Jump to content

MIG

Members
  • Content Count

    76
  • Joined

  • Last visited

Everything posted by MIG

  1. MIG

    SCv5 parsing

    Does anyone know if, we post to v5 parser, entire source data or modified source data?🤔 Cheers.
  2. Hey Scott, Just confirming, you're missing: [Report Now][Remove all unreported spam]? refer image, green stars. This may sound basic, but may work: Tried a different browser? Cleared [history][cookies][cache]? Reset browser? If you've not done this & decide to, export [bookmarks] & [browser][config][settings] BEFORE reset... Re [SC TRACKING URL], to get help from SCF members & SC Admin a SpamCop full tracking url is needed, my understanding from SCF members & SCA is, no private info will be available, i.e., except for when the spammer may have used your email address in a part of the spam where the parser does not mung your email address. Should that happen (& it has to me) SCF members & SCA have advised, the spammer has the email address anyway so it's better to provide the [SC TRACKING URL], that way folks will jump in & help. Do let us know if [Report Now][Remove all unreported spam] are still missing? Cheers
  3. MIG

    SCv5 parsing

    Thanks Petzel, Outlook.live mail cannot be forwarded as an attachment. It's not that SC can't parse the spam: with v5, my query was "do we still keep modifying/removing 1st "received" line, & the answer, from SCA & SCF is "yes".
  4. MIG

    SCv5 parsing

    Hi RobiBue, I was thinking the exact same thing earlier today! It's a valid reason for keeping mum & your rationale/explanation provided on klappa's "Something wrong with Outlook reporting" post is deadly, as in perfect! Thanks
  5. MIG

    spam Cops version V

    Hey Stumped, I'm on my L plates to (have been asking the same question & SC members are tracking too): These posts may interest you: http://forum.spamcop.net/topic/32996-scv5-parsing/?tab=comments#comment-129217 http://forum.spamcop.net/topic/32834-details-of-update-to-spamcop-50-coming-tomorrow/ they don't answer the question (yet) but there's a good chance the answer will come soon. Happy fighting, it's worth it!
  6. MIG

    SCv5 parsing

    Hello Lking, thanks for replying. I have submitted both modified & unmodified data, end result, different, hence my question. I've asked this question on other's posts, provided examples, no-one responded, hence this post - leading me to cogitate, which method is more accurate, more likely to produce the best outcome, i.e, get notifications sent to those responsible that will really pay attention & take action? No modified source data, i.e 1st {Received) not removed: https://www.spamcop.net/sc?id=z6513927819z5a333033d60c15fe7dcbe967cc9c5977z Modified source data, i.e 1st {Received) removed: https://www.spamcop.net/sc?id=z6513928242zd136d1f1635704ba07e5ae7794f427e6z & a v5 general ?, do you know if there's any available v5 information/changes faq available please? If so where? Please!
  7. nhraj700 & klappa, re pre SCv5: Microsoft, specifically, and possibly Gmail: a SC-Admin assisted me [understanding] the apparent "false" parsing of Hotmail headers by advising: quote "With Hotmail: the spam may have originated with Hotmail, likely not. A couple of years ago Hotmail had to give up two /16 networks they were using (33,554,432 IP addresses) as they were not assigned to them. Microsoft had to quickly reconfigure their network and used IPv6 to do so. Unfortunately when doing so, they did not do it carefully and make sure they had full name resolution through out the network, where the forward and reverse dns on each server matches. This means we (SC) can't trust their headers and will often take them as the source of the spam. All is not lost though, as Hotmail's parsing engines when they receive the report does pass through the report to the right party. It also helps Hotmail block new spam from that source. Microsoft is working on resolving the issue, but it is a couple of hundred thousand servers. They have told us though the fix is measured in years, not weeks or months." unquote Not sure if this info was shared with me in confidence & if, by posting here I've breached confidentiality, if so, SC-Admin who sent know's who I am & (in anticipation) I submit my🙇🏽‍♂️grovelling🙇🏽‍♂️ apology😔. Now we have SCv5, still waiting for considered advice/guidance (from SCFA/experts/members) as to whether or not (to work with getting the most accurate reports from SCv5), we need to parse the ENTIRE source data or still remove (from source data) the 1st [received] line? Confusion due to: submitting full source data produces one set of distribution "send to" report recipients🤔❔ submitting partial source data produces a DIFFERENT set of distribution "send to" report recipients🤔❔ Comments welcome. Cheers.
  8. MIG

    Any point in reporting spam from AMAZONAWS?

