Jump to content

dbiel

Membersph
  • Content Count

    2,544
  • Joined

  • Last visited

Everything posted by dbiel

  1. Please note that on 5-12-06 this forum was upgraded from version 2.0.4 to version 2.1.6 The upgrade was done before we wanted to do it due to some serious attacks on the forum that could only be stopped by doing the upgrade. Much of the look, feel and appearance of the forum has been changed due to the upgrade. You will find that numerious things work differently now, may not work at all, or have disappeared. We are working on restoring much of the previous functionability. It will take some time to complete, as it requires a very significate amount of work to alter the code base. Please bear with us during this conversion process. This forum FAQ also needs to be updated to reflect the current software version changes. Thank you for your patience during this difficult time. Please feel free to post your questions, concerns, etc about the forum upgrade in this topic. The following is a list of some of the changes due to the version upgrade. It is not complete and will be added to and updated as quickly as possible. Thank you for your cooperation and support. Changes due to version upgrade: Post creation/edit interface has changed dramaticly Spell Check location and access changed. It is now found at the top of the edit box as a new icon: It is small, so it can easily be missed. (the new post flag) has been reset on all topics in the forum. (see Wazoo's explaination in the following post) See Wazoo's post that follows for additional information.
  2. Copied from a post by PGTips91 aka Paul G. Taylor Link to original post First, the settings in Thunderbird; Edit > Preferences Composition Tab 'Forward messages: as attachment' Advanced Tab, Privacy 'Block loading of remote images in mail messages' Second, how to report spam in blocks. I have set my preferences with my ISP so that their filtering does not pre-filter any spam I receive and I allow Thunderbird to do the filtering. This suits me as the number of spam emails I get is rather low and I want to report them all. With Bayesian filtering in place most spam find their way directly to my 'Junk' folder in Thunderbird. After a quick review to ensure that no genuine emails are included, I do the following: -- 1) Select all spam that I wish to forward. [easy if view set to 'Recent'] 1.1) Edit > Select All 1.2) Ctr +A 1.3) Select the first, scroll to the last, holding the 'Shift' key down click on the last to select all from first to last. 2) Right-click on the selection and choose 'Forward as attachments'. This will open a new email with all selected spam emails included as attachments. 3) Enter my SpamCop forwarding address in the 'To' field. With the address already set up in my address book, all it takes is to type 'sp'[enter] to select the forwarding address. 4) Send email with no 'body' required and 'Subject' optional, and wait for it to be acknowledged. 5) Once I have the acknowledgment back, go to my SpamCop web page for reporting spam [http://www.spamcop.net/], sign in and click on the link which says 'You have unreported spam'. 6) Review the output and when satisfied send the reports. 6.1 )The biggest difficulty I have is to get the parser to recognise some embedded URLs. I have found that using the 'Back' button in Firefox to go back to the 'Report spam' page and input the URL [copied from the report] by itself. This may need to be repeated too but usually gets over the hurdle and reports the Spamvertised site as well as the sending URL when I again click the 'You have unreported spam' button. 7) Repeat steps 5 and 6 until done. I keep Firefox open with my Web Mail on one Tab, SpamCop reporting on another and DNS Stuff [http://www.dnsstuff.com/] on another. That way I can monitor what is going on and research stuff easily. This scheme works for me as I have a small load to deal with. Others might like to comment on what works for them. Paul G. Taylor Auckland, NZ
  3. dbiel

    Test topic

    test
  4. Thanks David, I am going to see if they respond to my request to have it turned back on, otherwise I will simply stop using my SpamCop account.
  5. nei1_j I regret to read of your unhappy experience. The FAQ in the forum can be difficult to navigate which is why the SpamCop Wiki was created. The link is SpamCop Wiki Home Page You will find links on the top of that page as well as every other page to a Category Listing, Page Index, there is also a glossary. The terms are linked back and forth throughout the wiki. Here is the link to a definition of Spamvertized URL I believe you will find the Wiki much easier to navigate than the forum FAQ
  6. One other note: SpamCop will not block any email unless someone in the mail stream is using the SpamCop Blocking List, even then the recommendation from SpamCop is not to totally block the messages but rather to flag them as spam or potential spam. Some mailserver do use the SCBL to totally block mail for the listed IP address. The problem is that there maybe a lot of valid message being process that would never be delivered. If you simply want to keep them out of your inbox, simply set a filter on your mail client to filter the specific domains that you are having an issue with
  7. If he is using a mail server that sends a very small amount of spam, then his spam would be a small percentage of the mail processed by that server Unfortunately you posted your reporting ID for that email. No one here is able to open that. You need to post the Tracking URL then we can do a bit more research on the subject See the following entry for more information: TrackingURL
  8. dbiel

