Jump to content


Forum Admin
  • Content count

  • Joined

  • Last visited

Everything posted by Wazoo

  1. Some folks have been raising an issue about e-mail submittals not working ... some intermittently, some not at all. It turns out that some ISPs are using an interesting (?) form of the BrightMail filters, scanning the outgoing e-mail from their servers and silently deleting anything that looks like spam ... which of course, most spam submittals to SpamCop would seem to naturally fall into this bucket. Workarounds include the use of webmail for some of these ISPs, for some reason this seems to bypass the outgoing spam check. The use of IMAP with a SpamCop e-mail account, which then allows the drag-and-drop mode to "move" the e-mail between the ISP and the SpamCop server, then report from the SpamCop account. ISPs noted thus far for this "neat" feature; adelphia.net Alice aplus.net Apple Mobileme Bell Sympatico BellSouth Charter ComCast Cox (see Note 1) Hostgator Hughes.net iinet.net.au (ref post 76 58954[/snapback]) Juno NTL/Virgin Media (ref post 78 68747[/snapback]) nuvox.net RoadRunner (see Note 2) Valueweb.net Verizon (see Verizon Residential Support - spam and Outgoing Message FAQs Videotron.ca WOW- WideOpenWest 70072[/snapback] Unfortunately, some other ISP filtering options have come to light which are causing major issues with e-mail spam submittals ... the typical Outlook Express guidance to "forward as attachment" mode results in an e-mail with the attached file(s) with an .eml extension. Due to some viral traffic in the past, there is some filtering software out there that is being placed on the outgoing e-mail servers that makes the decision that certain file extensions are "likely virus traffic" ... some ISPs then configure the system to delete that outgoing e-mail, others allow this filter to do strange stuff, like deleting the attachment, adding in a "viral infection" notification to that e-mail .... result is that if the e-mail does make it out into the world, it is useless as a SpamCop submittal, as the format/content has been totally screwed. This list is going to be harder to develop, as most of these folks don't tell their customers what's actually happening. Troubleshooting/testing: Try to send another e-mail submittal, but this time include an off-ISP account as a CC: (copy to yourself at Yahoo, HotMail, etc.) ... If that copy arrives, then one can rule out the ISP outbound filtering/deleting being at the root cause, and move on to other issues to try to resolve. Note 1: May 8, 2007: A Cox user told me this... "forwarding to Spamcop for reporting is no longer allowed as of 05/03/07. Talking with a Cox representative, they feel this is simply a duplication of their already superior services! I may report suspected errors in their spam filtering to help enhance their system, but from now on things will be done their way only." May 23, 2007: I got the spam to go through to spamcop by also including Cox's spam report address SpamReport[at]cox.net along with with my submit.xxxxxxxx[at]spamcop.net address. Neat huh? From the article on Cox's support site: "If this is an email you think is spam, send it to SpamReport[at]cox.net. If you believe this email is not spam (false-positive), send it to ThisIsNotSpam[at]cox.net. If you believe this email has a virus, send it to VirusReport[at]cox.net." Edited by Miss Betsy Note 2: Added 14 Mar 2008 by Wazoo Per commentary seen at http://forum.spamcop.net/forums/index.php?...ost&p=63182 ..... The RoadRunner postmaster advises me that he has punched a hole in their outbound filters that will allow spam submissions to be delivered when they're addressed to our "submit" and "quick" addresses. - Don D'Minion - SpamCop Admin - Note 3: Added 22 Dec 2012 by Steve T Per commentary seen at "My ISP blocks reports to SC," Alice is added to the list.
  2. Web page Paste-in submittal Log into your GMail account select spam to be reported select "Options" Select "Show Original" Right-click in the new browser window, select "Select All" Right-click in the highlighted text, Select "Copy" Switch to/Open "your" www.spamcop.net page Right-click within the box, select "Paste" Hit the "process spam" button Verify the parser results, make your selections, send your reports. E-Mail submittal At present, it appears to be soooo much easier to configure your GMail account for POP3 access and use your own e-mail client (OE6 makes this and reporting pretty easy) or Login into your GMail account select spam to be reported Select "Options" Select "Show Original" Right-click in the new browser window, select "Select All" Right-click in the highlighted text, Select "Copy" Open up a text editor (NotePad for Windows is fine) Paste the copied data into the editor Save this file, preferably using "Save As:" to somewhere that you can find it again (Windows users - Enclose the file name in quotation marks, type in a file name followed by a period followed by 'eml' .. example ... "test.eml" ... the quote marks prevent the file from being saved as "test.eml.txt" Repeat this for all spam to be reported. Open up a 'new' e-mail, the To: line to be filled in with "your" SpamCop e-mail submit address Select "Add Attachments" Select the (first) spam you saved in the above process. Repeat to attach all the spams saved in the above, remembering the 50k per spam, 100k per e-mail size limits) When done, hit "Send" Your call as to when to delete all those saved spam e-mails on your hard drive, perhaps after you've actually reported them (yes, that's either after you receive the "you have spam to report e-mail" or going to the www.spamcop.net (logged-in) web-site and handling the "Unreported spam" button)
