[Windows Mail in Win 10]

I believe the OP has the same issue as the poster from this thread:

except that OP is the one submitting the spam, and not someone else....

at least that's how I understand the problem. (please correct me if I'm wrong)

[How does Google keep allowing aronu01mbaonu@gmail.com to scam people?]

1 hour ago, LaserMoon said:

If you do a Google search for "[xyz-account][ at ]gmail.com" you will see it was reported on blacklists almost a year ago.

It's still sending scam emails now, and the originating server is actually Google.

So what's going on, is Google that bad with detecting who uses their services to send "African scam" emails?

With the ability to create a gmail account on the fly, some scammers like to pursue that avenue, although often, Google shuts them down fairly quickly.

Not having a Tracking URL to check, I will take your word for it that it is sent through google. It is possible that the account has been hacked and keeps on getting hacked and used by the scammer. On the other hand, I am open to the possibility of it being a completely new account, but inserting the original scammer address just for display, but with a different underlying email address.

As I said, not having a Tracking URL makes it harder to follow and making up assumptions doesn't really help either. With that bit, I close

[Abuse report for www.nationalsurveysonline.com is abuse@moniker.com]

here are two things to be considered:

1. you have a domain name which is owned by/ or through a registrar.
   This registrar might be just that, a registrar and sells/rents the domain names to someone without caring what they do with it, or does care but can't really do much about it anyway.
   You also have to think about the entry in the registry, which can be the spammer itself, at least with a domain name I would be weary...
    
2. the domain's web address (in your case www.nationalsurveysonline.com) resolves to an IP address which is currently hosting that said web address.
   Whoever is hosting it, is the one who actually can do something (like blocking or suspending the website hosting) and the website would need to find a new parking space...
   I don't know if my layman's analogy works explaining it, but I hope you get the gist of it...
   Currently, the aforementioned website is in fact hosted by Hivelocity Corp. a German company headquartered in Frankfurt am Main, and their abuse address is in fact abuse@hivelocity.net

[...]
NetRange:       66.206.3.0 - 66.206.3.255
CIDR:           66.206.3.0/24
NetName:        66-206-3-0-24
NetHandle:      NET-66-206-3-0-1
Parent:         NOC4H (NET-66-206-0-0-1)
NetType:        Reassigned
OriginAS:       AS29802
Customer:       Hivelocity Corp (C07556605)
RegDate:        2020-05-26
Updated:        2020-05-26
Comment:        For abuse issues please contact abuse@hivelocity.net
Ref:            https://rdap.arin.net/registry/ip/66.206.3.0


CustName:       Hivelocity Corp
Address:        Hanauer Landstrabe 322
Address:        60314 Frankfurt am Main
City:           Frankfurt
StateProv:
PostalCode:     60314
Country:        DE
RegDate:        2020-05-26
Updated:        2020-05-26
Ref:            https://rdap.arin.net/registry/entity/C07556605

OrgAbuseHandle: HNAA-ARIN
OrgAbuseName:   HIvelocity Network Abuse Administrator
OrgAbusePhone:  +1-888-869-4678
OrgAbuseEmail:  abuse@hivelocity.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/HNAA-ARIN
[...]

complaining to the registrar won't do anything. (or usually doesn't) at least I haven't been successful on removing domain names like that.

[Android email apps that allow forwarding spam as attachment]

@jprogram unfortunately gmail doesn't have that option on apps, neither for phones nor tablets, just like you said.

Even through a web browser, gmail has removed the possibility to forward as attachment.

There are certainly 3rd party mail programs that can do that, outlook being one of them, and I think thunderbird has that option as well.

Back a while ago I wrote a program in apps scri_pt in which I can report all spam in my spam folder to spamcop, but again, apps scri_pt only works on computers, not phones or tablets.

I am sorry to be the bearer of bad news, although maybe someone knows of something that works on phones.

 

[Yes My Internet provider has been down for 32 hours.]

