Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About RobiBue

  • Rank
    Advanced Member

Recent Profile Visitors

3,359 profile views
  1. RobiBue

    Anyone getting Gateway Timeout?

    in regard to the 452 #4.3.1 errors: the receiving smtp server is most probably at the end of free disk space here I would say that bounces.spamcop.net has reached its free HDD space (or the allocated space for the mail server) maybe @Richard W or @Lking could put in a word to the server's system admin to run a cleanup job (just a loud thought here 🖖)
  2. RobiBue

    Upgrade this forum to HTTPS please

    The problem is not that the site isn't upgraded to HTTPS. The problem is that the certificate is issued to *.cloudfront.net and that is what needs to be fixed... but I agree! I am browsing the forum with a security exception, which doesn't give me much confidence...
  3. RobiBue

    Why am I blacklisted?

    Hello Perrin, not knowing how you got informed that you are "blacklisted" leaves me at a loss too. If you enter here (spamcop) your email address web address individually -- that is as a single address (one line only) -- you will be able to see if your email/site are blacklisted by spamcop (SC) but somehow I doubt it by your description of the issue. As an example: I added www.spamcop.net in the field and here is the result: https://www.spamcop.net/sc?track=www.spamcop.net under Statistics you can see the status of the website in the block lists. It is possible that your problem does not stem from SC but from an individual provider who claims that the BL (block list) is from SC ... edit: IIRC SC BLs are only active for 24 hours, which means that after 24 hours they should expire if it was ever listed through this anti-spam service. (If I Remember Correctly SpamCop Block Listings)
  4. RobiBue

    Anyone getting Gateway Timeout?

    at 4:30 CDT I get it too: it happens as soon as the [ Send spam Report(s) Now ] button is pressed. Edit: 30 minutes later it worked. No idea what's going on...
  5. RobiBue

    Hivelocity spam Haven?

    while the IP address in the first link isn't in any BL listed in SC, Microsoft/Outlook seem to have a different view: <https://answers.microsoft.com/en-us/msoffice/forum/all/our-emails-being-blocked-for-no-reason-and-your/717fe0e7-a33d-4db3-ae0b-b89f98c1eb5c> I didn't check the other two though...
  6. RobiBue

    Spamcop not x'ing my domain name

    indeed SC does only "x" out the email address... the websites/links stay the way they are for the ISP to verify that the website is used and to remove the abusing domain or website. this is unfortunate in your situation, and believe me, I know... had the same "heplful webdesigners" spam me too (well, maybe not the same...) not much that can be done here...
  7. interesting page... especially the last part: the last link there is so old that it's as outdated as a broken and deceased newsgroup... well, lots of things change in 15-20 years... except spam that is, unfortunately 😞
  8. Hi @SWarner, this is a problem with "private" blocklists e.g. rbl.websitewelcome.com they will list ip addresses, and then redirect you to spamcop, which is not involved in the listing through aforementioned RBL. it happens often, and users who are blocked think that spamcop is to blame. Of course, there can be instances where a customer shares the same address range as a spammer, and ends up as casualty in the spam wars, but here, you are the victim of an independent RBL who has added the IP range you "inhabit" in his/her listing. if you check goggle you will find a myriad of entries regarding that specific RBL, and it's not good. https://www.google.com/search?q=rbl.websitewelcome.com you can also check your mail host here: https://mxtoolbox.com/blacklists.aspx maybe this info will be of help. again, just to clarify: said RBL has no connection to spamcop whatsoever. Good luck
  9. RobiBue

    Anyone receiving emails like this?

    well, looks like both, yours and mine, are hosted by the same Russian spam haven SERVERLUX-NET aka serverlux.ru... ...seems to be a yandex.ru / yandex.net customer... IMNSHO it's the Russian ransomware group phishing for more... just my opinion... I mean no offense to Russians in this forum, nor any offense to yandex/serverlux users, but the hosting companies seem to be very lax when it comes to spammers, scammers, and cyber criminals... seem is the word of choice I am using...
  10. RobiBue

    Anyone receiving emails like this?

    I have been getting spam in Russian lately, but not from transcriby... they are always something about money ... scams IMO... Today, this one: https://www.spamcop.net/sc?id=z6714158319za96a80e7bd03d49067421101abebbddfz oddly enough, if I look at the whois records for % Abuse contact for ' -' is 'noc@serverlux.ru' and sc sez: routeid: 78610752 - to: noc@serverlux.ru Administrator interested in all reports 3/19/2020, 10:53:21 AM -0500 [Note added by (no name)] Route added without comment but: of course, Reports disabled ...
  11. RobiBue

