Jump to content

emanmb

Membera
  • Content Count

    146
  • Joined

  • Last visited

Everything posted by emanmb

  1. emanmb

    Just Plain Annoying, SC

    In the video, what you see is me; Open email, right click to get menu for full headers, select all, copy, close window, paste at top of FWD, add addresses, send. Safari and Firefox seem to copy things differently where in Safari I'll get all the links, colors of text etc. to transfer in a copy/paste and FF will give plain text only. The issue with my wrap/cut/paste whatever one calls it occurs with both browsers, in OS X and frankly I don't see much if any difference from what appears in Yahoo's popup window and what I paste. This is the 'new' Yahoo and one can right click to bring up the menu and select full headers. The few spams that make it into my email client can of course be changed to the text encoding or whatever you call it when html is all that can be seen in the email and SC has no probs with that.
  2. Below is a spam I submitted today that was rejected because "IP doesn't do something something". Strange thing is, I re-submitted it just now and it went through and I was able to report it. Was it just a weird fluke thing happening w/spamcop when I reported it earlier? I always strip my email address from these reports since they go to various reporting agencies that might not be as diligent as SC in doing it for me. Also, since there's no way to get the html code in yahoo spam short having it go to my POP inbox (where I can change it to a source view), I add the links since my guess is SC and others cannot read the html if it isn't broken down for them. I'm am wondering, is that is a good or correct thing to do? Eric From stodghillszhernandes[at]hotmail.com Mon Mar 22 06:21:34 2010 X-Apparently-To: via 69.147.85.92; Sun, 21 Mar 2010 23:21:34 -0700 Return-Path: <> X-YahooFilteredBulk: 65.54.190.15 X-YMailISG: 4bTjBugWLDtTTk8NtiQrdDJIKg6hkkPxUlgQA6snN7cQuwP1t0q.cc.1LeIdAgvmnIzC6K8LeeWJAWxk14zkNfBrylsakwzCT6pSiv92srSvA3h1OxmPkfZeaauASwhMIK7yo0HTxABR8apYTGmZlmN6WraN0gExD4Aq.ToEYCAXhqdSChgRbYjknl3r72WaeTBgzPtcGxMLe5U5w0pcUrC0ugLBYlW5FsI3L.4GPOTb1xo3PekR_S64d0XpX9fOxOE6n_LS72l6C0boT5PZbxwyPIFytZPpSda1VBC5jU.7FGSI9jZPy0WsnIfsRUFfd5ce1YMOCGS5.PLpuUFet4qZCPXqpdKPi.o7ta3CG7vaEidp X-Originating-IP: [65.54.190.15] Authentication-Results: mta165.sbc.mail.mud.yahoo.com from=hotmail.com; domainkeys=neutral (no sig); from=hotmail.com; dkim=neutral (no sig) Received: from 207.115.20.16 (EHLO flph257.prodigy.net) (207.115.20.16) by mta165.sbc.mail.mud.yahoo.com with SMTP; Sun, 21 Mar 2010 23:21:34 -0700 X-Originating-IP: [65.54.190.15] Received: from bay0-omc1-s4.bay0.hotmail.com (bay0-omc1-s4.bay0.hotmail.com [65.54.190.15]) by flph257.prodigy.net (8.13.8 inb ipv6 jeff0203/8.13.8) with ESMTP id o2M6Lalu013970 for <>; Sun, 21 Mar 2010 23:21:36 -0700 Received: from bay0-mc3-f5.Bay0.hotmail.com ([65.54.190.61]) by bay0-omc1-s4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 21 Mar 2010 23:21:33 -0700 To: Date: Sun, 21 Mar 2010 23:21:34 -0700 Message-ID: <BAY0-MC3-F54DE763BB8D65F8D434B2C0270[at]phx.gbl> In-Reply-To: <abddda4210031975djbrqp92dvnsc60596ztwgjt5974[at]mail.gmail.com> X-HM-Routing-Path: nDRqPHX0ZSKtMpEsPAWCdmOyHrjXosBLcAOZsCA8a8HacbcDvo3dEvHVwyn5w/lU+Z/ffj3zwiJcni+1TZq1ci1mkQOK471+0r16CCT9XzYtfpOOCNvwlhgzQZttbedFFDSSLktqv0qvAQkrEJfvcj7cXDGbN8CrNx22EgXbl70= Content-Type: text/html; charset="iso-8859-1" From: <stodghillszhernandes[at]hotmail.com> Subject: Vacation reply Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginalArrivalTime: 22 Mar 2010 06:21:33.0793 (UTC) FILETIME=[EB3D9510:01CAC987] Content-Length: 2470 HUGE Discount. MAC & PC. Adobe InCopy CS4 This message contains graphics. To view this email as a web page, click here. HUGE Discount Adobe InCopy CS4. Unsubscribe http://appserver.lasalle.edu.co/salle_prue...mlrpc/index.php http://appserver.lasalle.edu.co/salle_prue...nsubscribe.html Profile http://appserver.lasalle.edu.co/salle_prue...hp#profile.html This email was sent by: Ria 16284 Hutton Dr Ste 599 Dallas, TX, 66649-6036, USA Copyright 2010. Ria Marketing. All Rights Reserved.
  3. emanmb

