgDEgIEtoqJYcA:9 a=jMgyydZaAAAA:8 a=TMeMXT5H6L7W2mJr2DcA:9 a=wPNLvfGTeEIA:10 a=zOPv43MEAAAA:8 a=jt-rlJBq7EhYDvrx:21 a=_W_S_7VecoQA:10 a=H_FcBddkztAA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=sRwWbsoZOIyncXQJl99K:22 a=jKBK-nmJ8lQYDYSZPBHD:22 X-Orig-To: XXX X-Originating-Ip: [128.243.43.129] Authentication-Results: smtp27.gate.iad3a.rsapps.net; iprev=pass policy.iprev="128.243.43.129"; spf=pass smtp.mailfrom="liysc25@nottingham.ac.uk" smtp.helo="uidappmx06.nottingham.ac.uk"; dkim=none (message not signed) header.d=none X-Classification-ID: 0fa97262-f3eb-11e6-9265-782bcb33f754-1-1 Received: from [128.243.43.129] ([128.243.43.129:52055] helo=uidappmx06.nottingham.ac.uk) by smtp27.gate.iad3a.rsapps.net (envelope-from <liysc25@nottingham.ac.uk>) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTP id F6/CD-22337-EA605A85; Wed, 15 Feb 2017 20:55:59 -0500 Received: from uidappmx06.nottingham.ac.uk (localhost.localdomain [127.0.0.1]) by localhost (Email Security Appliance) with SMTP id 752592DF798_8A506AEB for <XXX>; Thu, 16 Feb 2017 01:55:58 +0000 (GMT) Received: from smtp4.nottingham.ac.uk (smtp4.nottingham.ac.uk [128.243.220.65]) by uidappmx06.nottingham.ac.uk (Sophos Email Appliance) with ESMTP id 603AD2D2135_8A506AEF for <XXX>; Thu, 16 Feb 2017 01:55:58 +0000 (GMT) Received: from [130.65.254.18] (helo=DESKTOP-55DHA5K.sjsu.edu) by smtp4.nottingham.ac.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.85) (envelope-from <liysc25@nottingham.ac.uk>) id 1ceBFz-0002mF-Az for XXX; Thu, 16 Feb 2017 01:53:16 +0000 Content-Type: multipart/alternative; boundary="===============1385527312==" MIME-Version: 1.0 Subject: A document folder is shared with you! To: <XXX{AT}blk-ink.com> From: " '' Dropbox Support '' " <XXX{AT}dropbox3665.com> Date: Wed, 15 Feb 2017 17:53:12 -0800 Message-ID: <E1ceBFz-0002mF-Az@smtp4.nottingham.ac.uk> Sender: <liysc25@nottingham.ac.uk> X-MS-Exchange-Organization-Network-Message-Id: d19fd38f-f441-4628-3ea4-08d4560ef49e X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXyGDz;1322100;0;This mail has been scanned by Trend Micro ScanMail for Microsoft Exchange; X-MS-Exchange-Organization-SCL: 0 X-MS-Exchange-Organization-AuthSource: MBX05C-ORD1.mex09.mlsrvr.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.0240672 Message body: Hello, Someone shared a folder with you on Dropbox. Click here to view documents. Dropbox Support. Happy sharing! NB: This message is sent to XXX