cwg

No, it's not picking up the LINKS in the message.

Works about well as a watergun in a firefight. https://www.spamcop.net/sc?id=z6467209537z5ce16d11466090755a84c95202c4d422z

Something weird is going on with the parser right now involving gmail spam, even if I use the outlook/eudora workaround form spamcop is NOT finding links.

But the parser says: Tracking message source: 36.1.75.49: Routing details for 36.1.75.49 [refresh/show] Cached whois for 36.1.75.49 : 089866775500@189.cn Using last resort contacts 089866775500@189.cn Message is 33 hours old 36.1.75.49 listed in cbl.abuseat.org ( 1 ) 36.1.75.49 is an open proxy 36.1.75.49 not listed in accredit.habeas.com 36.1.75.49 not listed in plus.bondedsender.org 36.1.75.49 not listed in iadb.isipp.com

When did level 3 become black hat?

quote spamcop - routeid: 75513855 49.51.0.0 - 49.51.255.255 to: harveyduan@tencent.com Administrator interested in all reports [Note added by 174.2.93.211 (s0106f87b8c43334b.ss.shawcable.net)] Route added without comment quote apnic - Abuse contact for '49.51.0.0 - 49.51.255.255' is 'ipas@cnnic.cn'

Dunno, now its wokking just fine, ...

So I submitted: After about 10 or 15 minutes of "connecting".

Mailchimp (and a few other mass emailers) take abuse of their services very serious.

But spamcop reports to forged-ip@don.spamcop.net ? So computers which use a DOD IP address are immune to being hacked? I gotta get one. (Above is tongue in cheek.)

It was a manual add to a report on a phishing scam using their name and logo so there was no detailing as to the why the address was abuse#capitalone.com[at]devnull.spamcop.net

If you go to their front page, go to the Contact Us page, on the page it says: "Report Suspicious Emails Help us combat fraud... report it to abuse[at]capitalone.com."

Still an ongoing issue.

Great Gasby's, the darn message tells you what to do, can't the parser be taught to change where it's supposed to search?

That one is a bad example, NOW, in regards to parsing lookup. Domain was valid when the messages was submitted. Whether or not the link is valid, parser ought to be detecting the link, then attempting to resolve it, with the report stating it's invalid if it don't get a valid IP from the lookup. It's not doing that.