  3. Starting with this posting here in the Lounge (now residing in "FAQ Under Construction") ... will put Pinned entries into the Help and E-Mail Forums pointing to this post ... and as mentioned in another Topic, an IronPort staffer has been given the task of updating the www.spamcop.net FAQ (this one points both there and within "here") so maybe even this effort has been wasted .. but hey, it's a start. Note: the above was provided to explain the Saturday morning hack of moving the hyper-linked original SpamCop FAQ into this single-page entrance point .. Justification #1: some folks got lost when trying to decide which link to follow. Justification #2: original FAQ had been a constant complaint source for being incomplete, obsolete, and hard to use Justification #3: This was only meant to be an interim step, waiting for something else to be offered up. Justification #4: That "something better" still has yet to arrive, and even though this thing has grown to humungous proportions, complaints still appear ... though it's still apparent that a lot of folks have yet to discover what a "FAQ" actually is and the reasons of how and why to use one simply elude some ... For the people that somehow failed to grasp that the additional 5 pages of dialog after this first post was conversational data that occurred throughout the building of this FAQ, originally left in place so that folks could follow some of the development issues, some data entries, get a clue that their input was accepted, on and on .. all that dialog has now been moved to a "new" Topic so that the "confusion" should be eliminated. All that effort is now found at SpamCop FAQ (Forum version) development That said, for those that made it 'here' .... the list begins below ..... Last Revised : 6 May 2011 SpamCop Forum FAQ This FAQ does not address any general SpamCop issues, what it does do is attempt to answer any question that you might have regarding the SpamCop Discussion Forums and is divided into the following sections: <li>Pre-Registration <li>Registration <li>Maintaining & Updating Your Account <li>My Controls & Forum Settings <li>Login & Navigation <li>Troubleshooting & Quick Links/Shortcuts (under construction) <li>Change of Username <li>SpamCop's System & Active Staff User Guide SpamCop Glossary (Updated) SpamCop FAQ .... (FAQ = Frequently Asked Questions) This is a link to the original (once based on a FAQ-o-Matic tool, hyper-linked HTML web-based format. Those FAQ entries are also incorporated into the single-page access page provided below.) <b>Jump To Section Links -></b> <li><a href="#SCPRS">SpamCop Parsing & Reporting Service</a> <li><a href="#FAA">How to "Forward as Attachment"</a> <li><a href="#SCESA">SpamCop Email System & Accounts</a> <li><a href="#SCBL">SpamCop Blocking List Service</a> <li><a href="#GIAS">General Information about SpamCop</a> <li><a href="#HFAD">Help for abuse-desks and administrators</a> <li><a href="#IWSC">Interacting with SpamCop and its users</a> <li><a href="#HWSCR">Help with SpamCop reports and spam in general</a> <li><a href="#GQ">General questions</a> <li><a href="#ASS">Assistance stopping spam</a> <li><a href="#OIH">Other information, help and links</a> <li><a href="#RAS">Recursos anti-spam en español</a> <li><a href="#Credit">Credits & Thanks</a> ht tp://forum.spamcop.net/forums/index.php?act=faq&article=20 Overview of SpamCop Services - - - - currently a broken link due to Forum upgrade - use this next one Overview of SpamCop Services (currently under revision) How does SpamCop reporting work? Why am I Blocked? Forum Post Why Am I Blocked? Probable Causes - Wiki Has your email been blocked? (ISP, Mailing List Admin, Advertiser) SpamCop Blocking List - Am I listed? SenderBase's "Magnitude" Explained Why am I getting all these bounces? Updated! Why does SpamCop want to send a report to my own network administrator? Password Problems? Am I running mailing lists responsibly? Updated! Outlook 2003 REG hack to work around MIME issues Alternate Outlook 2003/XP e-mail submit methods Reporting GMail filtered spam - Tutorial Reporting GMail spam with Thunderbird via an IMAP connection Why Outlook Express Forward doesn't work / Secure E-Mail Handling E-Mail Address Removal, Unsubscription, & Listwashing Yahoo Groups Mail Blocked? Say NO to the Challenge/Response Lunacy Cost of spam Software Development Life Cycle principles for spam Spammer Rules How can I contact a SpamCop representative? How To Ask Questions The Smart Way (language issue, but there really is only one defintion for RTFM) Subscribe/Unsubscribe to the news.spamcop.net Mailing Lists <a name="SCPRS"></a> SpamCop Parsing and Reporting Service What is this? How does it work? How do I use it? SpamCop Report Types SpamCop Analogous to a Credit Reporting Agency? How do I sign up? Rules - everybody read! (recent changes made ... you may need to re-look) -----> On what type of email should I (not) use SpamCop? -----> Reporting of Usenet Posts no longer allowed May 4, 2007 -----> Material changes to spam -------> Material changes to spam - Updated! -----> What if I break the rule(s)? Why was my authorization revoked? What do I need to know to get started reporting spam? Parsing & Reporting spam - decisions, problems How do I get my email program to reveal the full, unmodified email? -----> See also the tutorials in the How to use .... > SpamCop Reporting section How do I configure Mailhosts for SpamCop? -----> Mailhost System Configuration Explanation -----> MailHost Configuration Problems FAQ started -----> Mailhosts Typical Questions A less technical version -----> One version of a Step-by-step MailHost set-up -----> "Sorry, confirmation codes do not match:" - Why? -----> MailHostConfiguration - Wiki Version What is Mole Reporting? What is Quick Reporting? How can I unsend a Report? Member and account management questions - Report-only accounts (Free & Fuel) How do I submit spam via email? -----> Submit address - what is and where to find it Is there a limit on reporting spam? -----> 3,000 per day -----> not older than 48 hours -----> 50k per spam/100k per e-mail in a "multiple spam in a single e-mail" submittal Why did my spam load increase after I started Reporting? How do I set up SpamAssassin to work with SpamCop? How To Get Report History Can I automatically forward spam from my spamtraps? SpamCop Reporting of Viruses is Back! Browser Issues Firefox Cookie Exception for Reporting IE Cookie Exception for Reporting SpamCop has quit working with Netscape 4.x E-mail Submittal Problems / Issues E-Mail spam submittals blocked by your ISP? Updated! Emailed spam Submissions Disappearing? No Confirmation e-mails? Parsing Problems / Issues How Do I Show Full / Technical Details in a Parse? "Header incomplete, aborting." and "No source IP address found, cannot proceed." Causes of "Would send" and "If reported today, reports would be sent to:" messages SpamCop said "No reports filed." What does it mean? SpamCop said ''reports are disabled.'' What does it mean? Steps taken by the parser, general overview The Link Analysis Process SpamCop reporting of spamvertized sites - some philosophy Getting a Tracking URL from a Report ID Insufficient Munging? Spammer 'Remove Lists' How does SpamCop interface with SURBL? How to handle spam sent to Report ID address <a name="FAA"></a>Forward as Attachment Instructions Forwarding "As Attachment" from GroupWise 6.x Forwarding "As Attachment" from HotMail Forwarding "As Attachment" From OE6 Forwarding "As Attachment" From SpamCop Webmail Forwarding "As Attachment" from ThunderBird (multiple e-mails) Forwarding "As Attachment" from Yahoo (U.S.) Forwarding from GMail (Google Mail):contributor Xylella's steps and Xylella's follow-up Forwarding "As Attachment" from Outlook - no longer allowed!! 