19 hours ago, Lking said:

Thank you @RobiBue Any confusion may be my fault. My OP was an observation about the VNC I use to remotely access a Raspberry Pi [...]

No confusion (at least to me) as I understand exactly how those connectivity and security issues work 😋

I just wanted to clarify it because after your OP, another post about VPN followed up, and that is where I thought a clarification is/was needed.

Of course the problem is that as a private user with the "free" RealVCN version you can only use "Cloud Connect" which, as you mentioned, requires internet connectivity.

I hope your internet woes end soon and stability returns to the internet in the snow-capped mountain region

Getting cut off from "civilization" (if you can call this like that) in different ways -- once during winter and then again through internet connectivity -- can get trying if it happens too often... or worse, at the same time...

I wish you and yours all the best

[Yes My Internet provider has been down for 32 hours.]

ok, just to clarify:

VNC is Virtual Network Computing, which allows you to use another computer or system like "remote access", so you're basically running another system on the computer you are using. Just about any SBC (single board computer) e.g. Raspberry Pi or Arduino Mega are perfect examples thereof. You can attach keyboard and monitor to them, but using VNC is more efficient IMNSHO.

VPN, on the other hand, is Virtual Private network, which encrypts the information you are sending over the ether (my choice of word for the WWW) from the device you are using to the VPN server that you are accessing to then continue over the web.

They are two different beasts, and often VNC is run over a VPN connection.

Lking's "translation" is absolutely on point 🙂. The same can be said with VPN as 'Your internet traffic through someone else's server' where that server usually knows the data you are sending and can read it, but every system in between sees only garbled data.

Interestingly, you can install openVPN on RPi and connect from basically anywhere in the world to your home over VPN and then continue your connections from there although currently I'm not sure if you can access it with VNC at the same time... haven't tried that one out yet.... (lack of time)

[Yes My Internet provider has been down for 32 hours.]

20 hours ago, Lking said:

Discovered that RealVNC [...] requires an operational internet to function.

That statement alone sends shivers down my spine... now I worry what information I might have been sending through the "ether" (even though hopefully encrypted) and who is getting that information... or who could access my devices without my knowledge...

[Yes My Internet provider has been down for 32 hours.]

to be honest, "brief periods" to me can also mean several hours to even days as a "brief period" is not defined. I know, days is probably out of the question, but still, several hours until a satellite appears... could be a problem, and then, satellite outages happen, and solar storms will affect those even more and be able to knock them out temporarily or even permanently...

but I know what you mean

 

[Yes My Internet provider has been down for 32 hours.]

2 hours ago, KNERD said:

No need to fear

https://www.starlink.com/

yeah, but:

Quote

During beta, users can expect to see data speeds vary from 50Mb/s to 150Mb/s and latency from 20ms to 40ms in most locations over the next several months as we enhance the Starlink system. There will also be brief periods of no connectivity at all.

 

[abuse@gtt.net for IP 67.200.116.254, NOT abuse@brookstonenetworks.com]

I'm not sure what you saw, but sc clearly gets abuse at gtt dot net and not brookstonenetworks... 🤔

 

[Unable to forward spam]

are you attaching the spam message or sending it inline? it is imperative that you sent the original spam as an attachment.

[20.90.82.75 - "Using rdns to route to correct Microsoft department" but reports go to spammer]

just want to say that the address it "would" report to is dead (does not exist)

you'd get a bounce.

see: https://www.spamcop.net/sc?track=postmaster%40confiraseusdescontosepontos.com

 

Parsing input: postmaster@confiraseusdescontosepontos.com

Cannot find an MX for confiraseusdescontosepontos.com
Host confiraseusdescontosepontos.com (checking ip) IP not found ; confiraseusdescontosepontos.com discarded as fake.
No mail exchanger. Email to this address would bounce.
Cannot resolve postmaster@confiraseusdescontosepontos.com
No valid email addresses found, sorry!

 

[Yes My Internet provider has been down for 32 hours.]

