Jump to content

flagginator

Membera
  • Content Count

    115
  • Joined

  • Last visited

Everything posted by flagginator

  1. flagginator

    419 scams

    419 scams = Nigerian email Chain Letter scams, and so forth. I have to report them separately to: 419.fcd [at] usss.treas.gov (munged) My suggestion: Have a CHECKBOX on the parsing results page for "This is a 419 spam scam". That way I can submit from Spamcop interface. Thank you for your consideration.
  2. flagginator

    Spam.

    Every one I have reported has gone to a different ISP. Some to Korea, some to China, Japan, and even a couple to locals like Comcast. It started a few days ago, and I did not report them at first. I only deleted them after hitting them with Spambayes (actually Spambayes caught them all).
  3. flagginator

    Spam.

    define:spam I define spam as unsolicited email. What I don't understand is overposting spammers. Do they really think I'm more likely to buy their manhood stretcher if they send me the same spam fifty times a day? I only have one to stretch, so one offer will suffice. This week it is prescription drugs. They change the subject line, and send it to me fifty times per day: wicked drug/s to keep you going wicked d)rugs to keep you going wicked dru!gs to keep you going wicked dru/gs to keep you going You see a pattern here? So, my mission this week is to report all wicked drugs spam and I hope you do too!! Thanks!!!
  4. flagginator

    Spamcop details:

    1. In the spam reports I notice a lot of things are dev'nulled. Why are they dev'nulled? 2. Some reports go to Spamcop (Level 3). What is a Level 3 report? 3. Why are most China-com spams coming through Sprint? Can we get after Sprint or boycott them? I know they're huge, but they also account for a good chunk of my received spam. 4. Yesterday I got a bunch of spams that reference an "appointment at...". Did anybody else get these? What advantage is there to a spammer sending me a dozen of these that are so similar? How do they make their money? Who's paying them? Can we castrate some of them? PS: For those of you that are spelling challenged as I am I have found http://www.iespell.com to be invaluable in making me look smarter than I really am. /end of rant. /end of questions for today.
  5. flagginator

    Daily spam coming in pairs:

    Well, the Rolex spams have really tapered off. Now, my spammiest spammers are with this subject line: 1. Cheating House Wife Services 2. Heyz Darling I think they're related because they are always grouped in twos (one Heyz... and one Cheating... back-to-back) several times per day. They are using various return addresses (spoofed), various email addresses (spoofed) and various relay servers. Let's shut these guys down! Report, report, report! I know some of you are selective in what you report, so please add these to your reporting list if you are getting them.
  6. flagginator

    Daily spam coming in pairs:

    Another curious thing about Cheating House Wife Services is that the past couple of days they've starting sending ten spams with no text in body then one of their regular spam in text body the one with additional nonsense text appended to their standard body text. When I see patterns like this I start thinking their doing a challenge and response thing: They'll send 10 with no text in body to condition your anti-spam measures to respond a certain way...then they'll slip in their regular spam...and then once you're conditioned they move in for the kill with their extra special spam. I don't know if they're trying to condition us and fool us, or if it's some way to drive their numbers up so they get more per piece from their sponsor (the one paying for the spam). Oh, and I did have a short run of virus spams this week but only about ten total and then it died off. Nothing like the slugfest they put me through earlier this year when it was dozens per day for weeks and months.
  7. flagginator

    Where did this report go?

    http://www.spamcop.net/sc?id=z727316230z5b...58c979659eec2bz
  8. flagginator

    Where did this report go?