    I still get abuse#amazonaws.com@devnull.spamcop.net; so, I submit via SC & manually forward all spam email to ec2-abuseATamazonDOTcom Amazon are very responsive to this method.
  9. ☎️https://crosstalksolutions.com/howto-pwn-telemarketers-with-lenny/☎️ & "How to setup Lenny" https://www.youtube.com/watch?v=RRhRImp6kKQ&ab_channel=CrosstalkSolutions Happy fighting
  10. Hey Petzel, Posting this acknowledging you've been around way longer than me, actually let me re-word that, you've been around on SCF way longer than me, so I may not be on the right track, however, using the links provided & your SCF report I get: https://www.virustotal.com/#/domain/pushstat.sendpulse.com https://www.virustotal.com/#/domain/click.affcrunch.com https://www.virustotal.com/#/url/1e0c25ab42752181cc197651c2dcec630b564279938ea632bdf1a71d7f149f0e/details https://www.virustotal.com/#/domain/smartiyke41.duckdns.orghttps://www.virustotal.com/#/domain/smartiyke41.duckdns.org https://www.virustotal.com/#/url/8b24aa770a546505998fbe71fa5f5523b4df529c69d202c415e25313725ed36c/detection Any use? Cheers
  11. Membera, GODADDY's OL form is complicated/CAPTCHA also refuses to process (for me). I'm getting good results forwarding spam direct to Mailchimp (as well as submitting to SC), still working on Godaddy solution...could end up being "go-away-daddy"
  12. 'Cause LEASEWEB SC reports are [devnull], I still submit to SC & forward the actual spam email to LEASEWEB. LEASWEB then auto-process the spam, send back a confirmation & tracking id # if more info is required. LEASWEB also have an online form for manual submissions. URL not included 'cause I've got a vague memory of SCF comments "removed url...blah, blah, etc", not sure if that's dangerous urls or all urls so... just google LEASEWEB. I know emailing, submitting another form etc., is extra work, however, imo, it a few minutes work for many hours of deep satisfaction knowing another scum spammer is 💀⚰️💀& it means I've not broken my NY's resolution 😄
  13. [ VirusTotal ]Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community. Provides detections & extended detail. May find it useful in the fight against evil👹spammers.
  14. 😊 houseincloud,😊 Happy New Year & thanks! Pretty much everything I've found/know has been from SC members who know so much more than me. I've just got mogrel-bastard-dog in me, determined to use every available, legal means to kill/destroy & painfully dismember as many 💩scum🤥spammers💩 as possible🦹 My go to is Spamcop & any follow up/extra "tools" VirusTotal, IpNetInfo, DnsStuff & forward all to the following (specific to the source of the spam): abuseAThotmailDOTcom; ec2-abuseATamazonDOTcom; abuseATamazonawsDOTcom; spoofATpaypalDOTcom; phishingATpaypalDOTcomDOTau & always to: spam@UCEDOTGOV; reportATsubmitDOTspamDOTacmaDOTgovDOTau; irrespective of the source Extra tools to have some fun with: https://www.nirsoft.net/utils/ipnetinfo.html (good as it's accurate & not resource hungry), ditto for (https://tools.dnsstuff.com/, lots of toys), https://www.talosintelligence.com/, https://www.abuseipdb.com/, I went looking for Complainterator, looks like it's dead, as is KnujOn, never mind, still succeeding with the wonderful help from SC & all of the above😊 Maybe SCF members could have a page that posts "☠️💩🤥💩☠️" notices😁 Have a great year houseincloud!😊
  15. Art101, https://www.virustotal.com/en/domain/hetzner.co.za/information/ & https://www.virustotal.com/en/file/0a69fd51979d402b66a6b07bb78561a62731b0ca7eb1027363c1967c69734c5a/analysis/ may interest you, although, now you've blocked it (good work!) you may not care.
  16. Hi Lisati, I've not tried the method you've suggested (but I'd like too), looking at recent spam source data, there's 2 or more "Received" lines: do you change only the first "Received" to "X-Received" or ? And, I've read (SC Faq & SCF) to not modify source data, how does this guidance fit with changing "X-Received" etc... ? Thanks in advance☺️
  17. RobiBue, Totally, it's (my) reverse way of acknowledging a Master😊
  18. LKing! 🤣, we should get you to employ such tactics on all the spammers, just make them invisible!
  19. Ricardo, the "you do not have permission etc. error", USUALLY, occurs if not logged, however, you are as you're posting in the forum & that'd not be possible without logging in. Here's the info Lking posted: Quote: "My thought, basses for action, has always been 'that the fact that I got the spam proves they already have my email address' As a result I have "spam Munging" set to " Leave spam copies intact " I also have all my email filters turned off. Have used these settings for years, almost as long as I have used the same email address (~22yrs). In that time, I have had one DOS attack from India that lasted for two days and one spammer that sent me one very nasty profanity filled email (must have been a slow day at the bot farm). Bottom line, any one spammer sends out 1,000s of not 1Ms of emails. I have issues but what level of ego is needed to think a spammer will single out my spam report for retribution or even read? There is no money to be made spending the time to pester me. The only smart thing to do would be to wash my email off their list because I reported them. But we know Rule #3 is true. For a long time, I spend about the same amount of time dealing with personal spam. I spend more time each morning clearing the spam from this forum than I do clearing all my inboxes. On the other hand, if some poor ISP or email user has had their system compromised or their legitimate, but poorly managed, email list contaminated with my email address, maybe the added information will help clear up the problem. I have been contacted a few times by naive managers of homeowners groups/email list/newsletters for help. It is true that although every effort is made to cleans spam reports of your email address, the spammers for some reason hid email addresses in may ways/places." Unquote http://forum.spamcop.net/topic/31015-email-address-disclosed-in-parsed-reportspam-mungingmole/?tab=comments#comment-125224
  20. MIG

