Jump to content

RobiBue

Membera
  • Content Count

    175
  • Joined

  • Last visited

Community Reputation

0 Neutral

About RobiBue

  • Rank
    Advanced Member

Recent Profile Visitors

669 profile views
  1. in fact, the whole /19 range is! see http://wq.apnic.net/static/search.html?query=176.56.192.0/19 or actually the RIPE db: (sorry about that, not APNIC) https://apps.db.ripe.net/db-web-ui/#/query?searchtext=176.56.192.0%2F19#resultsSection still shows the same abuse address: Abuse contact info: abuse[at]phe.uk.com inetnum: 176.56.192.0 - 176.56.223.255
  2. currently spamcop parses it as follows: https://www.spamcop.net/sc?action=showroute;ip=176.56.208.244;typecodes=16 apnic has: % Abuse contact for '176.56.208.0 - 176.56.208.255' is 'abuse[at]phe.uk.com' <<---------- please fix to this correct abuse address while Rob.Urry address mentioned in the SC parse is somewhat listed, SC says: rob.urry[at]rapidwaters.net bounces (7 sent : 6 bounces) No good!
  3. That's correct, in your case, the first link is basically just a link parser equivalent, and nothing more, although the report to the telegram . org abuse desk will contain the complete spam for parsing (munged if your settings have it so selected) The next ones are targeting the source of the spam, and will contain the full, yet probably munged, headers and message body. Glad we could help 🙂
  4. @bolandross, have you clicked on [View Recent Reports] and tried yourself? Just curious. Anyway, there are different "forms" of reports the ones not yet filed: as you can see, there's no link and then, filed: depending on how and what you clicked to report the spam, the links provided will vary here, the first few links are just URL parses which point to the owner/administrator/abuse desk of the serving IP address of the spamvertised websites, then you might have a personal link if you request one in [Preferences]. There you can add notes, or see how the spam was parsed (Tracking URL) and then you might have one or more for the spam source ip address, where you can see a) the full spam (depending on your settings with the email address munged) and b) a link to how the spam was parsed (again, Tracking URL) (in the above, ending in 50, I replaced the link with the tracking URL because otherwise you wouldn't be able to see anything)
  5. RobiBue

    ocn.ad.jp spam

    Klappa had two posts. He mentioned you can add a recipient in settings (actually the [Preferences] tab/link) but he didn't mention that it's under Report Handling Options by adding an email address to the Public standard report recipients field. In the 2nd post (the one you quoted) he asked where (about adding a recipient for every report independently), but just recently, we all found out, that you can do that only if you have either a paid account, or fuel added (until it runs out) HTH
  6. RobiBue

    rir-abuse{AT}oath{DOT}com

    sorry, can't say I've noticed, but as Petzl mentioned, a tracking URL might be helpful. Petzl is not a troll, he might just have had a bad day with all the spam in the forum (it goes away after an admin browsed through it, but the TZ between OZ and US difference keeeps the spam visible much longer for him...) anyway, the past reports can be found here when logged in (same as the link/tab [Past Reports]) (p.s. that's TZ for Time Zone, OZ for Down Under, and US for a Colorado/Rockies location or something like that )
  7. I like Idea #2!, especially if everybody is on-board. a) it would convince amazon to clean up their act with spammers and hosting them, b) especially if they start losing legitimate clientele
  8. RobiBue

    re. @devnull.spamcop.net

    Just for clarification: I do not get [User Notification] either. Admittedly, I have not a paid account, and do not have "added fuel" either. And WRT checking the settings, tried both: on and off with no difference.
  9. RobiBue

    No reporting -> Less spam

    I too dislike it when folks sign up on a mailing list and then mark it as spam instead of unsubscribing, but I dislike it even more, when an emailer, after me having unsubscribed from *ALL* their emails, decides that I might still be interested, regardless of my decision. WRT gmail blocking/rejecting legitimate email: I haven't had that encounter yet, or the person that got rejected never got in touch with me about it...
  10. If amazon[dot]com is dev/null'ed, then placing it in the [User_Notification] field wouldn't change anything. It would still dev/null the address. @Lking, question about the "Note". Do I understand this correctly, that you send (apart from sending the spam to SC as "bcc") the spam (as attachment) to the three listed entities? How do you know where to send the spam before parsing it? When I send the spam to SC, it gets parsed and /* then */ I know whom to send it as well... (Color me confused)
  11. RobiBue

    No reporting -> Less spam

    I'm seconding petzl. spam in my gmail inbox/spam folder has also dropped drastically. Currently I'm fighting a spammer that originally wasn't one, but has no idea -- clueless -- what it means when I unsubscribe, and weeks later, they start firing up a daily trivia email campaign... So now they are spamming me, and I have no remorse on telling their host about their newly turned spammer... Just a matter of time now. Either they'll figure it out, or their host will...
  12. RobiBue

    I am getting more spam when I report

    Uhmmm... scri_pt is safe, but I do have 2 confessions to make: Currently I have no access to the pc I wrote the scri_pt on, and The scri_pt is a vba scri_pt for win word where I just dropped the spam in, ran the scri_pt, and attached the resulting text files to an email addressed to my reporting SC address... The scri_pt works roughly as follows: search for an https?:// domain name with regex and replace the numerical path (or ?argument) with the —ID...— line that’s basically the idea. fun to play and test reg(ular) ex(pressions) : https://regex101.com/r/wN6cZ7/478 (already set up for domain names) and SO has a nice answer for the whole URL: https://stackoverflow.com/questions/27745/getting-parts-of-a-url-regex sorry that I can’t be of more help atm... working these answers off a tablet...
  13. RobiBue

    I am getting more spam when I report

    Yeah, unfortunately the spam examples get removed by SC to conserve space (there are so many reports a DB can hold without having to add more HDD...) and when I checked my inbox, the spam from back then had already been deleted as well... but I found examples in my sent folder: I had written a quick and dirty scri_pt, which would replace the numbers after the host name with the text “?—ID-number-<n>-(munged)—“ where <n> is the last digit of the number... and then sent it off to SC for reporting...
  14. RobiBue

    I am getting more spam when I report

    Yep, just like I thought, those sigarpi.com links are some of those tracking links. Hitting them, triggers a scri_pt on their server that “assumes” that you’re interested in their products and they send a spew of their junk to the address linked to the number. At least that’s the way it looks. See here... unfortunately nothing has been done about it Deselect the cloudflare report and you should be ok... I know, it’s not perfect, but you’d get less spam and eventually they’ll die out. Haven’t had one since last October...
  15. RobiBue

    I am getting more spam when I report

    1. welcome to the spamcop forum. We're mainly just SC users trying to help others in the fight against spam. Sometimes we can, sometimes we can't... That said, some spam messages contain URLs which, if triggered, will cause more spam to be sent to you. Sometimes the ISP is "spammer friendly" and provides the spammer with your email address to "listwash" their DB or provides them with the email headers and they extrapolate your address through tracking codes they inserted in the headers. If you have a Tracking URL (see Jeff G's welcoming post) and would provide it, it would be easier to analyze the reasons for your "multiplying spam" problems and find out a way to alleviate it. I used to have similar problems with some spammers and by not reporting the links, only the source of the email, it reduced the spam volume drastically. I also went in manually to report the links to the hosting companies and removing the tracking extension from the report, to prevent anybody from triggering more spam if they accidentally (or purposely) click on the link.
×