    Wazoo: OK I read your post and found it confusing but I think I'm with you. Straight forwarding of emails to spamcop won't be entirely helpful to spamcop.net parser. The preferred way to submit emails is by ATTACHMENT. That way spamcop.net parser gets the whole message and it's in a format where it can parse any headers and/or HTML. Sometimes when I'm unable to forward by attachment, I use an alternative method for submitting HTML emails as follows: 1. Open email. 2. In Outlook click on View --> Options --> Internet Headers --> Right-click --> Select All --> Right-click --> Copy 3. Right-click on blank portion of email body --> View Source. 4. Ctrl+V in View Source notepad to paste email header into View Source notepad. 5. Ctrl+A to select all. 6. Open </>http://www.spamcop.net 7. Paste (ctrl+v) into reporting Window. 8. Report Now. That sends an ACCURATE and helpful copy of the email to spamcop.net
  9. flagginator

    Where did this report go?

    Issue 1: I provided a tracking URL this time so I can finally get an answer. No, I don't have the answer, and you failed again to provide an answer...and I was expecting this reply from you...so you did not disappoint Issue 2: When you look at an HTML email, what's in front of the HTML curtain is not important. Case in point: eBay and PayPal phishing emails. The curtain looks like an official PayPal or eBay communication. But when you look behind the curtain, you see the HTML that is important from a spamming point of view. The way to see the HTML is to VIEW SOURCE. For HTML emails I either forward them by attachment, or I do a View/Options to get the headers, then do a View Source to get the HTML. I paste the header into the view source and then it's ready for submission. This procedure should give a full and accurate rendering for Spamcop.net to parse.
  10. flagginator

    Where did this report go?

    What is Spamcop.net Level 3 reporting? Submission was rendered from a View Source and View Options of an HTML email.
  11. flagginator

    Long delays before confimation message

    Don't wait for the email confirmation and submission email from spamcop.net Instead, go right to your cookies enabled http://www.spamcop.net page and click on the "Report Now" link. Then click on the "Submit" button". Rinse and repeat until the "Report Now" link goes away.
  12. flagginator

    Newbie Q's: Forwarding in OE6

    Rod: 1. Take a chill pill and edit your posts. They're too long 2. Setup your OE to send reply to all emails by attachment. You don't need to look at any headers. Just forward by attachment to your super secret spamcop.net submission email address and you're almost done. 3. Ignore the replies from Spamcop.net 4. Go to http://www.spamcop.net and click on the "Report Now" link, then on the Submit link. Rinse and repeat until there is no longer a "Report Now" link. 5. Open IE (Internet Explorer). Click on Tools --> Internet Options --> Privacy --> Advanced --> Tick Override Automatic Cookie Handling --> Tick Prompt in both places --> OK --> Close --> Apply --> OK --> Close --> Close IE. Now, every time you preview an email with a cookie you will be prompted to accept the cookie. Of course, you will deny the cookie. That way the spammer won't have confirmation that you opened the email. Somehow you are making a mountain out of a molehill. Follow steps one to five and you are set. Don't sweat the rest of it. Also, this assumes you have set up your MAILHOSTS. If not, you are going to bust and annoy your ISP (your mail provider). Now, if you reply to this, please edit for brevity
  13. flagginator

    Here's a long one.

    Tracking URL: http://www.spamcop.net/sc?id=z725554046za5...c5aa055512433ez
  14. flagginator

    how to submit

    Mail hosts FAQ forum: http://forum.spamcop.net/forums/index.php?showforum=7 MailHosts setup: http://www.spamcop.net/mcgi?action=mhedit
  15. flagginator

    how to submit

    1. Forwarding by ATTACHMENT is the preferred way to submit spam to Spamcop.net 2. Be sure to set up your MAILHOSTS BEFORE submitting spam to spamcop or you might end up busting your ISP instead of the spammers. 3. Submitting spam to spamcop does not have an immediate effect on spam received...unless you're only receiving spam from a couple of sources. The fact that you had an immediate effect can not be rationally explained by your submissions to spamcop.net...it's only a coincidence.
  16. For the past couple of months about 5% of my spam has blank TO:, blank SUBJECT, and blank BODY The majority of them are from overseas, but sometimes they're rr.com, aol.com, and so forth. Any ideas what's up with this? Here's a sample tracking # and URL: 1326740863 http://www.spamcop.net/mcgi?action=gettrac...rtid=1326740863 The "BODY" is what comes up when I do a VIEW SOURCE of the email, so the emails are sent HTML, not plain text. Why would a blank email be sent HTML? What are they testing for with these blank emails? Are others getting a fair number of these too? Should I report these as spam? They are annoying.
  17. flagginator