On 3/30/2021 at 12:35 PM, Lking said:

... They ripped the cable off of 5 poles before figuring out what that funny sound was.

somehow this story reminds me of a peculiar bridge aka "can opener" aka (former) 11' 8" bridge (nor raised to 12' 4" yet still not enough)

(can be found on YT )

glad you're back  and that it got sorted out 😁

[Yes My Internet provider has been down for 32 hours.]

I hope it'll get sorted out soon!

[interestingly spam in my inbox has slowed down considerably!]

On 3/15/2021 at 6:15 AM, gnarlymarley said:

Don't worry.  One of my oldest email accounts had stopped receiving lots of spam years ago and now is back to receiving about four spams a day again and it seems to be going up.  My guess is maybe the spammers are doing some listwashing to try to figure out who is reporting.

probably... hopefully it'll stay quiet for a while

 

[Irrelevant websites in SC reports]

I do have a suggestion wrt website links:

usually the links to be reported are all checked. I can uncheck one or more if needed, but usually I do not want to report the website links unless I think they are relevant to the spammer, so my suggestion would be to add a "check/uncheck all links" so that only the source is checked (I don't believe there is an option in settings to have links unchecked by default).

That (whatever it is, general checkbox for links, button, whatnot) method would allow reporting links to be unchecked (or checked) if desired without having to go through 10 or more checkboxes...

Just an idea. Maybe someone had already suggested it?

[interestingly spam in my inbox has slowed down considerably!]

As the topic title suggests, I have been receiving less and less spam, while some of it is mostly noise from one or two companies who never understood (or accepted) my request to be removed from their list, and there was one who said he knew my password and to pay him with bitcoin or little she/he/it would post a "video" of me... after I reported that little she/he/it, I received an amazon login attempt/password change 🤣 where this bugger attempted to use the (very old, I might add) pwd and failed 🙄

anyway, 11 spams last week, and 0 over the weekend!

I wonder if it's the same everywhere or if somehow my email address has been basically cleaned out from those lists...

[Back again with more nothing to do when reporting]

both links parse correctly for me and both would report to

Report spam to:

Re: 193.47.69.243 (Bounce)
To: abuse@virtono.com (Notes)

I don't know if @Richard W or @Lking or another forum admin could figure out where your "nothing to do" problem lies... several years ago Don D'Minion (3rd message in following thread:

added a yahoo host to the account, but from what I understand, you have no mailhosts in your account (neither have I FWIW) so the problem must lie elsewhere...

Richard and Lking, sorry for the ping if it's not netiquette and I apologize.

[Back again with more nothing to do when reporting]

18 hours ago, mrpHil said:

Another one today. Tried the same, to  resubmit, but still get nothing to do

https://www.spamcop.net/sc?id=z6702424637z0c18571c739c5cb7deb4b7475c29aab6z

that is odd, as I get the same as KNERD 🤔

(except that since he already submitted it, I don't get the report link)

Quote

If reported today, reports would be sent to:

Re: 62.210.108.60 (Bounce)

abuse@proxad.net

I don't know what to say, except that there might be something going on if you have hosts set up in spamcop...

[Back again with more nothing to do when reporting]

@mrpHil, Thank you very much for this huge pile of garbage (AKA spam) in this thread.

Instead of plastering the whole message, it would be much more helpful if you could instead just post the "TRACKING URL" you get at the top of the parsing screen:

Quote

SpamCop v 5.3.0 © 2021 Cisco Systems, Inc. All rights reserved.
Here is your TRACKING URL - it may be saved for future reference:
https://www.spamcop.net/sc?id=z6702363390z3d1b93307ff634af558a8df635903298z

it is much cleaner and only the relevant portions can be checked instead of having to scroll through 500 pages of garbage  (ok, I am exaggerating) to see if something else was written after the spam...

Please keep this in mind for future references.

Also, keep in mind that this is a user 2 user forum where we are trying to be helpful, but it also requires people asking for help to adhere to certain cordialities.