    SpamCop Glossary

    SpamCop Glossary in Alphabetical Order last edit 5 March, 2015 The SpamCop Glossary currently exists in three "flavors". This forum version; the new SpamCop Dictionary version; and the newest, a Wiki "flavor", that includes extensive cross indexing Note: additions, corrections, suggestions, etc are encouraged and will be merged into this consolidated glossary after allowing amply time for comment. Please post your comments in this thread. After they have been consolidated they will be moved to the archive SpamCop Glossary Archive, Historical record of changes and posts Click on the link to jump to Archive. For terms not included in this glossary please see the entry Additional Glossary Sources found at the conclusion of this glossary. Note: All underlined text (regardless of color) found in the glossary is an indication of a clickable link. These links vary as to how they function. Some links will simply jump you to another part of the glossary (using the browser "back" button will return you to your previous location); while other links will open up a new window. Color coding in the glossary is used to grab attention or to aid in readability. A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z, Clicking on any of the index items below will jump you to that entry below. Using the browser's back button will return you to the index. /dev/null'ing Acronyms AFAIK AKA Backscatter Backronym Bacronym BBCode BI Bit Bucket Blackhole Blowback BOFH Bounce Breidbart Index BTW C/R Cache Cartooney CatchAll Account Challenge Response Chain Mail cid: CIDR - Classless Inter-Domain Routing Content Filter Content-ID: Domain Name DNSbl FAQ Fastflux Flaming FormMail FWIW ham Honeypot HTIW HTML HTTP HyperLink IIRC IIUC IIWY IMAP Innocent Bystander IP IP Address IPv4 (Internet Protocol version 4) IPv4 (Internet Protocol version 6) ISP ISTM ITYM Jargon Joe Job List Washing Mail-Host Configuration Manual Report Misdirected Bounces Mung / Munge MX RecordNetiquette Netizen Newsgroups NOC NSP Obfuscate Open Relay Report Open Relay Testing System(s) Report OWTTE Parser Parser Page Parsing Phish / Phishing Pink Contract PITA POP3 PSBL Proxy Quarantine Quick Reporting rDNS RFC Report Report Email Address Report History Report ID Report Types Report URL Return-Path RSN RTFF RTFM SBRS SMTP SMTP-AUTH SMTP Reject spam spam SpamCop spam Source Report Spamtrap SpamvertizedURL Spamvertized URL Report Tarpitting Technical Details Third Party Source Report tinw TOE TPTB Third Party URL Report Tracking URL TTFN URI URL URN User Defined Recipient Report User Notification Report Using last resort contacts UUBE Vacation Responders VER - Very Easy Reporting Voicemail Web-Bug WebMail WHOIS Worm Poop Clicking on any of the index items above will jump you to that entry below. Using the browser's back button will return you to the index. A special thanks to Wazoo for getting the index to work. /dev/null'ing Sending something nowhere. SpamCop's parser discards messages by sending them to user#domain[at]devnull.spamcop.net (this is a pseudo-Report because it doesn't go anywhere, but it does get recorded in the statistics and can help keep an SCBL listing alive). Reasons for discarding reports include bouncing of previous Reports that were sent to user[at]domain, as well as SpamCop Deputy and SpamCop Admin intervention due to listwashing, ROKSO listing, obviously ignoring reports, passing reports to inappropriate places, etc. The derivation of this term is the Unix Null Device /dev/null. Other terms for the same concept include vaporization, deletion, and sending something to a data sink, Bit Bucket, DOS's NUL:, trash can, or round file. For more info, please see Steps taken by the parser and Ellen's description of why Reports are turned off. Acronyms & Text Messaging Shorthand The following link is to NetLingo's extensive List of Acronyms & Text Messaging Shorthand Acronyms have always been an integral part of computer culture, and they have since spawned a new language on the Internet. Commonly thought of as a series of letters that make up a "word" there is a distinction between acronyms and shorthand. Online enthusiasts, primarily millennials, are learning that shorthand are in fact called acronyms, but this is incorrect. The difference between acronyms and shorthand is that with acronyms, you pronounce the letters as a new word (for example, FUBAR is pronounced "foo-bar" and RADAR is pronounced "ray-dar"). In contrast, shorthand pronunciations are always to say the letters one-by-one and not pronounce it as a word (for example, FYI is pronounced "F-Y-I" and BRB is pronounced "B-R-B"). The difference between shorthand and an initialism (or abbreviation) is that the latter refers to the shortening of a word itself, for example "esp" for "especially." The online practice is to refer to any shorthand or abbreviation as an acronym. Examples commonly used in the SpamCop Forums include: AFAIK - As Far As I Know AKA - Also Known As BI - Breidbart Index BOFH - Bastard Operator From Hell BTW - By The Way FAQ - Frequently Asked Questions FWIW - For What It's Worth HTIW - How The Internet Works HTML - HyperText Markup Language HTTP - HyperText Transfer Protocol IIRC - If I Remember Correctly or If I Recall Correctly IIUC - If I Understand Correctly IIWY - If It Was You IMAP - Internet Message Access Protocol ISTM - It Seems to Me ITYM - I Think You Mean NOC - Network Operations Center OWTTE - Or Words To That Effect PITA - Pain In The Ass POP3 - Post Office Protocol version 3 RSN - Real Soon Now SBRS - SenderBase®Reputation Score SMTP - Simple Mail Transport Protocol TOE - Train On Errors TPTB - The Powers That Be TTFN - Ta Ta For Now tinu - there is no us tinw - there is no we URI - Uniform Resource Identifier URL - Uniform Resource Locator URN - Uniform Resource Name UUBE - Unwanted/Unsolicited Bounce Email Alternate reference source: Internet slang From Wikipedia, the free encyclopedia. Backronym A backronym or bacronym is a type of acronym that is formed to match the letters of a word already in use. The word "backronym" is a portmanteau of back and acronym and was coined in 1983. See the entry in wikipedia for a more detailed explaination. BBCode BBCode is short for Bulletin Board Code. It is used as a way for formatting posts made on message boards, blogs and more. It is similar to HTML in the sense that in BBCode one does also use tags to format something specific (contained within the tag). In BBCode, tags are indicated by rectangular brackets surrounding a keyword, which is in turn transformed into HTML before being delivered to a web browser. BBCode was implemented as method of providing a safer and easier way of allowing posts to be formatted on forums. Before BBCode, forums sometimes allowed users to include HTML code in their posts, which had many security issues (i.e. the user could execute java scri_pt code, break the layout of the site and so on). With BBCode being parsed by the forum scripts, it is easier to control what the user can do and can not do (allowing or not allowing specific BBCode tags). The basic BBCode tags are often very similar across many different forums (which includes the SpamCopForum) but there are some variants in existence as well. Sometimes BBCode tags have to be in specific cases (i.e. [ b]bold text[ /b] will work, while [ B]bold text[ /B] will not). It is also very different as to which of the more unsafe and/or complex tags that are supported. For instance you cannot always expect the [ img] image tag to be supported as allowing posters unlimited power to post any picture they like could have some pretty nasty effects. Source: http://www.bbcode.org/ Note: space added at the beginning of each BBCode tag to stop them from being rendered in this definition. Note: in the SpamCopForum, BBCode tags are not case sensitive. When writing or editing a post in the SpamCopForum, clicking on "BB Code Help" will open up a help screen that contains detailed examples. Bit Bucket The universal data sink (originally, the mythical receptacle used to catch bits when they fall off the end of a register during a shift instruction). Discarded, lost, or destroyed data is said to have gone to the bit bucket. On Unix, often used for /dev/null. Sometimes amplified as the Great Bit Bucket in the Sky. Blackhole This is a system where suspected spam is accepted by the mail server or user and silently deleted. Neither the sender or the receiver is notified. This seems to be preferred by many companies as it means that none of their potential customers will see a rejection message, and by many users as they can not tell if a spam filter deleted the message or some other computer glitch deleted it before it got to their server. When coupled with a whitelisting system where any outgoing e-mail address is whitelisted for a response, the error rate can be almost invisible to the senders and the receivers. As with the quarantine method, it is a more expensive method than using DNSbls. Blowback, Backscatter, Misdirected Bounces Delayed bounces, virus notices, out-of-office messages and other forms of auto-responses that are frequently mis-directed, basing their targets on data found within forged header lines. In the past, these types of notifications were a nicety. However, as the spammers have once again used a "feature" of something developed under the "trusted users" model to aid in delivering their spew, this activity of e-mail servers has moved into the "bad"zone. More desirable these days is the non-deliverable e-mail will be handled at the time of attempted delivery, such that any rejection notice required is supplied to the sending server, rather than a possible innocent third-party. See also: http://www.spamcop.net/fom-serve/cache/329.html http://spamlinks.net/prevent-secure-backscatter.htm Bounce Used by some as a description of undelivered e-mail. More accurately it refers to a mail message that a mail server generates to indicate a mail message is not delivered. RFCs allow a receiving mail server to generate a bounce, but that is no longer a good practice as for spam or viruses which are now between 50 to 70 percent of incoming e-mail, that bounce will go to some innocent victim, like you. The preferred practice is for the receiving mail server to issue an SMTP reject code if it can not deliver the e-mail, and then the