Dave_L

Thanks for that clarification.

Was it forwarded as an attachment?

I checked and saw that the forum registration page uses a CAPTCHA to prevent robots from registering. Do you think that the spam posts here (which seem to be steadily increasing) are done by a robot that's able to defeat the CAPTCHA, or are human beings actually registering manually? The CAPTCHA used by this site is that annoying RECAPTCHA project. Due to its widespread use, the spammers have probably prioritized cracking it. A simpler do-it-yourself CAPTCHA might be more effective.

Asking for changes to the reporting web site here is futile. The people who have the ability to make such changes do not participate in these forums. Personally, if I want to create a PDF from a web page, I "print" the page, and then select the option to sent the output to a .pdf file instead of a physical printer. That's using Firefox on Ubuntu (GNU/Linux). I don't know if that choice is available for your browser and operating system.

14:13:01 -0700 (PDT): The "-0700" means seven hours earlier than GMT. To convert to GMT, add seven hours. 23:12:57 +0200: The "+0200" means two hours later than GMT. To convert to GMT, subtract two hours.

The date/time stamps generally help here, although they're not always 100% reliable. For example: The timestamp in "0" is Thu, 04 May 2017 14:13:01 -0700 (PDT), which is four seconds later than the timestamp in "3", Thu, 04 May 2017 23:12:57 +0200 (21:13:01 GMT - 21:12:57 GMT = 4 seconds).

Some newer web sites that require login have put the username and password entry on separate pages. I.e., you enter the username on one page and then are redirected to a second page for password entry. Is this considered to be more secure than the traditional method of entering the username and password on the same page?

The Spamcop FAQ section has a page that's supposed to explain "confirmed opt-in", but it's useless, since it refers to two non-existent pages: https://www.spamcop.net/fom-serve/cache/406.html I found a decent explanation of "confirmed opt-in" here: https://www.spamhaus.org/faq/section/Marketing FAQs#15 Maybe the broken links could be replaced with that one. Or maybe the text itself could be added to the Spamcop FAQ page. That's probably ok, as long as the source is cited.

Does the subscription process use CONFIRMED OPT-IN? If you don't know what that means, here's an explanation: https://www.spamhaus.org/faq/section/Marketing FAQs#15 If the email addresses in your list were not obtained using confirmed opt-in, then you should: 1. Delete the list. 2. Start building a new mailing list, using a confirmed opt-in process. Also: At the location where users subscribe to your mailing list, ensure that there is a clear explanation of what kind of information will be included in the mailings. If the mailings will include advertisements, that should be stated.

I suppose a legitimate action in a case like this would be to use the Spamcop parser to identify the apppropriate reporting authority(ies), and then compose and send your own report(s), written so as to make it clear that you, and not Spamcop, are the report submitter. (Personally I wouldn't bother for an isolated case.)

My guess is that since the next to last "Received" header ("Received: from 41....") contains no date, the Spamcop parser doesn't trust the headers.

The SpamCop Email System no longer exists. That's probably an old page that was never removed.

Domain name registrars don't seem to care how their customers use the domains, as long as they pay the registration fees. Have you reported the spam to the email source provider(s) and the web host provider(s)?

I think that the mail would simply be discarded, and not bounced.