If I'm not mistaken, you have been asked to do so before, and back in 2019 you used to be able to provide the tracking URL... what happened?

ok, so much for my rant. BTW, the last spam message you posted above, parsed perfectly for me, without the "nothing to do" comment. (I had to change the dates since the spam was too old to parse, but it worked flawlessly.) the tracking URL I provided isn't said spam, it's one of mine that I just added to provide an TRACKING URL example.

OK, I'm adding the cancelled /modified tracking URL of yours:
https://www.spamcop.net/sc?id=z6702363904z190a86012cfc516994d82403ab85eea9z

[Google Network a Frequent Source of spam]

On 1/26/2021 at 11:33 AM, emanmb said:

I guess reporting spam to Google isn't appreciated anymore.  Got this when reporting today.  Similar to the twitter_doesnt-care-about-spam report address.

hopping on late on the train here, but I would like to clarify something about these links (mentioned as spam):

links in the spam message do not necessarily mean that the "owner of the linked website" is spamming.
It just means that the spammer

a) is using a web-address from to include in the spam message
b) added a "disclaimer" that links to a real disclaimer from an innocent party
c) could truly be linking to the website for access to the spam content (but tbh with google, twitter, and so on it is rather unlikely)

These are the reasons why Google does not want those reports...

if you feel that the report is legit, you can drop google directly an abuse complaint through their website (I am sure they have a way listed somewhere)

 

HTH

[Don't generate abuse message against reporter]

Hello rdorsch,

I am certain you are not the first one to report his own domain, and probably won't be the last.

there is a reason why spamcop "kind-of" suggests not to report linked websites in the spam body, as spammers inject addresses of several "innocent" websites/domains, and you were the unfortunate recipient of such a spam.

also, links in spams are not "counted" as spam origins and thus not blocked (AFAICR) but that does not necessarily mean that if the domain's upstream IP listed abuse desk receives a "complaint"/report that they won't act upon it.

currently I see that the abuse desk is "/dev/nul"ed reports are disabled for contabo punkt DE which means that the link will not be sent to the abuse desk in case you forget to uncheck the box

Ich hoffe dies hilft!

Gruss aus den Staaten nach Deutschland

[Free - get our most popular daily mail - we think you’ll like it!]

20 hours ago, gnarlymarley said:

Sounds like a business might not know about the double-opt-ins.  If they don't have any opt-in check, they they really should change their wording to "some subscribed using your email address to....."

absolutely!

I've been fighting spam now for close to 20 years, and even back in the day, double opt-in was suggested to the companies affected by these malicious login attempts. I just don't understand how short the memory of some people is. I am sure some of these IT guys were also affected by these spamming opt-ins...

I don't know how an "opt-in check" could work... I have a VPN and am accessing the web from different sites worldwide (at least on my tablet) so if I opt-in at some site, they might log my IP address, and probably ask for a captcha, but anybody can opt me in using a captcha and the IP address would still be as unknown as mine is... unless you mean "opt-in check" = "double-opt-in"

just like this stupidity with spotify, where they send an email that somebody created an account, and for me to confirm, but in the end, confirmation is not needed since the account is already created and I receive emails from people logging in from two different sites (Ukraine and US) -- mindblowing 🤯

[Link obfuscation flaw?]

you also need to keep in mind that links nowadays are tracked by the spammer, so if a link is clicked on, the spammer gets

a) paid for successful promotion and propagation of the spam.

b) if a link is clicked on multiple times, a counter increases and the spammer gets more money.

c) a clicked link means the spammer will flood you with even more junk to click on because he now knows that the email address, linked to the tracking code in the link, is active and the user responds/reacts to it.

links need to be handled carefully and redirected links even more since the tracking code is hidden in the redirect code. even worse, if the code for the redirect link is changed, the link doesn't (usually) work and is not linked to the actual spammer anymore...

[Free - get our most popular daily mail - we think you’ll like it!]

I've been getting one per day, and just today I see the following tidbit at the very end:

Quote

Why are you receiving this? You subscribed to Must Reads at Seeking Alpha.

yeah, sure Rule #1