    What was Wrong w/My Submission?

    Well maybe as I may have been unclear but point taken. Yahoo (ATT) spam filter catches 99.9% of my spam and blocks a lot I'm guessing. That which gets through to my spam folder remains on the server. I right click the spam, get the full headers window, copy, then hit FWD. I then paste the header into the top of the FWD and delete my addy from there. If the links are not spelled out, I will then right click the HTML links, which yahoo doesn't provide the source code of, and click "copy link". I then paste that next to the text the link is embedded in such as CLICK HERE TO GIVE ME YOUR IDENTITY www.i'm a spammer .ru/cn/th/etc. Then I send it. Now the reason I mention this method is because I am curious if this invalidates the report or if it is a poor reporting method. It certainly increases the work I have to do. If it is or does, then what I would have to do is click the "Not spam" button so that it will be sent to my mail client where I can easily and safely convert it to it's source code. If I were to do that, it makes me wonder if it would cause Yahoo to "unlearn" the spam parameters that got the spam into that folder in the first place. Although nowadays (I just realized) I could just drag the spam to the inbox in my browser and perhaps eliminate the risk (if there is one) of Yahoo unlearning what is spam and then it would show up in my email client. Anywho, open to suggestions here.
  4. I've been getting a good deal of spam solely from affinity.com, (according to spamcop) and I'm wondering what kind of business they run, if "legit" and if responsive to spam complaints and so on. It's frustrating, because of yahoo's recent tinkering, I can't FWD the data hidden in images (which I block anyway) so I could help bust the sites that are probably in these emails as well. I did find this article through Google but not anything recent here in SC-ville. hxxp://spamlinks.net/blog/archives/2006_09_01_archive.html Thanks to anyone who has time to answer! Eric
  5. emanmb

    Wondering about affinity.com

    Don't forget the Korean ones! Good ol' certcc.or.kr and kisa.or.kr and the newer one (in my experience) sejongtelecom.net.
  6. emanmb

    Wondering about affinity.com

    Seems via SC reporting, knujon, et al, as well as the source which was Hostway and complaining to them as well as fwd'ing to their abuse address and affinity's is what turned off the flow of spam. It was interesting to see a direct approach finally having an effect. I also found that reverting back to the "classic" version of Yahoo web based email I was able to fwd the html which was hidden in the emails by my Yahoo prefs. This revealed that cooplabs.com was the host for most of the spam sites in the emails. Reporting to abuseATaffinity had no effect which is why I turned to include hostway's abuse address in my reporting. So far it's been a few days since any spam came from them and knock on wood, we won't be seeing any more from them anytime soon!
  7. emanmb

    Wondering about affinity.com

    Thanks guys! I have contacted them via their web site asking to have them look into the problem and contact me with any questions as well as to let me know of the outcome with no response. I pasted several typical spams in the message as proof. I have also included abuse[at]affinity.com in my FWD list for all those spams as well. I may have to look into a more direct way of reaching them. I may have triggered something when ordering some holiday gifts from a site I'd not dealt with before. Eric
  8. emanmb

