Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About CraigA

  • Rank
  1. I already have JPEG email information in the "Resume" section of my site, JPEG business card. Guess it didn't occur to him to look there. But yes, I agree reasonably good idea. You never know what people will see. Apparently he kept trying to send it to first.last@last.com when the real address is first@last.com. I considered making mail aliases for all combinations, but decided I have enough trouble with spam, why make spam even easier to deliver by opening up address combinations?
  2. I like that better, nothing is missed, and concise. Any other information or arrays which might be useful to dump when trying to gather information about a slew of unwanted connections? I'm not a PHP expert. I'm thinking for now I'll just write a simple log file with CSV type records of "try-again" attempts which I probably won't look at until the system is experiencing some kind of problem.
  3. So far, the Sesame Street approach has blocked all spam type contacts. This scri_pt shows me some of what can be collected if spam escalates (possible next steps): <?php $indicesServer = array('PHP_SELF', 'argv', 'argc', 'GATEWAY_INTERFACE', 'SERVER_ADDR', 'SERVER_NAME', 'SERVER_SOFTWARE', 'SERVER_PROTOCOL', 'REQUEST_METHOD', 'REQUEST_TIME', 'REQUEST_TIME_FLOAT', 'QUERY_STRING', 'DOCUMENT_ROOT', 'HTTP_ACCEPT', 'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING', 'HTTP_ACCEPT_LANGUAGE', 'HTTP_CONNECTION', 'HTTP_HOST', 'HTTP_REFERER', 'HTTP_USER_AGENT', 'HTTPS', 'REMOTE_ADDR', 'REMOTE_HOST', 'REMOTE_PORT', 'REMOTE_USER', 'REDIRECT_REMOTE_USER', 'SCRIPT_FILENAME', 'SERVER_ADMIN', 'SERVER_PORT', 'SERVER_SIGNATURE', 'PATH_TRANSLATED', 'SCRIPT_NAME', 'REQUEST_URI', 'PHP_AUTH_DIGEST', 'PHP_AUTH_USER', 'PHP_AUTH_PW', 'AUTH_TYPE', 'PATH_INFO', 'ORIG_PATH_INFO') ; echo '<table cellpadding="10">' ; foreach ($indicesServer as $arg) { if (isset($_SERVER[$arg])) { echo '<tr><td>'.$arg.'</td><td>' . $_SERVER[$arg] . '</td></tr>' ; } else { echo '<tr><td>'.$arg.'</td><td>-</td></tr>' ; } } echo '</table>' ; /* That will give you the result of each variable like (if the file is server_indices.php at th e root and Apache Web directory is in E:\web) : PHP_SELF /server_indices.php argv - argc - GATEWAY_INTERFACE CGI/1.1 SERVER_ADDR SERVER_NAME localhost SERVER_SOFTWARE Apache/2.2.22 (Win64) PHP/5.3.13 SERVER_PROTOCOL HTTP/1.1 REQUEST_METHOD GET REQUEST_TIME 1361542579 REQUEST_TIME_FLOAT - QUERY_STRING DOCUMENT_ROOT E:/web/ HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,* / *;q=0.8 HTTP_ACCEPT_CHARSET ISO-8859-1,utf-8;q=0.7,*;q=0.3 HTTP_ACCEPT_ENCODING gzip,deflate,sdch HTTP_ACCEPT_LANGUAGE fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4 HTTP_CONNECTION keep-alive HTTP_HOST localhost HTTP_REFERER http://localhost/ HTTP_USER_AGENT Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko ) Chrome/24.0.1312.57 Safari/537.17 HTTPS - REMOTE_ADDR REMOTE_HOST - REMOTE_PORT 65037 REMOTE_USER - REDIRECT_REMOTE_USER - SCRIPT_FILENAME E:/web/server_indices.php SERVER_ADMIN myemail@personal.us SERVER_PORT 80 SERVER_SIGNATURE PATH_TRANSLATED - SCRIPT_NAME /server_indices.php REQUEST_URI /server_indices.php PHP_AUTH_DIGEST - PHP_AUTH_USER - PHP_AUTH_PW - AUTH_TYPE - PATH_INFO - ORIG_PATH_INFO - */ ?>
  4. Couldn't get "display:none" to work as "Forms" kept filling out the blank, even when hidden. So went with a "Sesame Street" question, which doesn't get filled in by "Forms", and that works. Thanks Lking.
  5. Timely, I'm looking at this in between other time sensitive tasks.
  6. Lking, thank you for your insight into how SpamCop will process the message. petzl, You're right, I'll investigate Captcha next. The "invisible field" and "Invisible reCAPTCHA" options are looking especially attractive (no Google dependency for the first, no human interaction for either). Thanks. With this information I have two choices: Install Capcha. Since I'd rather not lose clients, I'll try to install a Captcha mechanism. Remove the Contact form from my site. I think in the last decade I've only had one actual client use my contact form, mostly because he said he could remember my site, but not my email address. I considered how to modify my contact page to collect and report additional information, like IP information, but then I'd also have to figure out how to tie this into SpamCop's RBL system. I think there are only 2 realistic choices, though I may add code to record connecting IP information as this might be a simple change. Maybe at a later date I can figure out how to tie this IP information into iptables for blocking. I can't let this distract me for too long, so option #2 is still on the table. Thanks guys!