sending mail server will generate a bounce. Since spam and most recent viruses are not sent through real mail servers, no bounce message will be generated for them. Breidbart Index (BI) A weighted measure of posting and cross posting of an article in newsgroups in which an index of 20 or greater is taken by some administrators to be a spamming violation and the posts liable to cancellation. The Breidbart Index is defined as the sum of the square roots of n (n is the number of newsgroups each copy was posted to). Example: If two copies of a posting are made, one to 9 groups, and one to 16, the Breidbart Index is 1*sqrt(9)+1*sqrt(16) = 3+4 = 7 Example: 10 copies of an article are posted, each cross-posted to 4 groups, the BI is 10*sqrt(4) = 20 External reference: The Breidbart Index Definition & spam Threshold FAQ Cache A cache (pronounced cash) or buffer is basically a local copy or storage area that provides speedy access to stuff that is normally stored elsewhere. Computers cache and buffer information inside and outside their CPUs, in RAM, and on Hard Disks. In the interest of speed and reduced redundant network traffic and load, the Parser caches DNS, WHOIS and abuse.net lookup results (more info on them below) Information about how long the Parser caches those lookup results is confidential, as exact numbers might give the spammers ideas. Cartooney The term cartooney refers to the baseless legal threats or the nonexistent lawyers often made by spammers in their attempts to be removed from mail filters. The word can be used either as an adjective or a noun; i.e., "The spammer made cartooney threats" or "The spammer sent me a cartooney". CatchAll Account An e-mail account that accepts anything in front of the [at]Domain part of the e-mail address. In the days before spam, this was a normal mode of most all Domain / web-site settings. Now it's more advised to actually define 'real' e-mail accounts to be used by that Domain and reject e-mail sent to non-existent accounts. This is sometimes an issue with various web-hosting plans that may limit the number of e-mail accounts that can be used, but there should normally be enough available to handle things like info[at] sales[at] webmaster[at] etc. C/R or Challenge Response A service that issues a challenge to make sure that a human is sending a mail. When they challenge spam and viruses, they bother innocent people. If they use SMTP rejects, then only real senders will get the challenges. Generally an expensive method of spam control, and spammers can easily get around the challenge if they care to by redirecting the challenge to a porn site and promising free porn to the humans that visit the site and answer the challenge. A challenge response system that does not use SMTP rejects is prone to sending e-mail to spamtraps which will cause other mail servers to refuse the challenges. The only way that a challenge response system that does not use SMTP rejects to avoid hitting spam traps is if it makes sure that it never issues a challenge to a forged address in a spam or a virus. And of course if it knew how to do that, it would not need to issue a challenge. Chain Mail A typical chain letter consists of a message that attempts to induce the recipient to make a number of copies of the letter and then pass them on to two or more new recipients. A chain letter can be considered a type of meme, a self-replicating piece of information that uses a human host to distribute copies of itself. Common methods used by chain letters include emotionally manipulative stories, get-rich-quick pyramid schemes, and the exploitation of superstition to threaten the recipient with bad luck or even physical violence if he or she "breaks the chain" and refuses to adhere by the conditions set out by the letter. See also http://en.wikipedia.org/wiki/Chain_letter CIDR - Classless Inter-Domain Routing A method of expanding the usable number of IP addresses available by changing the method of how the numbers are interpreted for routing purposes. See Wikipedia for a more detailed explanation. Content Filter A content filter is one that looks at the contents of a message and tries to guess if it is spam or a real e-mail. Generally content filters are not vary accurate, and as they require that the mail server allow the transfer of the body of the message, they are more expensive to operate than using DNSbls. Generally to make up for the inaccuracies in content filters, they are accompanied by a quarantine area to check for errors. The accuracy of content filters can be greatly enhanced by using conservative DNSbls to keep the bulk of the spam out of the mail server, and then using aggressive DNSbls or fail strict rDNS checks to determine if the content filter should examine the message. Of the content filter checks, the one that shows the most accuracy is to look up the I.P. address that any web link in the e-mail references, and check it against a DNSbl. But you only want to do that check on e-mail that fails one of the aggressive tests, or you may miss legitimate mail discussing spam and how to fight it. Content-ID: / cid: The Uniform Resource Locator (URL) schemes, "cid:" and "mid:" allow