    Wondering about affinity.com

    Thanks Farelf for all that research! That is very interesting. Yahoo has been very good at filtering spam so no complaints there, but these guys using/abusing affinity sneak their spam through.
  9. Nowadays that Yahoo has screwed up easily reporting spam, I cut and paste the dang headers to fwd to SC. I noticed, and have seen this once before, the most "interesting" header. I've deleted it down to the most interesting part . Email source was warpdrive.net . From: "Mr Mark Lee" <jing[at]mywdo.com> Subject: Date: Sun, 14 Sep 2008 06:22:29 -0400 Message-ID: <web-1298984[at]gamma.mail.uscable.net> MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1;format="flowed" Content-Transfer-Encoding: 8bit Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 1.58 MISSING_HEADERS Missing To: header 0.17 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN) 1.28 MISSING_SUBJECT Missing Subject: header 0.00 TO_CC_NONE No To: or Cc: header 0.00 ADVANCE_FEE_1 Appears to be advance fee fraud (Nigerian 419) 1.00 BSF_SC0_TG076 Custom Rule TG076 Content-Length: 663
  10. emanmb

    Interesting Header

    I hope they haven't been aided here, assuming they can read. I posted elsewhere on SC a while back as to how it was nice that att/yahoo has all but eliminated spam in the inbox or bulk mail folder. (KNOCKING ON WOOD) They lost it for a few weeks and the flood gates were opened for a while, but I complained and mb that actually helped. (haha) Free yahoo, where this odd spam came from, hasn't been as good at it. I get a lot of what I guess can be called 419'ers spam in that inbox and bulk folder on my free yahoo acct. which I use for a lot of email lists I belong to. (good way to get spammed)
  11. emanmb

    Interesting Header

    It is the listing of spam flags in the header that I found interesting. 1.58 MISSING_HEADERS Missing To: header 0.17 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN) 1.28 MISSING_SUBJECT Missing Subject: header 0.00 TO_CC_NONE No To: or Cc: header 0.00 ADVANCE_FEE_1 Appears to be advance fee fraud (Nigerian 419) 1.00 BSF_SC0_TG076 Custom Rule TG076 I am curious where they are generated as the spam made it's way to me. Even though they are there, it went to my Yahoo inbox. We see so many typical headers everyday but this portion of the header catches ones eye even in the hurry to report it. Maybe it's just "meh" as they say, but in the minutia of spam and all that, it stood out.
  12. Ya the right click thingy doesn't work on Mac. I have a free Yahoo which most of the spam lately has been text looking to give me and inheritance/lotto type scam and those are no problem to FWD. There are no links hidden in html or images. It DOES involve viewing the header in a separate window and doing a cut and paste in the FWD. Now my PAID ATT acct. now no longer has FWD as attachment available and that is a very recent change. Fortunately they have a much stronger filter setup there and very little spam gets through to the BULK folder. The free account is not so well filtered. Eric
  13. emanmb