    Unable to report particular spam

    looking at the whole message, it does seem that the spam came from an outlook account, so report_spam[at]hotmail.com seems to be the correct place to report for spam origin. looking at the links in the spam, wix.com is the owner of the web IP address, so abuse[at]wix.com would be the place to report the link. just my 2¢ p.s. if secureserver.net were to remove received lines it would be on them to track the origin of the spam. No MX should be removing received lines, only adding them as they pass through their "sector" to be able to trace the origin correctly. Outlook does have misconfigured mail hosts which break the tracing as the names for inbound vs. outbound are different. (at least that's the way I see it)
  12. Six years ago (we're now 2021) manual routing and reporting addresses were added to Spamcop for ' -' but lots happens even in just one year... Currently SC has the following: https://www.spamcop.net/sc?action=showroute;ip=;typecodes=16 routeid: 74332931 - to: abuse@fibre1.net Administrator interested in all reports 10/9/2015, 10:31:27 AM -0500 [Note added by (s0106586d8fed0f8d.ss.shawcable.net)] Route added without comment besides: Reports disabled for abuse@fastit.net Using abuse#fastit.net@devnull.spamcop.net for statistical tracking. BUT % Abuse contact for ' -' is 'abuse@myloc.de' and remarks: +---------------------------------------------------+ remarks: | Please direct abuse issues ONLY | remarks: | to abuse@myloc.de | remarks: | | remarks: | Complaints to other adresses will be deemed | remarks: | as spam and not further processed! | remarks: +---------------------------------------------------+ the full whois as of today, May 27, 2021 with current data (no fastit.net nor fibre1.net anywhere to be seen although I do believe that a few years ago fastit.net and fibre1.net used to be involved...) $ whois % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to ' -' % Abuse contact for ' -' is 'abuse@myloc.de' <------!!! inetnum: - netname: DE-MYLOC-DUS-20031117 country: DE org: ORG-MMIA3-RIPE admin-c: MOPS-RIPE tech-c: MOPS-RIPE status: ALLOCATED PA mnt-by: MYLOC-MNT mnt-by: RIPE-NCC-HM-MNT created: 2020-11-04T10:31:12Z last-modified: 2020-11-04T10:31:12Z source: RIPE organisation: ORG-MMIA3-RIPE org-name: myLoc managed IT AG country: DE org-type: LIR address: Am Gatherhof 44 address: 40472 address: D▒sseldorf address: GERMANY admin-c: MOPS-RIPE tech-c: MOPS-RIPE abuse-c: MOPS-RIPE mnt-ref: MYLOC-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: MYLOC-MNT created: 2019-10-28T10:48:29Z last-modified: 2021-02-09T10:11:49Z source: RIPE # Filtered remarks: Phone number is 24/7 NOC number with senior engineer on duty for routing/backbone related issues. remarks: This number should NOT be used for customer support nor for requests by public authorities. remarks: Thanks for your understanding. phone: +4921161708110 fax-no: +4921161708111 role: myLoc NOC address: myLoc managed IT AG address: Network Operations & Services address: Am Gatherhof 44 address: 40472 Duesseldorf DE admin-c: PHAN tech-c: PHAN tech-c: DDO tech-c: JOH tech-c: NIL tech-c: PRI nic-hdl: MOPS-RIPE remarks: +---------------------------------------------------+ remarks: | Please direct abuse issues ONLY | remarks: | to abuse@myloc.de | remarks: | | remarks: | Complaints to other adresses will be deemed | remarks: | as spam and not further processed! | remarks: +---------------------------------------------------+ remarks: | Please send legal/law enforcement inquiries to | remarks: | auskunft_AT_myloc.de. | remarks: | | remarks: | PGP-Key ID for auskunft@myloc.de is 0xBB75B2C5 | remarks: | | remarks: | You can send your inquiry also via fax to this | remarks: | number: +49 211 61708 551 | remarks: | | remarks: | For questions on legal/law enforcement use phone | remarks: | number: +49 211 61708 114 | remarks: | | remarks: | Mails to abuse@myloc.de WILL | remarks: | be automatically processed and the customer WILL | remarks: | get a notification about your inquiry. | remarks: +---------------------------------------------------+ remarks: | ONLY In case of routing/peering related issues | remarks: | please contact NOC: | remarks: | | remarks: | 24/7 NOC email: noc@myLoc.de | remarks: | 24/7 NOC phone: +49 211 61708 110 | remarks: +---------------------------------------------------+ abuse-mailbox: abuse@myloc.de mnt-by: MYLOC-MNT created: 2013-02-11T16:38:10Z last-modified: 2021-02-09T19:48:35Z source: RIPE # Filtered % Information related to '' route: descr: myLoc managed IT AG origin: AS24961 mnt-by: MYLOC-MNT created: 2003-11-17T13:44:38Z last-modified: 2017-02-07T16:39:12Z source: RIPE % This query was served by the RIPE Database Query Service version 1.100 (BLAARKOP) Personally, I would suggest disabling the two report routes, and if myLoc managed IT AG requests to place those two reporting addresses back, add a comment to the note(s) of who requested the addition and why. Thank you
  13. for me and for SC it resolves. just paste the link to the parser... it does redirect to a different website though... Edit: now, 12 hours later I got the chance to revisit the issue: <Error> <Code>UserSuspended</Code> <BucketName>d00</BucketName> <RequestId>tx0000000000000348ca477-0060aed878-c814a11-nyc3c</RequestId> <HostId>c814a11-nyc3c-nyc3-zg03</HostId> </Error> digital ocean does seem to act upon reports! It would just be nice if SC would parse bounces regardless...
  14. The problem is not where the spam is coming from. the problem for the OP is that whenever a bounce is detected, the links in the spam do not parse. also, manual reporting is not for everybody, and SC was designed to automate the process, not make it harder. It's a pity that Julian is not involved anymore... I miss him... and if @Richard W can look into this again, it would be fantastic wink wink BTW @EkriirkE I like your interests status it sounds fun to peruse stuff for something it's not meant to be 😄
  15. RobiBue

    Windows Mail in Win 10

    @WindsorFox what email program do you use to submit the spam? I would first try the following: Open the saved email file with notepad and copy/paste the whole content (headers and body) into the https://www.spamcop.net/ online form and see if that causes a problem when you submit it like that. Also, I am not sure if the attached email files have to end in spamfile.eml or if it can be .txt or .whatever (but I would go with .eml) so be sure it has the correct file type. Just as a side note, mine works if I submit it as spam1.eml and I can submit many spam emails attached to the one submission email (of course the number then increases for the file.)