  7. Problem: I'm starting to get 3-5 spam contacts/day through my Contact Form, and this appears to be escalating quickly. So far I've been careful not to report these to SpamCop. But what if I did? Would SpamCop process these in a sane way, or if not (best case) ignore the report, or (worst case) block my own domain? Here is an example of what I see: ==================================== Return-Path: <www-data@myDomain.net> X-Original-To: me@myDomain.net Delivered-To: me@myDomain.net Received: by myMachine.home (Postfix, from userid 33) id D004D226BC5; Mon, 15 Oct 2018 12:03:16 -0700 (PDT) To: me@myDomain.net Subject: Contact from myDomain.net X-PHP-Originating-scri_pt: 1000:contact.php From: "Kozaimgox" <andry.zaims@mailert.ru> Reply-To: "Kozaimgox" <andry.zaims@mailert.ru> X-Mailer: chfeedback.php 2.15.0 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Message-Id: <20181015190316.D004D226BC5@pluto.home> Date: Mon, 15 Oct 2018 12:03:16 -0700 (PDT) This message was sent from: http://www.myDomain.net/contact.html ------------------------------------------------------------ Name of sender: Kozaimgox Email of sender: andry.zaims@mailert.ru ------------------------- COMMENTS ------------------------- Оформить онлайн займ в наше время не составляет трудностей. Оформить ссуду возможно в любое время, главное – иметь доступ к сети. Необходимо сказать, что, если вы желаете получить займ, вам нужно внимательно выбирать сервис, где вы будете оформлять займ. Советуем обращать интерес при выборе компании на разные факторы. На mega-zaimer.ru достаточно много личностей получают займы. Сервис, который может предоставить срочный виртуальный займ – найти не так уж и просто. Достаточно много служб заставляют посетителей предоставлять разные документы, которые могут быть полезны кредитору в том случае, если заемщик пропадет. Однако, на сайте доступны самые лучшие МФО. Они предоставляют онлайн займы без проверок и без отказа. Именно по этой причине они безумно ценятся, а сервис их предлагает. Некоторые МФО выдают виртуальные займы на карту. Вы можете сделать выбор, на какую карту вы желаете взять ссуду. Большинство сервисов предоставляют ссуды на дебитные карты. Некоторые фирмы предоставляют деньги даже на online кошельки. Некоторые из сервисов, которые представлены на mega-zaimer.ru предоставляют шанс взять первый кредит бесплатно. Сейчас подобрать сервис, который предоставляет шанс выбирать релевантные предложения очень тяжело. Последнее время достаточно много фирм, которые предоставляют финансовые услуги, начали предоставлять кредиты на короткий срок. Некоторые из таких сервисов считаются не надежными. Именно для того, чтобы потребители могли брать деньги без проблем вне зависимости от положения, вы можете оформить кредит на карту виртуально без отказа в любое время дня. Сервис пользуется спросом в связи с тем, что он регулярно проводит анализ компаний и специалисты следят за всеми изменениями на рынке. Именно это позволяет создать объективный рейтинг всех сервисов и верных кредиторов. На ресурсе подготовлен список новых МФО 2018 года, где доступны самые крутые МФО. Большинство из компаний предоставляют срочный займ на карту без проверки кредитной истории, что является большим преимуществом в наше время. На <a href=https://mega-zaimer.ru/srochiy-zaimu/>https://mega-zaimer.ru/srochiy-zaimu/</a> вы можете найти компанию, которая будет удобна именно вам. Сайт очень простой и будет интересным для всех пользователей. Необходимо выделить, что на сайте вы выберете МФО по следующим параметрам: сумма займа, срок ссуды, регион, метод получения денег. Большинство людей предпочитают брать виртуальные займы на карту, чтобы распоряжаться финансами. Сейчас любой заемщик может взять займ и ему 100% одобрят его займ. Ведь сервис собрал самых надежных кредиторов, которые являются настоящими профессионалами. Сотрудники сервиса постоянно отслеживают всю информацию по поводу работы МФО. Возможность получить кредит есть даже у тех, у кого ужасная кредитная история. Сервис будет полезным и по той причине, что он предлагает компании, которые предоставляют займы ночью. Не так много МФО выдают займы в ночное время суток. Сегодня выбрать компанию, которая предоставит займ мгновенно без отказов и проверок на кредитку круглосуточно, да еще и ночью – практически невозможно. Но, сервис предлагает каталок МФО, которые могут быть полезны вам. На финансовом портале mega-zaimer.ru клиенты имеют возможность взять займ на карту вне зависимости от направления средств. Вам не нужно будет информировать, как в банковское учреждение, куда будут идти финансы. За вашими транзакциями также не будут следить. Во всех МФО заявки обрабатываются очень быстро. Также стоит отметить, что для постоянных кредиторов функционируют специальные предложения. Сервис также оснащен service desk, которая предоставит ответы на все ваши вопросы при первой же необходимости. ------------------------------------------------------------