references to messages and the body parts of messages. For example, within a single multipart message, one HTML body part might include embedded references to other parts of the same message. (extracted from http://www.ietf.org/rfc/rfc2111.txt ) DNSbl DNS based blocking system. A DNS server keeps track of IP addresses that meet the listing service's criteria. Also known as BLOCKING LISTS and BLACKHOLE lists. Mail servers and other network servers can reference them to reject mail or connections, or to decided if they need to examine them further. They also can be used to indicate trusted IP addresses to accept mail or connections. There are many DNSbls with different criteria. The spamcop.net DNSbl lists IP addresses that spam has been reported to originate from. It is aggressive, and may list real mail servers. Some list only IP addresses that have been shown to be compromised and abused by spammers. Others list IP addresses that are known to be controlled by spammers. These are known as conservative DNSbls. And some list IP addresses that are DHCP assigned. These are known as Dyanmic list and sometimes DIALUP lists. Many mail servers will not accept e-mail from these addresses. There are also DNSbls that list all IP addresses for specific ISP's and countries. Use of conservative DNSbls can block over 80% of the incoming spam usually with out any real e-mail being rejected unless the sender's mail server has a severe security problem. Adding a good DHCP blocking list to that can eliminate most of the remaining spam with a very small chance of rejecting a real e-mail. An aggressive DNSbl can be used to indicate if additional tests should be done on an incoming e-mail to see if it is spam or real e-mail. Also see rDNS Links to other definitions of DNSbl http://en.wikipedia.org/wiki/DNSbl http://www.webopedia.com/TERM/D/DNSBL.html Domain Name Domain names have an important role in Internet traffic. They provide a straightforward basis for contact with computers, websites and electronic mailboxes belonging to companies, other organizations and private individuals. Using a domain name, an Internet user can, for example, find the site belonging to a company and thus obtain information, view the company's catalogue, place an advertisement, perform a financial transaction, place an order or whatever. In short, domain names make the Internet usable. Domain names are derived from the unique numbers that all computers on the Internet have. These numbers are known as IP (Internet Protocol) addresses and consist of figures only. Unfortunately, long numbers aren't very easy to remember, so it was decided to use a system whereby you can have a name that corresponds to an IP address. The Internet uses what are known as "domain name servers" to look up the numbers (IP addresses) that these names correspond to. Every domain name is made up of at least two elements. The last element of the name is called the top-level domain. Country code top-level domain names refer to countries; so, for example, there is ".nl" for the Netherlands, ".be" for Belgium and ".de" for Germany (Deutschland). Not all top-level domain names relate to countries, however. The most commonly seen top=level domains were agreed upon as an aid to identify the type of site you were going to visit. These include ".com" for commercial, ".org" for organization, ".edu" for educational, ".net" for network, ".gov" for government. Recent additions include '.info' for informational and '.biz' for business. However, it must be noted that spammers and hucksters have managed to further muddy the waters that these 'identifying' names were supposed to represent. The item in front of the top-level domain name is usually the company/personal/entity name of the folks behind the web-site. The "www:" in front of all of this is also (mostly) a convenience, letting the user know that this is a web site normally accessed via a web-browser using HTTP (HyperText Transfer Protocol) .. You may also see "ftp:" (File Transfer Protocol) or "news:" (Network News Transfer Protocol) Items seen between the first "protocol" bit and the company/personal/entity name is basically there to guide to to a certain/specific area that is hosted by the folks behind the name. Items seen after the Top-level Domain name (separated by a "/") will take you to a specific web-page on that hosted web-site. Fastflux Alternative (somewhat overlapping but complementary) definitions: A situation wherein a server is "hosted" on some sort of a botnet of disparate (and undoubtedly unknowing) machines. This makes it difficult to resolve and, once it does resolve, the SpamCop parser usually only picks on the first of the rotating roster of addresses. Generally, the spammer hosts DNS records on compromised computers using a very short time-to-live number. The SpamCop parser may hit one time when there is something actually found at the IP Address found at the time of its DNS look-up, other times it will hit a cached record but the actual payload has already moved. FlamingFlaming is the act of posting messages that are deliberately hostile and insulting. It will not be tollerated in the SpamCop Forums with the possible