    wondering about efficiency of reporting spams

    Glad someone does houseincloud, back to your issue, Talos gives good visuals: [ https://www.talosintelligence.com/reputation_center/lookup?search=149.129.243.34#email-history ], [ https://www.talosintelligence.com/reputation_center/lookup?search=177.53.45.69#email-history ], (that's 2 of the ips from your parsed reports) probably won't help you any to get the scum shut down, but, may keep you inspired - better than porn anyway Re "fight against such a giant", don't forget David. Apologies for bold text, can't get the editor to revert
  21. MIG

    wondering about efficiency of reporting spams

    Sorry houseincloud, just my warped sense of humour, I was thinking, if I was in your shoes, I'd blame my dog! Actually, I thought you were very brave to follow the unsubscribe steps.
  22. Reference LKing [http://forum.spamcop.net/topic/30970-when-it-report-a-spam-what-sensitive-information-from-reporter-is-passing-or-allowing/?tab=comments#comment-125100] "By default your email address is hidden in spam reports" In a just parsed SpamCop report the: "To: <x> "is hidden. However, the "X-SID-PRA: XTN-etc-removed by me to post to forum@HOTMAIL.COM" has my email address. https://members.spamcop.net/mcgi?action=showadvanced - My "spam Munging" is set as "Obscure identifying information" Thinking of how to work around not disclosing "X-SID-PRA" I contemplated setting: "Become a "mole" - Don't even send reports", however the statement "(mostly pointless)" is confusing at best & alarming at worst - does "Don't even send reports" literally mean no reports are sent to the identified "abuse@addresses"? If that's yes, then I assume the only result of parsing spam emails as a "Mole" would be adding to stats...? Is that correct? For obvious reasons I'm not posting the spam report tracking url here as my email address will be on display to all. Any comments/advice/suggestions please?
  23. Never saw that! Not gunna own up to knowing THAT song!
  24. Hey klappa, I absolutely agree , I may not have communicated clearly, my experience prior to using SC, years using MS "mark as junk, phishing spam & or blocking" resulted in an increase in spam😬 >> Stumbled upon SC, started using, almost every parsed report resulted in: Report to: abuseATmicrosoft.com🤬, (sorry I previously said abuseAThotmail.com) until the "Quote ... Unquote" process was explained, I refined my submissions, ever since I get "truer" (is that even a word?) results.. If I use your original https://www.spamcop.net/sc?id=z6499645284z69efc272a2d2f2b47876f5ca99aa42ddz & don't remove the first "Received: from DM3NAM03HT165.eop-NAM03.prod.protection.outlook.com.... etc, etc....+0000" I get "Report to: "abuseATmicrosoft.com", however, removing 1st "Received: from..." results in Report to: mail-abuseATcert.br & abuseATlocaweb.com.br
  25. 🤣 On the subject of art, is that the wicked witch of the west wearing Dorothy's shoes?
×