Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About MIG

  • Rank

Recent Profile Visitors

125 profile views
  1. nhraj700 & klappa, re pre SCv5: Microsoft, specifically, and possibly Gmail: a SC-Admin assisted me [understanding] the apparent "false" parsing of Hotmail headers by advising: quote "With Hotmail: the spam may have originated with Hotmail, likely not. A couple of years ago Hotmail had to give up two /16 networks they were using (33,554,432 IP addresses) as they were not assigned to them. Microsoft had to quickly reconfigure their network and used IPv6 to do so. Unfortunately when doing so, they did not do it carefully and make sure they had full name resolution through out the network, where the forward and reverse dns on each server matches. This means we (SC) can't trust their headers and will often take them as the source of the spam. All is not lost though, as Hotmail's parsing engines when they receive the report does pass through the report to the right party. It also helps Hotmail block new spam from that source. Microsoft is working on resolving the issue, but it is a couple of hundred thousand servers. They have told us though the fix is measured in years, not weeks or months." unquote Not sure if this info was shared with me in confidence & if, by posting here I've breached confidentiality, if so, SC-Admin who sent know's who I am & (in anticipation) I submit my🙇🏽‍♂️grovelling🙇🏽‍♂️ apology😔. Now we have SCv5, still waiting for considered advice/guidance (from SCFA/experts/members) as to whether or not (to work with getting the most accurate reports from SCv5), we need to parse the ENTIRE source data or still remove (from source data) the 1st [received] line? Confusion due to: submitting full source data produces one set of distribution "send to" report recipients🤔❔ submitting partial source data produces a DIFFERENT set of distribution "send to" report recipients🤔❔ Comments welcome. Cheers.
  2. MIG

    Any point in reporting spam from AMAZONAWS?