exception of the Lounge, but even there limits do exist. Differences of opinion are not flaming and are fully welcome here. All we ask is the you follow standard Netiquette. For a more detailed definition see Wikipedia:Flaming FormMail Formmail.pl, one of the most-used perl scripts on the Web, is designed to send data entered into a Web form to an e-mail address. This scri_pt could be exploited by a malicious user who could use FormMail as a spam server. If you use this scri_pt, spammers may be able to use it to send spam freely using your server's resources. A paper (long) explaining the FormMail vulnerability is available at http://www.city-fan.org/ftp/contrib/websrv...il-advisory.pdf Note this is a January 2002 document referencing FormMail 1.9 Also see formmail vulnerability tester [at] http://www.monkeys.com/formmailer/ftest1a.html Version: 1.92 - Released: April 21, 2002 see: http://www.scriptarchive.com/formmail.html Also see The nms Project for current versions of FormMail ham The opposite of spam, i.e. regular email Honeypot A server that is set up to trick an intruder. Located either outside or inside the firewall, it is designed to let crackers think they are in a production machine. The applications running in the honeypot are set up similar to a normal server except that the data being processed is phony. The honeypot is used to detect intruder's techniques as well as determine what may be vulnerable in the configuration of servers that are performing valid work. A "honeynet" is a network containing honeypots. A "virtual honeynet" is a honeynet that resides in a single server, but pretends to be a full network. See entry in The Jargon File for additional meanings and usages of the term. HTML HyperText Markup Language (HTML) is the most common language of the World Wide Web (WWW). It can be used for formatting purposes in both the SpamCop Forums as well as the SpamCop Wiki, but its use has been limited due to abuses. In the forums, it has been limited to use within the FAQ related forums only, and further limited to use by only thoses who have previously shown an interest and ability in working on expanding and/or improving the current SpamCop FAQ. Note: the primary language for formatting within the SpamCop Forums is BB code, which is open to use by all registered users. In the Wiki it can be used by any registered user but the language itself has been reduced to a "safe" set of commands. HTTP HyperText Transfer Protocol - The protocol for moving hypertext files across the Internet. Requires a HTTP client program on one end, and an HTTP server program on the other end. HTTP is the most important protocol used in the World Wide Web . HyperLink A HyperLink is a clickable link to another page, document or other resource. See http://en.wikipedia.org/wiki/Hyperlink for more information IMAP Internet Message Access Protocol (IMAP) is one of the major email protocols along with SMTP and POP3 and belongs to the application layer of the Internet protocol suite. It is one of the three (four, if you count forwarding) methods for retrieving messages from a SpamCop Email Account. The other two are POP3 and WebMail. You need a local email client to make use of IMAP. Unlike POP3 which will download all unread mail to your local email client, IMAP allows for direct access of your mail on the mail server permitting selective downloading of your messages and also allows for easy moving of messages between different email servers and accounts. It can also be used in conjunction with the VER interface to make use of the additonal reporting options only available with an SpamCop Email Account. Innocent Bystander (IB) An Innocent Bystander (IB) is a URL or URI that is present in spam but is not authorized for such use by its owner. Spammers will put 'innocent' URLs in their spam to make it look legitimate, for instance references to news articles or government web pages. Other examples include the mandatory advertising placed at the bottom of email messages in footers by free webmail companies and by antivirus software*. In the case of phishing email, nearly all links will be stolen from the Innocent Bystander. An attempted Report of a URL or URI that is marked as an Innocent Bystander will be met with "ISP does not wish to receive report regarding [the Innocent Bystander]" and possibly "ISP does not wish to receive reports regarding [the Innocent Bystander] - no date available". Please see Once I close a spammer's account, how can I prevent others reporting it? for how an ISP can mark a URL as an Innocent Bystander. *Opinion: It is understood that free webmail companies need to recoup their investments via footer advertising. However, paid antivirus software companies' and paid ISPs are attempting to double-dip (unless they make it very clear in advance to their customers that their prices are significantly lower due to their footer advertising schemes, and give their customers options to pay higher prices for advertising-free products). IP An IP is an "Internet Protocol" implementing lower layers of the ISO 7-layer model for purpose of communication. An "IP address" is something different, and having people call it "an