6 April 2009 -- This official page is currently blank - no content -----> New!! Boilerplate Outlook Information with work arounds October 2009 <a name="SCESA"></a> SpamCop Email System & Accounts What is this SpamCop Mail Service? What is the cost? How do I sign up? How many SpamCop e-mail accounts do I need? --> One is enough --> Maybe I need three or more? How do I sign up for multiple accounts under the family plan? Discounted Additional Account, more detail When does my account expire? How do I renew my account? How do I set up my account? Settings for IMAP New!! SpamCop E-Mail Account Storage Quota / Limit What is VER (Very Easy Reporting)? I can report and trash but not Delete from Held Folder Jeff G.'s Guide to accessing SpamCop email using OE and IMAP Webmail Keyboard Shortcut Reference Card I forgot my Password / can't login / other account problems How I use my SpamCop E-Mail account examples Blocking and Blackhole lists available How To Stop Filtering With The SCBL, for SpamCop Email System Customers FAQ about the Personal Blacklist and Whitelist FAQ about POP'ing out of SpamCop Email System "POP Configuration" Setup FAQ about WebMail FAQ about Webmail: Deleting and Moving Messages WebMail Login problems & General Slowness, First things to check Reporting spam from Webmail FAQ about IMAP IMAP - Deleting E-Mail Does SpamCop offer an SMTP server for sending out email? -----> Beta Test Outgoing SMTP AUTH How to save Sent Mail in SpamCop Webmail FAQ about Filtering and Held Mail FAQ about the personal webmail filters, Client filters within webmail Messages not Filtered - Why? Why does SpamCop release so much spam to me? Jeff G.'s Guide to SpamCop Quick Reporting from a SpamCop E-Mail Account Where are the SpamCop e-mail servers, the SpamCop Forum and SpamCop News servers located? (Atlanta Data Center Maintenance Schedule) Does SpamCop work with AOL/MSN/Hotmail? I want email to go from myaccount[at]myemail.com and back to the same account. Is this possible? I want SpamCop Report traffic to go to one e-mail address, real e-mail to go to another e-mail address When does my account expire? Where can I get further assistance? Why can't I receive any email? Getting Mail From The SpamCop Email System IMP/Horde FAQ <a name="SCBL"></a> SpamCop Blocking List Service How do I configure my mailserver to reject mail based on the blocklist? What is on the list? How can I be de-listed One-time automatic BL De-listing How much does it cost? Is it possible to download the entire blocklist? How can I check if an IP is on the list? If my IP is listed, does it mean I am a spammer or my ISP hosts spammers? Why can't I get to the blocking list from ATT's network? SCBL "will be delisted in 0 hours" (now shown as 'in a short time') explained <a name="GIAS"></a> General Information about SpamCop How can I get help? How can I report a bug? How can I suggest a feature? SpamCop Newsgroups List of active newsgroups What are the rules for posting to the forum? May I create a link to SpamCop from my site? Can I get a copy of the source code for SpamCop? Who is Julian Haight? Why did I get a spam promoting SpamCop? What are some general tips for responding to questions in the forum? Adding items to the FAQ Features and Bugs Use the parser without reference to your mailhosts configuration Non-SpamCop information Make an anonymous donation to support SpamCop Can I advertise on SpamCop? <a name="HFAD"></a> Help for abuse-desks and administrators These are questions commonly asked by Internet Service Providers. Users of SpamCop need not read this (skip on down a few sections), but may find it interesting. You have probably arrived here because of a SpamCop report. Please read the introduction for information about the report you are viewing. Introduction - What is this thing? How does it work? SpamCop Report Types I have been falsely and/or maliciously accused of spamming, what can I do? How can I contact a real person about this? The SpamCop Checkblock page says: "System has sent mail to SpamCop spam traps...." How do I get information about spam trap hits? <a name="IWSC"></a> Interacting with SpamCop and its users: You are mailbombing me! How can I make it stop? How can I get SpamCop reports about my network? --> Additional data on ISP Accounts, Why can't I get more (actual) data? How do I register an abuse[at] email address? How can I get removed from SpamCop's blocking system? Once I close a spammer's account, how can I prevent others reporting it? How can I respond to spam complaints via email? How can I control what type of reports I receive? You've munged the header... How do I get in touch with the person who filed the complaint? <a name="HWSCR"></a> Help with SpamCop reports and spam in general Robots: Mailing lists and autoresponders I didn't originate the spam. My server might have relayed this message. Why report it to me? What does a SpamCop Report look like? Why did SpamCop report this usenet message to me? <a name="GQ"></a> General questions: Who appointed you the "cop" of the internet? Where do you get off? My web site got terminated/threatened because of SpamCop, but I did not send the spam. What's the big idea? Why did SpamCop submit my server to relay-testing sites? What is your opinion of FFA (free for all) pages? How do Deputies respond to appeals? Abuse-queue management tools How many