    URL Parsing

    When I first started using SC, terms like parsing and munged made me say to myself, "wtf they talking about?" I remember using my computer's dictionary to try to find the word munged with no luck! OK so I've basically figured out what they mean over the years. To avoid getting my peepee whacked, I've read a few posts re:url parsing and find that it is secondary to SC's dealing with the spam sender. That explains why 25-50% of the time there is no parsing of the url in the spams I FWD and it makes a good point to use knujon for the URL parsing. But for those truly obsessed with doing in the evil-doers, here is a workaround. When your spam report has only this for URL parsing, "Resolving link obfuscation http://Shuttoperte.com/" and has no "reporting spam to", do this. Without reporting this spam, go to the top of the page. Click the "report spam" tab. Paste the offending web site link into the parser. Click process spam. Low and behold! It's a site hosted by the spammer-friendly hostfresh.com! "Parsing input: http://Shuttoperte.com/ Host shuttoperte.com (checking ip) = 58.65.239.122 host 58.65.239.122 = 58-65-239-122.myrdns.com (cached) Routing details for 58.65.239.122 [refresh/show] Cached whois for 58.65.239.122 : abuse[at]hostfresh.com Using abuse net on abuse[at]hostfresh.com abuse net hostfresh.com = abuse[at]hostfresh.com, postmaster[at]hostfresh.com, abuse[at]pccwglobal.com Using best contacts abuse[at]hostfresh.com postmaster[at]hostfresh.com abuse[at]pccwglobal.com" Now, scroll down and click the "report now" link abracadabra, hostfresh.com is now listed in the report where previously it wasn't! Re: http://Shuttoperte.com/ (Administrator of network hosting website referenced in spam) To: abuse[at]hostfresh.com (Notes) To: postmaster[at]hostfresh.com (Notes) To: abuse[at]pccwglobal.com (Notes) Now assuming these bastards at hostfresh.com in hong kong even look at spam complaints, maybe some good will come of this which is the case with any of these spam reports I assume. Now sometimes you get this.. "Resolving link obfuscation http://atchiygmom.com/ Host atchiygmom.com (checking ip) IP not found ; atchiygmom.com discarded as fake. Tracking link: http://atchiygmom.com/ No recent reports, no history available Cannot resolve http://atchiygmom.com/" and the only answer given following the above procedure is... "Parsing input: http://atchiygmom.com/ Host atchiygmom.com (checking ip) IP not found ; atchiygmom.com discarded as fake. Cannot resolve http://atchiygmom.com/ No valid email addresses found, sorry!" Then nothing typically will happen when following the workaround. But in this case, hey look! "Re: http://atchiygmom.com/ (Administrator of network hosting website referenced in spam) To: luyanhe#163.com[at]devnull.spamcop.net (Notes)" Does Luyanhe know that his/her email is bouncing? My hope is though this process/workaround (when I feel like bothering with it) is I am getting better reports out of my extra effort, but believe me, this can only be done when feeling truly obessesed and angry at spammers and spammy sites.
  14. I don't think that was their intent but also in Yahoo's version of New Coke also no longer allows auto-fill of addresses! That is damned annoying as you have to use that silly address book now. Spamcop, knujon, spam[at]uce etc, etc all came up at once with the click of a couple letters before.
  15. The other thing that SUCKS about these changes is there's no more auto-fill for addresses. You have to use their stupid address book to insert addresses now. Grrr e
  16. This doesn't work. I was really hoping though! I was just online yesterday w/their live help and they told me there was no way to FWD as an attachment. Since they'd recently done a fairly good job of blocking spam as noted in my earlier post, all wasn't too bad in Yahoo-land with both the free and paid versions I have. Lately there's been a flurry of ATM, phishing (the kind I HATE the most), lottery and Nigerian bank fund xfer types of spam so I've started to fwd that to the appropriate destinations. Now that Yahoo has made this all the more difficult, THEY get a copy as well (network-abuseATcc.yahoo-inc.com) since I have to cut and paste all that sh_t now. Maybe they'll get the idea? I doubt it but it feels good anyway. Wheeee! Tell that drone, "OI! It's an old feature!" e Moderator Edit: Fixed Quoting
  17. emanmb

    No Spam? WTH?

    Recently I posted on how I had hoped that in several years of reporting to SC, knujon and others I would have helped stem the tide, no tidal wave, of spam I had been getting, despite the fact that SC doesn't claim to be of help in this matter. So a month or so ago when I posted, I was basically giving up fwd'ing my spam from my bulk folders and just hitting delete as reporting was taking up too much time and effort for no benefit to me personally. (I'm selfish that way I guess ) I still report what few spams get through the bulk filter. Now, starting a couple days ago, I found ZERO spams in my bulk folders...NONE! I use ATT who in turn uses Yahoo's email servers. I had noticed a diminishing amount of spam in my free Yahoo account but was still receiving 50+ spams per day for my 2 PAID yahoo accounts (through ATT). So now, I've been getting zero spams for the last 3 or so days in my paid Yahoo accounts. Is anyone else experiencing this or am I just lucky? e
  18. emanmb

    No Spam? WTH?

    Sorry Miss Betsy, didn't mean to malign you as a techy! Just working from memory of some discussion somewhere in the forums that went over my head. As with so many subjects dealing w/technologies of one sort or another, one needs to just read the stuff and sure, a lot will be meaningless but eventually something sinks in OR one has at least has seen the terms in use and at some point it may make sense. I have joined groups like high end scanning groups, large format printing/epson groups just to see what they are talking about and learn what I can since I work in photography and it behooves me to try an absorb some of the terminology. It only takes a few minutes to scan through postings that are relevant to try and expand one's knowledge. I really annoys me when people that I know don't even try to learn more about what they work with everyday, and for some, make money with. Fortunately most of these folks are on Macs so at least their machines aren't being attacked and turned into zombie machines sending out spams or worse. It makes it easy to realize how folks who choose to follow a similar approach and stay uninformed using another platform can create problems for everyone. A short update on my ATT/Yahoo accounts... OK I can't say zero spams a day anymore as Yahoo has probably been tweaking their settings, but now I'll get 2-5 a day per account. At this level I report the spams..just in case it helps things. Eric
  19. emanmb

    No Spam? WTH?