  8. Thought I'd follow up... When I started this a month ago I was getting between 300-500 spam messages/day in my Junk folder. Week 1 - Reporting spam I personally filtered to SpamCop dropped my spam to almost zero. I was ecstatic! Week 2 - spam levels returned to almost 300/day. I received a "weird" email, posted here, added Knujon reporting, and persevered. Week 3 - spam levels reduced to about 1/2. Week 4 - For the last 2 days I received 16 and 18 spam messages respectively. This is 1/20th or less what I was receiving. My system rejects email which isn't RFC compliant, checks against 8 different RBL's. And now I report anything which gets through to SpamCop and Knujon. I also added SPF to my DNS setup which got rid of people complaining to me to stop sending them spam (I wasn't, but spammers were using my address in the "From:" field of their spam, SPF appears to have stopped this.). My biggest problem now is PayPal. I went to the Paypal site, unsubscribed from everything and was presented with a web page which said their advertising campaign won't stop for about 30 days. I did my part, asking to be unsubscribed, and figure anything not directly related to my account is more UCE/spam, and I'll report it as such. It is insane to tell a customer they'll keep getting spammed 1-3x/day for another month. If I didn't have to work for a living, I'd be implementing DMARK https://dmarc.org/ right now. As it is, 16-18/day isn't bad compared to the 300-500/day I was getting, and results in 1 months time! I added Thunderbird filters to move [HabuL Plugin] and [SpamCop] email to my SpamCop folder. So other than manually reviewing my Junk folder to separate real email from junk, the rest is now automated and the time I spend each day on spam is greatly reduced, in just one month. Feels like success to me. Back to a much quieter and more productive desk, thanks to SpamCop and Knujon reporting services, and HabuL and Thunderbird automation. I hope my input to SpamCop's RBL is helping to keep other mailboxes cleaner, making SpamCop more effective.
  9. CraigA

    Broken Spamcop Link

    I found a Firefox Add-on called "Pinger" to be effective for finding dead links on my own site. It highlights "Green" for good links, "Red" for dead links. Made it pretty easy to quickly test (and fix) the few pages I have on my site.
  10. Yeah, I guess this isn't world where Pollyanna belief systems survive. So I did more digging to see if I could figure out what is really occurring. I'm sure it won't be long until I don't have time to do this either, but call it a learning experience for now. Thank you for backing up the action I was taking with your experience. The Original spam (I keep copies) is for 1ink sales. How that spam is related to someone at NANOTECH HEALTH LTD is something I can't fathom. [I know, gee, you think?] Also, I signed up for SPAMCOP because I still get 300+ spam's/day after setting my Postfix mail handler up for strict RFC checking and checks against 8 different RBL's. I implemented this after one Thanksgiving receiving 10,000+ spam's to one account in one day. That's an average of one new spam message every 9 seconds, which made email and that email address completely unusable. The "new mail" bell sounded like a gas pump, ding..ding..ding. Filtering reduced this to ~ 300/day, still a lot of time waste sorting through garbage for real business email. My hope is that Spamcop would significantly reduce this number by targeting the smaller batch which evades other filters. My first week of using SPAMCOP dramatically reduced my spam to almost zero, the second week, spam numbers are back up to pre-SPAMCOP reporting levels. What made me decide to try Spamcop is I manually used iptables to block the IP address of machines delivering spam to my inbox. I found these machines rotate about every 8 hours, but once the next batch of 12 spam machines is identified and blocked... gets me another 8 hours of spam free peace. I was hoping Spamcop and it's users were mostly identifying these new machines before I had to, manually. Probably the fact that there is only 12 problem machines at any given time says Spamcop and others like Spamcop are are already doing a pretty effective job. If I had an easy way to run my own RBL and automate a way to populate my personal RBL with these 12 IP addresses, my problem would be mostly solved for my site during each 8 hour window. Of course I'd need the private RBL table to expire IP's after about 3-7 days of blocking. Still learning and looking for solutions.
  11. Any Admins here know what to do with this? I'm pretty careful about signing anything which opens the door to unlimited spamming by organizations and their subsidiaries, so the claim of a "signed contract" is likely bogus. =========================================================================================================================== Hello SpamCop user, For your information, our company provides a platform so that third party companies can perform their own marketing campaigns. Third party companies have their own user databases and they are responsible for sending the marketing campaigns to the users they consider appropriate. We offer them tools and infrastructure so that they can perform the campaing efficiently. We are not responsible of their databases. All our clients have a signed contract that states "All their clients have accepted to receive their marketing campaigns" so if there is any complain you should address that company (this is, the company that has your data in their database). Nevertheless we can provide you the contact details of that company: Company Name: NANOTECH HEALTH LTD Email contact: terry@nanoxynalpha.com -- Please use the link below to review the report in question: https://www.spamcop.net/mcgi?action=showhistory;slice=reportid;val=6656549552