other BLs am I on? <a name="ASS"></a> Assistance stopping spam: I'm receiving spam reports, but my mail server logs don't reflect it. Why? HTTP Proxies (Cisco / Squid / Mailtraq) Formmail Original FAQ ---- Forum Update --> One hack Explained Notes/Domino 6 & 7 Forum : Some sources of information Open Relay Servers Adding BLs to Postfix spam-sending malware But my Exchange 2000 server is secured against relaying! How can I control spam from my network? How can I control unsolicited bounces? SOCKS Proxy Servers Links to help with removing open proxies <a name="OIH"></a> Other information, help and links What other sites should I visit to help learn about, fight, handle spam? OnGuardOnline - practical tips from the federal government and the technology industry CAN-spam Act of 2003 - Bill Number S.877 for the 108th U.S. Congress Abuse.net's introduction to spam: What is it and why is it bad? Elsop's anti-spam page - lots of other links to more information Rick's spam Digest - spam info, mechanics, tools, links Defenses against spam U.S. FTC spam page for the Consumer spam <at> uce.gov replaces uce <at> ftc.gov SamSpade - tools for the unix-deprived and other good info Bestprac.com - A guide for all types of users on how to avoid spamming Outlook & Exchange Solutions Center abuse.net - ISP abuse address clearinghouse Realtime blackhole list - blocking of selected email servers Spamhaus - Lists ISPs who keep organized spamming alive spam Links - Many Resources, Definitions, and Tools The SpamCon Foundation (formerly suespammers.org) The author of this software, Julian Haight Net abuse jargon file - Cues for the acronym challenged Net abuse FAQ - all about spam An organization to fight "street spam" - those unsightly weight loss signs on the highway. What Some Of The Stuff In An Email Header Means Reading Email Headers. Sneakemail is a service that gives you more control over the emails you receive. SpamList is a config file for sendmail which agressively blocks spam. Use with caution. SPEWS is not SpamCop, SpamCop is not SPEWS - Note the spelling Neither is APEWS SpamCop. See http://forum.spamcop.net/forums/index.php?showtopic=13802 SpamWars, a humorous kill-the-spammer browser-based game Monitoring and reporting worm/hacking activity Marjolein's Ban spam page - includes reporting addresses spam Links - spam Reporting Addresses The Crystal Cave - News, Tools, Resources to combat spam Norman De Forest's spam Page How Reverse DNS Works Surf the Internet Safely Outlook & Exchange Solutions Center Inside Outlook Express Anti-Phishing Working Group U.S.DoJ Identity Theft and Fraud Information Follow the Money; or, why does my computer keep getting infested with spyware? Phone number spam World-wide spam spew sources Nigeria - The 419 Coalition Website Suggested Free Security Tools and Apps for Windows <a name="RAS"></a> Recursos anti-spam en español Campaña anti-spam de El Espectador (Uruguay) Información básica acerca del 'spam'<a name="Credit"></a> Credit and thanks Noting that the above link is Julian's credit / contributor list for the stuff found at spamcop.net and JT's newsgroup and e-mail support. What follows is my list of credit for the web-based Forum stuff .... for starters, the contributors to this existing FAQ (not sure I've got a 100% identity list, don't have permission to use real names, and will probably add more items into this FAQ and forget to update this list .. apologies in advance for missing the kudos and correct attributions) ... and just to keep things a bit off-kilter, in reverse alphabetical order; WB8TYW turetzsr (who does request to be known as Steve T) Telarin (Will Russell, MCP) studog StevenUnderwood rconner petzl PeterJ Miss Betsy Mike Easter Merlyn Lukas lcusdtech jongrose Jank1887 Jeff G. Don Wannit dbiel DavidT Borgholio agsteele 29-Mar-2012 9:35 pm Eastern Time, Steve T added FAQ entry "Where are the SpamCop e-mail servers, the SpamCop Forum and SpamCop News servers located?." 16-Jul-2012 1:21 pm Eastern Time, Steve T added FAQ entry "Forwarding from GMail (Google Mail)." 7-May-2013 2:44 pm Eastern Time, Steve T changed "setup" (noun) to "set up" (verb).
  4. Following the years of the ever-growing SpamCop system and user base, watching and being part of the problematic meeting grounds between the techy/geeky folks that deal with computer/network issues as a livelihood and those folks that just got their new computer yesterday .. here's a shot at perhaps answering the oft-requested "SpamCop for Dummies" plea. What we'd like to see here are the step-by-step type walk-through descriptions. Known already is that because Microsoft does not yet own the entire world, there are all those little inconsistencies floating around out there <g> So just a bit of fore-warning, instructions and sequences provided may still not be "your" final solution. Joe may provide the perfect step-by-step sequence that works just fine on Joe's hardware/software mix, but Sheila has changed a few configuration items in her e-mail application that makes Joe's instructions fail at step 7. So we may have to edit Joe's instructions a bit to clarify ... or another step-by-step may have to be written for those that work with the same settings as Sheila. As we all know that geeks don't speak in a normal language <g> ... please take that as a suggestion to go ahead and try to write up and post "your" sequence of actions that work. It might just be the way you explain things that clears up someone else's inability to decode geek talk <g>
  5. So much stuff is in the configuration settings, most of which have not been changed/updated. Only now got to a place where I could check in to see why I was getting all the failure messages from Google about all the dead URLs and systems. And .. only now do I find out what the cause was. Do I guess that stuff other than this "new" install of this IPB Board didn't make the move? Based on the messgae traffic and the unchanged settings seen here, I've got to gues that a lot of stuff is gone or broken. Off to poke around and see what else has happened. A bit later .... ouch. all those years of code manipulation, all gone. Noted that htere is yet one more update to the board software that hasn't been applied. Dropped a PM to RW to ask for some guidance.
  6. Wazoo

