captkirk

I have reported these nearly identical spam emails probably hundreds of times evidently wasting fuel haha. bangmod is the most prolific, but there are several others that are about as bad. I find it rather alarming that the spoofed from email purports to be from my domain to my domain. Hosted on GoDaddy by the way. But I am using cpanel workspace email, not their expensive 365 which they are trying to force everyone to pay for. They don't seem to support the workspace email anymore. Now gbcloud.net has become my prime offender! In any case, I sure hope they are not spoofing my domain to send spam to other folks! I am still curious as to how these ISPs allow so much spam to get thru repeatedly. BTW, I did think about obscuring my email in the post, but it has been out and about for 30 years now, but I did it in this snippet: Received: from [116.206.125.116] (port=36086 helo=ielectrify.com) by a2plcpnl0219.prod.iad2.secureserver.net with esmtp (Exim 4.95) id 1qlBab-00HXB8-Ka for email@domain.com; Tue, 26 Sep 2023 10:11:21 -0700 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com. [2607:f8b0:4864:20::62f]) by mx.google.com with ESMTPS id m14-20020a056a00080e00b0069024c6a9a8si13094907pfk.389.2023.09.26.06.33.17 for <email@domain.com> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 26 Sep 2023 06:33:17 -0700 (PDT) Received: by mail-pl1-x62f.google.com with SMTP id d9443c01a7336-1c5c91bec75so61402495ad.3 for <email@domain.com>; Tue, 26 Sep 2023 06:33:17 -0700 (PDT) Looks to my untrained eye, that the last (first) two Received froms are bogus, since the time stamps go from Tue, 26 Sep 2023 06:33:17 -0700 (PDT) to Tue, 26 Sep 2023 10:11:21 -0700 when it finally gets to a bangmod IP and domain. Regardless, I have gotten about 50 spam emails from the good folks at bangmod and gbcloud since 8am and it's only 4pm... Thanks for all the insights!

Which one you want? The report? https://www.spamcop.net/sc?id=z6862928707z93e35888c12d29600ebe07cd27d79ff9z Or the full diagnostic report? I am really puzzled by Received-SPF: pass (google.com: domain of captkirk@dmzgraphics.com designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Unless it is a result of having a google account for online document sharing. spam_report.txt

For the last few months I have been getting 20 to 30 spam emails a day from bangmodhosting.com / bangmod.co.th and reporting most of them. And most of them have stayed the same or the same type. Your are a winner/you have a reward/survey response from companies like Walmart, Ace Hardware, State Farm, etc. All require a click on a button who's link does not look like a survey link at all of course! Spamassassin marks almost all of these as spam. Some have SPF/DKIM/DMARC headers purporting to come from Google/Yahoo/Microsoft and routing thru those mailservers. Some even spoof the headers showing the email came from my email to my email! Anyway, besides just complaining, I am curious as to how these guys are not listed on any blacklists I have looked at and how any email server would not block these emails as soon as the send button was pushed! I will be glad to post the raw source of one of these if anyone wants to have a look. Also would love any suggestions.

I am reporting 1 to 5 spam emails daily where I get this reply: Witamy, dziękujemy za przesłane zgłoszenie. Informujemy, że w chwili otrzymania Państwa zgłoszenia, co najmniej jeden adres e-mail biorący udział w korespondencji nie jest nam znany. Oznacza to, że Państwa zgłoszenie nie może uzyskać statusu zgłoszenia autoryzowanego. W przypadku zgłoszenia nieautoryzowanego nie możemy wykonać żadnej dyspozycji w nim zawartej ani udzielić żadnych szczegółowych informacji na temat konkretnych usług. W zgłoszeniu nieautoryzowanym możemy jedynie udzielać informacji ogólnych lub powszechnie dostępnych. Zgłoszeniu nadany został numer: [IQ#389197:noauth] Jeśli chcą Państwo uzupełnić zgłoszenie, proszę odpowiedzieć na tą wiadomość zachowując oznaczenie numeru w temacie wiadomości. Usunięcie numeru z tematu wiadomości spowoduje stworzenie nowego zgłoszenia. Lista użytkowników otrzymujących korespondencje dotyczącą tego zgłoszenia na e-mail: (7019660082@reports.spamcop.net), To zgłoszenie nie może być autoryzowane. English version: Hello, thank you for submitting a ticket. We inform you, that at least one of the e-mail addresses taking part in the correspondence is unknown to us. That means that this ticket can never have the Authorized status. In case of an unauthorized ticket we can't execute any requests nor reveal any information specific to any services we provide. In an unauthorized ticket we can only provide general or publicly available information. Your ticket number is: [IQ#389197:noauth] The list of users recieving e-mails regarding this ticket: (7019660082@reports.spamcop.net), This ticket can never be authorized. -- Biuro Obsługi Klienta: e-mail: bok@iq.pl tel.: +48 58 326 09 90 - 94 fax: +48 58 326 09 99 Dział pomocy: https://www.iq.pl/pomoc Informacja dotycząca przetwarzania danych osobowych: https://www.iq.pl/kontakt Jakość gwarantuje: ISO 9001:2000 IQ PL Sp. z o.o. z siedzibą w Gdańsku (80-298), ul. Geodetów 16, KRS 0000007725, Sąd rejestrowy: Sąd Rejonowy w Gdańsku VII Wydział KRS, kapitał zakładowy: 140.000 PLN, NIP 5832736211, REGON 192478853 Does this mean reporting this spam is a futile exercise since "The ticket can never be authorized"? Thanks!