    I still get abuse#amazonaws.com@devnull.spamcop.net; so, I submit via SC & manually forward all spam email to ec2-abuseATamazonDOTcom Amazon are very responsive to this method.
  3. Hey Petzel, Posting this acknowledging you've been around way longer than me, actually let me re-word that, you've been around on SCF way longer than me, so I may not be on the right track, however, using the links provided & your SCF report I get: https://www.virustotal.com/#/domain/pushstat.sendpulse.com https://www.virustotal.com/#/domain/click.affcrunch.com https://www.virustotal.com/#/url/1e0c25ab42752181cc197651c2dcec630b564279938ea632bdf1a71d7f149f0e/details https://www.virustotal.com/#/domain/smartiyke41.duckdns.orghttps://www.virustotal.com/#/domain/smartiyke41.duckdns.org https://www.virustotal.com/#/url/8b24aa770a546505998fbe71fa5f5523b4df529c69d202c415e25313725ed36c/detection Any use? Cheers
  4. ☎️https://crosstalksolutions.com/howto-pwn-telemarketers-with-lenny/☎️ & "How to setup Lenny" https://www.youtube.com/watch?v=RRhRImp6kKQ&ab_channel=CrosstalkSolutions Happy fighting
  5. Membera, GODADDY's OL form is complicated/CAPTCHA also refuses to process (for me). I'm getting good results forwarding spam direct to Mailchimp (as well as submitting to SC), still working on Godaddy solution...could end up being "go-away-daddy"
  6. 'Cause LEASEWEB SC reports are [devnull], I still submit to SC & forward the actual spam email to LEASEWEB. LEASWEB then auto-process the spam, send back a confirmation & tracking id # if more info is required. LEASWEB also have an online form for manual submissions. URL not included 'cause I've got a vague memory of SCF comments "removed url...blah, blah, etc", not sure if that's dangerous urls or all urls so... just google LEASEWEB. I know emailing, submitting another form etc., is extra work, however, imo, it a few minutes work for many hours of deep satisfaction knowing another scum spammer is 💀⚰️💀& it means I've not broken my NY's resolution 😄
  7. 😊 houseincloud,😊 Happy New Year & thanks! Pretty much everything I've found/know has been from SC members who know so much more than me. I've just got mogrel-bastard-dog in me, determined to use every available, legal means to kill/destroy & painfully dismember as many 💩scum🤥spammers💩 as possible🦹 My go to is Spamcop & any follow up/extra "tools" VirusTotal, IpNetInfo, DnsStuff & forward all to the following (specific to the source of the spam): abuseAThotmailDOTcom; ec2-abuseATamazonDOTcom; abuseATamazonawsDOTcom; spoofATpaypalDOTcom; phishingATpaypalDOTcomDOTau & always to: spam@UCEDOTGOV; reportATsubmitDOTspamDOTacmaDOTgovDOTau; irrespective of the source Extra tools to have some fun with: https://www.nirsoft.net/utils/ipnetinfo.html (good as it's accurate & not resource hungry), ditto for (https://tools.dnsstuff.com/, lots of toys), https://www.talosintelligence.com/, https://www.abuseipdb.com/, I went looking for Complainterator, looks like it's dead, as is KnujOn, never mind, still succeeding with the wonderful help from SC & all of the above😊 Maybe SCF members could have a page that posts "☠️💩🤥💩☠️" notices😁 Have a great year houseincloud!😊
  8. Art101, https://www.virustotal.com/en/domain/hetzner.co.za/information/ & https://www.virustotal.com/en/file/0a69fd51979d402b66a6b07bb78561a62731b0ca7eb1027363c1967c69734c5a/analysis/ may interest you, although, now you've blocked it (good work!) you may not care.
  9. [ VirusTotal ]Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community. Provides detections & extended detail. May find it useful in the fight against evil👹spammers.
  10. Hi Lisati, I've not tried the method you've suggested (but I'd like too), looking at recent spam source data, there's 2 or more "Received" lines: do you change only the first "Received" to "X-Received" or ? And, I've read (SC Faq & SCF) to not modify source data, how does this guidance fit with changing "X-Received" etc... ? Thanks in advance☺️
  11. RobiBue, Totally, it's (my) reverse way of acknowledging a Master😊
  12. LKing! 🤣, we should get you to employ such tactics on all the spammers, just make them invisible!
  13. Ricardo, the "you do not have permission etc. error", USUALLY, occurs if not logged, however, you are as you're posting in the forum & that'd not be possible without logging in. Here's the info Lking posted: Quote: "My thought, basses for action, has always been 'that the fact that I got the spam proves they already have my email address' As a result I have "spam Munging" set to " Leave spam copies intact " I also have all my email filters turned off. Have used these settings for years, almost as long as I have used the same email address (~22yrs). In that time, I have had one DOS attack from India that lasted for two days and one spammer that sent me one very nasty profanity filled email (must have been a slow day at the bot farm). Bottom line, any one spammer sends out 1,000s of not 1Ms of emails. I have issues but what level of ego is needed to think a spammer will single out my spam report for retribution or even read? There is no money to be made spending the time to pester me. The only smart thing to do would be to wash my email off their list because I reported them. But we know Rule #3 is true. For a long time, I spend about the same amount of time dealing with personal spam. I spend more time each morning clearing the spam from this forum than I do clearing all my inboxes. On the other hand, if some poor ISP or email user has had their system compromised or their legitimate, but poorly managed, email list contaminated with my email address, maybe the added information will help clear up the problem. I have been contacted a few times by naive managers of homeowners groups/email list/newsletters for help. It is true that although every effort is made to cleans spam reports of your email address, the spammers for some reason hid email addresses in may ways/places." Unquote http://forum.spamcop.net/topic/31015-email-address-disclosed-in-parsed-reportspam-mungingmole/?tab=comments#comment-125224
  14. MIG

    wondering about efficiency of reporting spams

    Glad someone does houseincloud, back to your issue, Talos gives good visuals: [ https://www.talosintelligence.com/reputation_center/lookup?search= ], [ https://www.talosintelligence.com/reputation_center/lookup?search= ], (that's 2 of the ips from your parsed reports) probably won't help you any to get the scum shut down, but, may keep you inspired - better than porn anyway Re "fight against such a giant", don't forget David. Apologies for bold text, can't get the editor to revert
  15. MIG

    wondering about efficiency of reporting spams

    Sorry houseincloud, just my warped sense of humour, I was thinking, if I was in your shoes, I'd blame my dog! Actually, I thought you were very brave to follow the unsubscribe steps.