    Most users data

    Most users ever online was 509 on Aug 25 2008, 12:34 PM Anyone have a possible reason for that spike?
  7. Extracted from http://forum.spamcop.net/forums/index.php?...indpost&p=27119 From this side of the screen, one knows not all the stuff going on from Julian's perspective, so the following is simple observation / opinion. The SpamCop parsing and reporting tool was developed by Julian for his own purposes. he then offered it up for public usage. The prime concept was to report to the source of the spam with the intent that a caring ISP would resolve the problem. As time went on, more options added, more capabilities added, more functions introduced. In the meantime, some spammers got smarter (the dumb ones giving up after having account after account cancelled by those caring ISPs) These days you've got Julian working his magic, and you've got spammers working individually and collectively trying to defeat the SpamCop tool set. There's now enough money floating around (thanks to the gullible) that even the dumb spammers can now afford to hire knowledgable folks to work the 'net' to their own advantage. (old data, the 'net' was originally built by and for the U.S. Government, thus there was not the concept that looters and thieves would be part of the user base. Thus, the entire network was built based on all users being trusted.) This 'current issue' is just that. Last year it was rotating DNS, the year before that it was .... on and on. Two years ago, it took weeks to get a DNS change propagated. Now, in some case, it's just a matter of minutes. Some spammers are sending spam that includes links that won't actually be activated for hours/days after the spam goes out. Some spam goes out with included links of a site that was squashed days before. Some include links that never were and never will be active. As seen in the numerous complaints about "links not reported" .. a lot of this would be discovered by minimal research. Some research done results in the URL being found active, yet that's done from a system/browser that's designed to allow some lengthy timeout variables, as compared to the parsing tool trying to handle thousands of look-ups a minute. That DNS lookups are just another bit of web traffic that can be denied by a bit of code on a server also seems to be overlooked by some folks (i.e., referrer data can be evaluated, querying IP can be evaluated, and certain items can be ignored/blocked/dropped by that DNS server) ... a bit of 'for instance' ... there's an individual in the newsgroups that makes a repeated complaint that the SpamCop reporting results that send output to a /dev/null (though still feeding the statistics table) account (due to past e-mail bouncing) must be in error, because his e-mail to that address does not bounce ... somehow not relating his use of filtering of his e-mail to an ISP's capability to also filter e-mail coming from a certain address ..??? Getting back to the above, let's go back to the beginning, at which time the focus was to shut down the spew. I don't believe that this focus has changed. The reporting of spamvertized wsb-sites was an additional capability added along the way, but it's still a secondary item of interest. There has never been anything in place to stop someone from reporting things themselves (99%+ of my spam complaints I do myself as I'm much more brutal than the SpamCop parsing/reporting tool), so it's not like the world of complaints has stopped. I can tell you that Julian is working on the codebase, that's almost a constant, but again, it's him against the numerous spammer collective out there. In example, the SpamCopDNSBL has lost a bit of 'power' based on the merging of some spammer / virus/trojan writer activity, compromising the multitudes of end-user computers to send the spew ... spammer just moves to a new compromised machine when the SCBL kicks in. The majority of those IP addresses are already found in other BLs that contain DUL (dial-up IPs) .. but once again, the reports do go out, but to ISPs that either can't, won't, or are very slow to handle the spew issue from their customer base. So the continuing levels of spew from these sources aren't a failure on SpamCop's part ... Well, getting massive here, just hoping to toss some useful thoughts out ...
  8. Wazoo

