hank

Membera
  • Content count

    138
  • Joined

  • Last visited

Community Reputation

0 Neutral

About hank

  • Rank
    Advanced Member

Contact Methods

  • ICQ
    0

Recent Profile Visitors

1,077 profile views
  1. Sigh. Now a new one has gotten past Google and is getting forwarded from my-userid@spamcop by the dozens per hour. Mostly ending up in my ISP's graymail folder, fortunately. " a massive spam Email campaign has recently gone viral after effectively bypassing the Gmail anti-spam algorithm ..." http://www.binaryscamalerts.com/quantum-code-scam-software-review/
  2. > just creat a gmail account Problem is I used Spamcop as my primary email for many years, so it's my address of record for a lot of older contacts. And there's no automatic way of validating a new spamcop address for reporting, if I cancel the current one. I'd have to do the mailhosts routine again. If I change forwarding from Spamcop to send it all to Google, I still have to read through all the headers; Gmail does false positives occasionally too. 400 of the same word salad spams in the past 8 hours (sigh). At least I have a computer. Imagine dealing with this with only a smartphone, the way so many people in the world use email. It'd be overwhelming. From: "=?utf-8?B?5pmv54i95riF?=" <745942123@qq.com> To: <xxx@spamcop.net> Subject: =?utf-8?B?5qyi6L+O5b2S6Zif77ya6YKA5oKo5L2P5YaK5ba64pGk4pKP?= =?utf-8?B?6LWiNThP5o+QLC3lorrpjYbmsLjliKkzMzI0OTjjgIJDT03kvL3lrqLmnI3miaM=?= =?utf-8?B?OjMxOTIxNjUyOOeTtO+8jOWPquimgeaKlee0uOe6ouiLnuWkqeWkqQ==?= =?utf-8?B?5oqi77yM6aaW5ou16aS4Mk8gM08gNU/igLDkuIvnpZ3ikbnkvZXlsLE=?= =?utf-8?B?6YCBJF8k54m556CBNDnotJ0gICAgIA==?= Date: Sat, 02 Sep 2017 23:10:29 +0800 MIME-Version: 1.0 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Disposition-Notification-To: 745942123@qq.com X-Orthrus: tar=0 grey=no co=US os=//29 spf=fail dkim=none <p><font color=3D"DarkSlateGray">=E6=9D=A5<span style=3D"font:0px = a"><=E8=BF=9E=E9=98=B4=E9=9B=A8></span>=E4=BA=86<span style=3D"font:0px = a"><=E9=9B=B6=E5=94=AE=E6=80=BB=E9=A2=9D></span>=E6=B0=B8<span = style=3D"font:0px a"><=E9=A9=AC=E9=93=83=E8=96=AF></span>=E5=88=A9<span = style=3D"font:0px =... and so on and so on. Google Translate can't make any sense of this. Damn qq.com
  3. It appears I got more than 4,000 spams in the past 24 hours, all addressed to my userid@spamcop.net and forwarded by Spamcop to my ISP, which graymailed almost all of them. Maybe one or two per hour get past the graymail and I report those. Tiresome. Good thing my ISP isn't charging me for storage, just automatically deleting the graymail. Big annoyance to review all the headers and catch the occasional non-junk email out of the deluge. Maybe the answer is to just cancel my spamcop email address? Perhaps that's what the spammer wants me to do? At this point I'm still using the "mole" reporting hoping that's informing whoever adds lines to the blocklist.
  4. Bump. Yes, I know this thread is ten years old. Would anyone familiar with current (not ten year old) practice at Spamcop please comment? Is it still true that "mole" reporting does not add the spammer's IP to Spamcop's blocking lists? I'm getting hundreds of spams from qq.net every few hours and have been for days, guessing it's retaliation for having used Spamcop reporting. Most of them are being blocked into graymail by my ISP now, fortunately.
  5. > block the IP address Unfortunately "qq.com" can't be blocked by Spamcop, and that source apparently owns (or uses, or forges?) a huge number of IP addresses. I'd have to comb through hundreds of spams to make a complete list. I wish Spamcop would do that little chore. The spam seems to be using some kind of randomization process to vary both the word salad text and the header lines. Hundreds more came through overnight.
  6. The Preferences says: So -- the real point of reporting is to inform the blocklist process, right? I realize reporting doesn't reduce spam and in actual experience reporting usually validates the reporting email and produces a flood of more spam at first. But eventually my ISP, which uses the Spamcop blocklist, starts accumulating the spam (e.g. from "qq.com" to myuserid@spamcop.net, automatically forwarded to my ISP) And the spam ends up in my ISP's graymail folder. So seems to me that's the point of using the "mole" approach -- not validating the email address being used to report the spam, but still informing the blocklist. Or rather informing the "SpamCop administrators" who presumably are updating the blocking list -- aren't they? Is there still someone doing that, and is this how it's being done? Can anyone clarify why Spamcop calls the "mole" reporting "mostly pointless" in the Preferences explanation of that option? What's not the point here about this?