IP" only harms communication. IP Address Each device connected to a network, be it a LAN (Local Area Network), a WAN (Wide Area Network), or the Internet has an assigned unique IP (Internet Protocol) Address which identifies that specific device to the rest of the network. For example, Show me my IP Address will take a look at "your" computer and list the address of "your" system. (if you are using a modem to dial into your ISP, this number will likely change at every connection ... cable and DSL modems may have the same address for quite a while) Your ISP has a pool of IP Addresses, some are used to provide their customers with a unique address when on-line, others the ISP use themselves for things like running an e-mail server to handle all the incoming/outgoing e-mail for their customers. (NOTE: the above is very simplified. If/when all the other techy stuff gets added, this block will be revisited and a bunch of items will be added, like "See TCP/IP, Network Protocols, Proxy, etc.) For more info; http://computer.howstuffworks.com/question549.htm http://www.webopedia.com/TERM/I/IP_address.html IPv4 IPv4 (Internet Protocol version 4) defines the network level of the Internet Protocol on which today's internet is based. It defines an IP address as 32-bit (4 byte) address which can be written in a number of different way. Trying to keep this simple, the reason you need to understand something about it, is that SpamCop uses IP addresses as defined by IPv4 in its attempt to filter out spam from the internet. IP addresses can be written in many different forms, but the one used exclussively by SpamCop is the Dot-decimal notation. All address fall within the range of 0.0.0.0 to 255.255.255.255. The addresses that are most important to SpamCop are the IP Addresses of the Mail Server(s) used to send/receive email. Without knowing the specific IP addresses involved in handling your email, it is impossilbe to know why you mail may not be getting to it's intended destination. The number of unassigned Internet addresses, based on IPv4 is running out, so a new classless scheme called CIDR is gradually replacing the system based on classes A, B, and C and is tied to adoption of IPv6 (Internet Protocol version 6). For more information see: Wikipedia:IPv4 IPv6 IPv6 (Internet Protocol version 6) was created to deal with the address shortage under IPv4 and allows for a near unlimited supply. It is currently in use in the internet but only represents a very small amount of today's traffic. SpamCop currently does not work with IPv6 addresses which are normally written as eight groups of four hexadecimal digits. IPv6 addresses are 128 bits long compared to the 16 bit addresses of IPv4. For more information see: Wikipedia:IPv6 ISP Internet Service Provider .... the company you are giving your money to that lets you then connect to the Internet, send and receive e-mail, interact with some strange people, check the weather without having to get out of bed .. all those important things Jargon Definition 2 of the noun "jargon" per Merriam-Webster is "the technical terminology or characteristic idiom of a special activity or group". In the case of this Glossary (which attempts to explain SpamCop Jargon), the special activity is spam-fighting via SpamCop, and the group is spam-fighters or anti-spammers who use SpamCop. For more generic computer or hacker jargon, please see The Jargon File. Joe Job 1. A "joe job" is a spam run forged to appear to come from another innocent party, with the intention of generating complaints about the victim and damaging their reputation. 2. A Joe job is an e-mail spam designed to tarnish the reputation of an innocent third party. Despite having existed since at least 1996, Joe jobs are uncommon compared to other types of spam because they provide no commercial benefit to the Joe jobber. 3. A "joe job" is something far above and distinct from the all too typical spammer construct of a "From" Address Forgery For more info: Why am I getting all these bounces? http://spamlinks.net/faqs-joejob.htm http://en.wikipedia.org/wiki/Joe_jobs List Washing Spammers use List Washing as a method of removing "trouble makers" (those who have filed formal complaints) from their mailing list. This generally does not include those who have simply sent an unsubscribe request. Spammers use unsubscribe requests as a means to validate their mailing list and to create additional lists of address that are know to open and read spam messages. These lists are considered extremely valuable to spammers who sell the list as validated email addresses. Responsible list managers may use the process of list washing but the term should not be used in this context. List mantenance, merger/purge are better terms to use when talking about responsible list management where all unsubscribe requests are promptly processed and addresses are not added until they have been positively confirmed. The process can also be used to fine tune their lists for the specific needs or desires of their clients/subscribers. Due to file space limitations, the glossary has been broken up into multiple posts. See post #2 for next section of the Glossary
  9. dbiel