    Blank subject, blank TO:, blank body:

    Then how were un-munged details posted here?
  18. flagginator

    Blank subject, blank TO:, blank body:

    After adding the ;action=display it's revealing my Mailhost(s) and the TO:, and that's not cool.
  19. flagginator

    Blank subject, blank TO:, blank body:

    Now I'm ticked off: SpamCop is supposed to munge the reports. But, by adding ;action=display to a TRACKING URL, you can get the unmunged message. Because of that I'm sorry I ever started this thread. :angry: Now, I'm really going to get spammed. Please delete this entire thread, and please go to the other forum and ask them to delete all references too. Thanks. Sorry to bother you. Here's what my preferences look like, and I clearly stated I want the reports to be munged: >>>> [x] spam Munging [x] Obscure identifying information [ ] Leave spam copies intact [ ] Become a "mole" - Don't even send reports (mostly pointless) SpamCop usually tries to obscure (munge) your email address and other identifying information from spam reports before they are sent. However, some ISPs will not accept this type of report. If you select munging, SpamCop will not send to ISPs which refuse munged reports by default (you will be given a default-off option when using the web-interface). If you select intact spam copies, SpamCop will send all reports unmodified. It has become painfully obvious that spammers are able to identify your email address by using tracking codes - even after SpamCop's attempts to munge them. It has also become plain that even the largest and most well-respected ISPs forward complaints intact to the accused. In response, we now offer the ability to send reports silently. These reports are not emailed and are not available to anyone but SpamCop administrators and will not be shared (except as aggregate counts). <<<<
  20. flagginator

    Blank subject, blank TO:, blank body:

    [Munged by parser] Parse >>>> Return-Path: <RLLZBGCP[at]doramail.comE> Delivered-To: x Received: from cs2416211-226.houston.rr.com (24.162.11.226:4277) by xmailserver.test with [XMail 1.20 ESMTP Server] id <S102D7F> for <x> from <RLLZBGCP[at]doramail.comE>; Thu, 30 Dec 2004 10:44:51 -0500 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"></HEAD> <BODY></BODY></HTML> <<<<
  21. flagginator

    Blank subject, blank TO:, blank body:

    http://www.spamcop.net/sc?id=z707855236z40...bd26589d1233caz
  22. flagginator

    Blank subject, blank TO:, blank body:

    PS: I believe if you go to the Report ID, and click on the Parse link, you'll see virtually all the information that a proper Tracking URL would have provided.
  23. flagginator

    Blank subject, blank TO:, blank body:

    I did not log the Tracking URL before submission. Is there a way to recover the tracking URL after the fact? All I find is the Report ID #. Right, since I don't render HTML the email body looks blank. A plain text email if right-clicked on the body will not show the option of "View Source". However, all these "blank" emails do have the View Source on right-click in body option. So, I assume they're being sent HTML. I'll save a Tracking URL when I get the next batch in. What extra information would be gleaned from providing an actual Tracking URL? My main questions are: 1. Why would anybody spam "blank" emails? 2. Is anybody else getting a significant percentage of these? These blank ones started showing up shortly after the current blizzard of "Rolex Watch" spam variations.
  24. flagginator

    Blank subject, blank TO:, blank body:

    OK, then, it's a REPORT ID#
  25. I've been getting several similar spams lately. They all contain a virus payload, and they all contain the same "Merry Christmas..." message. The email headers are mucked up: >>>> <snip>dkfalOPjfgapajIL:JIo382739043<snip> <<<< What's up with this? Thanks.
×