  7. Wouldn't it make more sense to ask Spamcop to filter obvious botnet attack email rather than forwarding them uncritically? Something tells me the Chinese government is uninterested in being helpful in this kind of interaction. I wonder if anyone else with a userid@spamcop.net account is being so favored. Yeah, the email is still coming through, addressed to my-userid@spamcop.net and forwarded to my ISP; 450 more overnight.
  8. -- Spamcop reporting system. Oh, dear: "proceed your request"? This language suggests someone's not paying close attention over at Spamcop.
  9. PS: "qq.com" is identified as the source of all the spams to myuserid@spamcop.net, but qq.com isn't blocklisted by Spamcop. That business has multiple IP addresses which it's using.
  10. So, reporting seems like it's just increasing the spam; 450 per hour now, all addresed to my userid@spamcop.net Spamcop forwards this spam to my ISP, which uses the Spamcop blocklist, so that it's getting filtered by my ISP. But quoting from the Preferences at Spamcop: ------quote follows------------------------------------------------------ Become a "mole" - Don't even send reports (mostly pointless) ... It has become painfully obvious that spammers are able to identify your email address by using tracking codes - even after SpamCop's attempts to munge them. It has also become plain that even the largest and most well-respected ISPs forward complaints intact to the accused. In response, we now offer the ability to send reports silently. These reports are not emailed and are not available to anyone but SpamCop administrators and will not be shared (except as aggregate counts). ----end quote--------------------------------------------------- So -- Spamcop administrators -- why is this called "mostly pointless" -- won't silent reports continue to inform your blocklist? Because as you say, the reports are just informing the spammers that userid@spamcop.net is valid. And the spam generation tool is using some kind of randomizer to slip spam past the blocklist, only 3 or 4 per hour now out of the hundreds they're sending. So I'm ready to switch to "mole" setting -- hoping I can trust Spamcop will keep adjusting the blocklist from "mole" reports. Can anyone verify this will work?
  11. Still pouring in, 450 caught in graymail overnight, about one spam per minute now hitting my inbox. All sent to my userid@spamcop.net (you'd think they'd get a clue from the company name, but no) Contents are still all word salad, according to Google Translate. [%最新] 奥菛永利331458点C0M邀您注冊嶺⑤8瀛5⒏0提,专员Q319276818嶺 [%标题] [<[%农业词库]>%<[%农业词库]>第<[%农业词库]>一<[%农业词库]>句<[%农业词库]>]<[%农业词库]>网<[%农业词库]>址<[%农业词库]> <[%农业词库]>[<[%农业词库]>%<[%农业词库]>网<[%农业词库]>址<[%农业词库]>]<[%农业词库]> [<[%成语]>%<[%成语]>第<[%成语]>二<[%成语]>句<[%成语]>]<[%成语]>专<[%成语]>员<[%成语]>Q<[%成语]>:<[%成语]>[<[%成语]>%<[%成语]>Q<[%成语]>Q<[%成语]>]<[%成语]> [<[%农业词库]>%<[%农业词库]>第<[%农业词库]>三<[%农业词库]>句<[%农业词库]>] Somewhere in China, a computer has gone mad ....
  12. Still getting the occasional spam through to my home inbox, so they're varying their approach. Whoever or whatever the source is.
  13. Well, reporting seems to have gotten through to the blocklist from Spamcop that my ISP uses. I've accumulated about 450 graymail filtered posts in Chinese from qq.com -- and no new qq.com spam passed on to my inbox -- since today mid-morning. Whew. For a while there the spam was coming in faster than I could report it. Thanks for the tip about forwarding multiple attachments in a single report, that was a sanity-saver.
  14. My ISP uses Spamcop's blocklist and has held more than 1300 spams from qq.com -- I've only been seeing those that got past that and other ISPs into my combined home mailbox. The China spammer is also now using my home ISP's email address in the Sender line of the spams (presumably harvested from my spam reports) Poking around for strings from the spam headers with Google finds suggestions this may be a known spambot malware trying to distribute itself.