    Forum Use

    Let's assume you arrived here by following a link to http://forum.spamcop.net/forums/ The first Forum section - Announcements - should be at least glanced at for any new items added. It may be something critical, it may be something of general interest, it may answer the question of the moment .... The other Forum sections are broken out by subject matter. As the need arises, more sections may be added. Any Forum having new content since the last time you visited will be indicated by the icon to the left of the Forum name showing as dark blue (assumption is that you are allowing cookies - see this item under Help) What we'd like to see is that you would select the Forum section most appropriate to your query and/or problem. Clicking on the Forum Title will place you within that Forum, where you will see a listing of the most recent postings from other users. Posting placement is time-sensitive, meaning that the last posted item in any Topic will then move that Topic to the top of this displayed list. (note that as of the time of my typing this in, this Forum is over a year old, and postings from those early days are still present .. but most of these Forum sections default to only displaying the last 30 days of Topics/Discussions. You can read these older posts by changing the values in the drop down boxes seen below the displayed Topic list (at the bottom of the screen) Once within the appropriate Forum, please take the time to see if your subject matter has already been brought up. If so, please click on that Topic Title and read that discussion to see where the issue stands. If not, then you'd want to "Start a New Topic" and post your query, by clicking on the "New Topic" button. 1. Please use a Subject line that offers a clue as to what your query is about (please see the above ... what we are looking for is that the next person in with the same issue will recognize that the same issue has been brought up in your "new Topic") 2. Post your question, describe your problem. In general, for someone on the other side of the screen to try to answer, a number of things might need to be known. In general; a. things like the type of computer/Operating System you are using b. software applications involved, Version numbers might be important c. IP addresses involved, Domain names might be important d. connection mode, dial-up modem or high-speed cable/DSL might be important e. steps taken thus far to troubleshoot/isolate the problem/issue f. did it ever work, did it once work and doesn't today g. is the computer behind a firewall/router/network h. is it "your" computer or a Company controlled item i. Anti-virus/spyware/pop-up blocking/3rd-party toolbars in use might be important j. Do not post a copy of your spam. If reference is needed, please provide a Tracking URL provided by the SpamCop parsing and Reporting Tool. (If needed, see the Glossary, provided as a link from the SpamCop FAQ - links provided at the top of the page and as a Pinned item in each Forum section.) This list could go on forever, of course ... but what's stated here is that a posting that simply says "it's broke" doesn't contain enough data for anyone "here" to make a reasonable guess at where to even start suggesting solutions. 3. You have the option to "preview" the post to see what it looks like or simply "Add Reply" to have it appear to the world. 4. While waiting for someone to respond to your query, you may want to read other on-going discussions. There may be problems you've not seen yet, there may be words there that will explain things that might deal with other issues/problems elsewhere, and the possibly best scenario, you might have the answer to someone else's problem and can make their day a bit brighter. While there are folks on this thing pretty much 24/7, not everyone has the knowldge needed to answer/resolve your situation. The primary mode of support here is peer-to-peer, meaning users helping other users. (please remember this at all times!) Some users are actually owner/admin folks that run their ISP, some users are brand new to this whole computer/internet thing, but 99.9% of all folks here are donating their time, knowledge, and effort on a voluntary basis. (please remember this also!) 5. Upon finding an existing Topic/Discussion that doesn't yet resolve your issue, perhaps you have additional data, or someone has responded in your "New Topic" .. you need to decide how to "Reply" to/ that Topic. a. Add Reply - opens up a box for you to type into. When that post is added, it is placed as the next post in that Discussion (and this Topic then gets moved to the top of the Topic display list, as it has the most recent posting.) b. "Reply - opens up a box for you to type into, but it also includes the contents of the poster that created the posting you are replying to as a "quoted" section. This is usually not needed if you are only typing a small response, especially if your reply is going to be the very next entry in that discussion. IF you are replying to post #7 in a 50-post discussion, you should use the Reply button to quote the item you are actually responding to .. but please, edit the quoted section down to just that which you are responding to. Quoting 10 pounds of text but only adding a "me too" at the bottom of that just makes one look silly. c. +/- Quote - allows one to select multiple posts to respond to in a single "reply" ... editing out of unneeded data is a must if using this button. d. Fast Reply - a feature that enables users to quickly post in a topic without loading the usual Add Reply page. The posting box is minimal with no emoticons or tag buttons. e. Posts are currently limited to 1k in size. HTML is not enabled. Graphics are not allowed. (If needed, host them somewhere else and provide a URL, NOT an img tag, but be aware that some/many members will not view them under any circumstance - following unknown links is unsafe practice and your links are "unknown"). f. 'Spamvertized' and suspect exploit URLs should never be posted as live (clickable) links - mung them if you want to show them for discussion. A neat way to do that is to make the // part of the address italic (using formatting toolbar or BBCode tags), which allows the text to be copied and pasted straight into the browser URL window of any reader brave enough to do so but prevents any SEO, web bug or malicious back-links from the forum. [edit] to expand e. above and to add f.
  9. Wazoo