    No eventually I found out the meaning but I don't think it was in common (or otherwise) usage back when I joined...or else I just used my computer's dictionary and came up blank. There's times when you and Miss Betsy can get into some super techy posts that go over my head but then it might be better that way!
  20. emanmb

    No Spam? WTH?

    I forgot to touch on the subject on munging that was mentioned, a word when I first encountered it here, I couldn't find the definition of.... Anyway that is another reason reporting became harder as spammers would have some reference to me or my email addy in the email, the subject or where ever and I had to go in there and strip that out... It grew very old very fast.
  21. emanmb

    No Spam? WTH?

    Sorry for the confusion, but I didn't mean that I see a connection between my lack or reporting and lack of spam. Since between Oct and Feb I reported over 4000 spams and had no improvement in the flow of spam. I looked at my knujon stats and saw that around 2% of the sites I reported were taken down. A lot were back up and I needed to re-report them. It was too much. At that point I gave up, glad at least that Yahoo has a bulk folder that keeps the crap from reaching my email client, yet sad that my efforts had so little effect in terms of my day to day computer life and the internet in general. We'd all like to have some positive effect (unless ones' evil) on this scourge, and for a long time I felt that my reporting was having a positive effect in some way that would trickle down to me eventually. There was no trickle down for all the effort/time exerted, so for me I hit the wall. According to an ATT techy last night, Yahoo has patched "a big hole" which is the only connection I see, and my first assumption was that Yahoo/ATT had done "something". My only worry, as you say, is that too many real emails will be filtered as well.
  22. emanmb

    No Spam? WTH?

    So far only one friend is getting bounced as he is (I think) using Clearwire sending email from his email client using an account that is hosted by his website provider Netfirms. In other words, he's sending 3rd party email thru Clearwire which may get it flagged by Yahoo. I too had noticed in the last few months tons of spam to the point I no longer cared about reporting it. It was just too much.
  23. emanmb

    Preventing Spam or..

    I have 4 important-to-me email addresses. From those 4, since Oct. '07 I have reported over 4000 spams. I'm pretty sure I know why I get the spam I do in most of those email addys. Especially for 2 of them which are on 2 of my websites as an email link in images. It was the only way I could think of to attempt to mask my email address without making it difficult for potential clients to contact me. Obviously it didn't work and they read the HTML. :angry: So 2 of my addresses have been harvested from those 2 sites generating the majority of my spam. 99% of spam goes into the Yahoo bulk mail folder which is a good thing. So I could be happy, I guess, that Yahoo blocks 99% of the spam from reaching my email client. But most of us here I bet, know the feeling when you see 100 spams a day showing up in the bulk folder. You want to go after them, report them, beat them w/sticks, and so forth. Well I did that till last month but reporting all that spam generates carpal tunnel before I've even get any work done not to mention the time involved. I'm tired of reporting and have done it for years, (member since 04) and since the amount of spam going into the bulk folder keeps increasing, I just don't have the time or patience for it. Those spams that get into my inbox get reported still since that amount is so small. From past articles in the forums I've read, my "contribution" of reports to SC is for the greater good and not aimed at specifically preventing me personally from getting spam. I knew that, yet still hoped I might stem the tide of spam flowing into my bulk folder. I still need to have my email address on my sites, despite the fact they are probably the source of most of my spam. I'd like to ask what is the best way to show my email addresses on my web sites without having it harvested? I did a search of the forums for preventing/spam with no luck, so apologies if this has been covered previously. Thanks! Eric
  24. emanmb

    Preventing Spam or..

    Oh! I like that!
  25. emanmb

    Preventing Spam or..

    Thanks guys! These look interesting. One note, my free yahoo acct. (not published on my web sites) is nearly spam free now. I've reported over 1400 spams from that acct. alone since Dec. '07 and it has slowed down to 5 or so a day..(knock on wood it stays that way!) Also the email lists I belong to have FINALLY learned to munge the email addresses in their archives which seems to have had a positive effect.
×