    [How-to] Post a Question

    Following these guidelines should make it easier for you to get the help you need (and easier for us to help you). Search first It is very likely that your question has already been asked and answered, searching can get you the solution you need faster than waiting for a reply. Also, don't forget to check the Frequently Asked Questions (FAQ) lists! Where to post? The Forum layout should be pretty self-explanatory when it comes where to post your question. Having problems with a bad parse result? Post in the support topic for SpamCop Reporting Help. Setting up your SpamCop filtered e-mail account confusing? Post in the SpamCop Flat-Rate Email Account Setup support forum. Want some feedback on a Blocklist issue? Try the SpamCop Blocklist Help section. There's a How to Use ... Forum, a place to get geeky, even the Lounge For general / other stuff. Your topic title After you've figured out where to post, you need to come up with a good topic title. Selecting an informative topic title will ensure the best results. Here's a common list of topic titles that you SHOULD NOT use. 1. Help needed! 2. Newbie problem 3. Need some assistance 4. Hi, Im stuck! 5. PLEASE HELP! 6. I have a question 7. Very urgent 8. This is too complicated for me 9. PHP expert needed 10. Looking for... Vague topic titles are pretty much useless, they don't provide any information about the actual problem you're having. You should be clear and concise with your title. For example, if you need help with ThunderBird, try Setting up ThunderBird instead of just "How do I...." The question This is the most important part of your topic. If you can not clearly explain what your problem is, you can't expect to get a good solution. Simply posting an error message and asking what is wrong won't do much good. Have you installed new software lately? When did the problem start? Where does it occur? Is it "your" server or your ISP's? What is the IP address of the server involved? Those are all questions you should have answered in your first post. Be sure to provide as many details as possible. The Details If it's a spam in question, do not post the spam here. Use a Tracking URL to offer a link to both the spam and the parse results. That way we're all talking about the same data. If it's a bounce/rejection notification, provide the critical lines of data. The IP address being rejected will be at the root of any research. If it's something to do with data manipulation, copying/pasting, transmittal, identify the tools in question, version numbers and Operating System can be critical to get an appropriate answer.
  10. http://www.spamcop.net/sc?track= Parsing input: Display data: "whois[at]whois.arin.net" (Getting contact from whois.arin.net ) Redirect to apnic: "whois[at]whois.apnic.net" (Getting contact from whois.apnic.net mirror) Display data: whois.apnic.net redirects to krnic Display data: "whois[at]whois.krnic.net" (Getting contact from whois.krnic.net) - not found No reporting addresses found for, using devnull for tracking. http://www.spamcop.net/sc?action=showcmd;c...whois.krnic.net [ Network Information ] IPv4 Address : - (/17) Service Name : JNDINFO Organization Name : JND Communication Organization ID : ORG828317 Address : 1056-11 5F JNDINFO.CO, Gyeonggi-do Gwonseon-dong Zip Code : 441-390 Registration Date : 20100729 [ Admin Contact Information ] Name : jang hyun wook Phone : +82-31-226-9399 E-Mail : comnetjw[at]hanmir.com [ Tech Contact Information ] Name : jung boung woo Phone : +82-31-226-9399 E-Mail : comnetjw[at]hanmir.com [ Network Abuse Contact Information ] Name : kim young-sook Phone : +82-31-221-7722 E-Mail : young55[at]naver.com
  11. Wazoo

    Strange Dell Latitude issue

    What types of connections have you tried in the "away" mode| For example, I seem to recall having issues with WEP when trying to use the pass phrase, but worked fine when I used the hex string. What firewall might you be using, thinking of a setting for "trusted" networks being involved??? For example, I've been forced to notice that some of the defaul settings are different between manufacturers (and even different model numbers from the same vendor) some using 192.168.0.x, other using 192.168.1.x.
  12. Sent a note upstream, asking for something more direct. This would probably fall under the need for an 'engineering request' even further upstream, so even if agreed to, it might take some time to implement.
  13. Wazoo

    Forum spam

    and yet again, still, on and on .... 'spam king' Wallace indicted for Facebook spam Wallace, 43, was indicted in July by a San Jose, Calif., grand jury on three counts of intentional damage to a protected computer and two counts of criminal contempt, according to the U.S. Attorney's Office in the Northern District of California. Wallace allegedly compromised approximately 500,000 Facebook accounts during three separate attacks on the social-networking giant between November 2008 and March 2009. .... Wallace, who was ordered by U.S. District Court Judge Jeremy Fogel in 2009 not to access Facebook, was also charged with violating that order by accessing the social network on an airline flight from Las Vegas to New York in April 2009 and by maintaining an account under the name David Sinful-Saturdays Fredericks for a few weeks earlier this year. ....
  14. Wazoo

    Strange Dell Latitude issue

    Coming in a bit late, maybe you've already got it sorted ... but, the first jump to me (making the assumption that Windows is involved) would be the 'computer/hardware profile' .... the 'undocked' mode disabling the hardware ethernet interface, or possibly simply not recognizing it at all in that mode. Moved the Topic, as per your request.
  15. Is this customer doing DNS-lookups for something other than handling incoming e-mail? The SpamCopDNSBL is "very" dynamic .. nothing like other BLs.
  16. SpamCop Staff Mail-Host Configuration of your Reporting Account
  17. Wazoo

    Hostile java scri_pt

    I know you said that the server was hacked, but ,,,, the 'adding a few lines to all the .js files' seems extremely out of the ordinary. More typical is the action of adding in something like an iframe bit to effect this sort of cross-site-scripting. The quick-check would be something simple like the file-dates of the web-page creation files .... the typical hack of this sort would leave an .html or .php file with the most recent date showing. But, yes, it would depend on the craftiness of the hacker. lthough my immediate reaction would be to get the bad code off-line and replaced with a copy of the 'backed-up good' version, the question of analysis is still valid, I suppose. Again, my first reaction .... hit it with the FireFox add-on tool "firebug" which would allow one to pretty much see the page make-up. You didn't say whether you had anything above user-level access to this server, but even then, the majority of the codebase structure should be available. Of course, the killer question is whether the hack vector has been discovered and closed. The entrance may not have actually been a server-hack, it may boil down to an exploitable application running on the web-server, the more typical problem of something allowed to get into the SQL database that then gets included on the displayed pages that is allowed to progress on exploitable (or trusting) web-bowers.
  18. At the top of this page, check the dropdown menu offered under the link FAQs & Words .... The Glossary hasn't been touched in quite a while as we've tried to move it all over into the Wiki. Please see Why are there so many different account names/passwords needed? SpamCop Reporting Accounts OK, you had a SpamCop e-mail account. It would follow that you have things set-up to log into either webmail.spamcop.net or mailsc.spamcp.net ..... both would be trying to use the credentials of this "paid" account, and trying to connect to the CESMail servers. Pointing your web-browser to www.spamcop.net should allow you to then login using the your non-SpamCop.net e-mail account data (or Register using that address??) as this would use the Cisco/IronPort/SpamCop servers for the Parsing & Reporting System. Can't thiink of that many instances where the MailWasher "Bounce" feature has been mentioned without the pretty much automatic answer being provided. Do NOT use it!! It is a wonder that they still include that function, as it will only serve to get "you" into trouble.
  19. Not sure. The "added headers" needs some kind of definition. At this time, I'm of the thought that OE6 Secure handling of e-mail, Why Forward won't work might be worth a look, even with the assumption that OE6 isn't the e-mail client in question. There is a whole section on "how to ..."" stuff in the single-page-access-expanded version of the SpamCop FAQ and the SpamCop Wiki both found via links at the top of this page.
  20. Moved out of the E-mail System & Accounts Forum section and placed into the Announcements Forum section with this Post, Yeah, I know .. I'm not supposed to do this, but ...???? A Parsing & Reporting System outage tossed into the E-mail System section doesn't seem right.
  21. Wazoo

    Single Email Limit

    Please re-read the 'error' message. There is quite a pile of servers involved in the handling of your incoming. Sending e-mails this huge is simply problenatic, as stated in so many places. For example, a general defaullt of a PHP install these days is a file-size limit of 4-Meg (up from 1-Meg just a few years back) .... It is possible that the actual issue was that a huge (e-mail with an attached) file was received, and during the processing/handling, it hit a server that hasn't had a manual configuration change to bump up some of the defailt limits. So there would have been a "file write" error when trying to save the incoming.
  22. Wazoo

    Apparently I'm spamming myself

    Figure out who/where the alleged "spam filters" are, who set the configuration ... get it changed to tell the truth .... As Derek stated, the SpamCopDNSBL only does IP Addresses.
  23. Wazoo

    Re: SCMaterialChanges

    ???? And the "straight question" was based on what assumptions caused by the lack of detail on what tools were in use and how they were/are manipulated? Why did you jump the track and start talking about "forwarding an e-mail" in your first response .. especially when related to "a web interface?"