    SpamCop Glossary

    The dictionary predates the Wiki and was just one more of the tools Wazoo came up with to improve on the forum. I imported the majority of the information directly from the Forum Glossary. Then Wazoo came up with the Wiki and I copied the entries once more to the Wiki. For a while I was maintaining all 3 glossaries, but eventually gave up on the dictionary finding the Wiki to me a much better system for information. Here is copy of Wazoo's original post in the MemberP forum announcing the dictionary
  10. dbiel

    SpamCop Glossary

    Thanks Steve for fixing this. Suprisingly it was already correct in the Wiki version of the Glossary, as most of the entries were copied and pasted from the forum or the Dictionary to the Wiki. I see that it needs to be corrected in the SpamCop Dictionary as well, but since I no longer remember how to log into the dictionary to edit it it will have to stay that way.
  11. This relates to some recent posts such as "no master' but being a specific question I decided to start a new topic. I frequently see the message: I was under the impression that this was a special mail box used to hold reports that the receipient had requested not be delivered which would be used for statistical purposes. Then when the reports are sent the following is displayed: which to my uninformed mind seems to say that the reports are simply being trashed. Could someone translate the line in red for me?
  12. dbiel

    Help with Wikipedia Article

    Thanks from bringing up this problem. The last time I edited the Wikipedia SpamCop entry was back in July 2007, I was supprised it had been that long ago. I will try to find some time to work on it. You have mentioned a lot of good points that need to be worked into the article.
  13. Well unfortunately there are still a lot of users out there that continue to use these services as their primary email address. In my case 2 of the 5 members of our homeowners association are using hotmail address. It makes it very difficult to work around it especially with my android phone. I am getting very closes to closing my spamcop account as Earthlink's filtering has improved greatly, so much so that the vast majority of my spam comes from my spamcop address that I never give out to anyone. The only advantages left for me are: 1) the "nearly unlimited" storage space you get with no additional cost 2) the fact that using the SMPT service there is no limit to the size of the files that can be sent, but on the other hand, the majority of users do have limits on the file size that they can receive.
  14. I added the information to the forum howto file entry #24831 which is also linked to from the wiki
  15. dbiel

    Non-Profit getting a bad rap

    One thing is see missing here is your email server. Are you using your own email server or one belonging to someone else like your ISP Also if you are using your own email server, who else has access to it? If it is not properly protected you may find some spammer using it which then creates problems for you when your server gets blocked. Though it is a very good idea to include an opt-out link, you should remember that it is generally recommended to NEVER use an "opt-out link" to try to get off a spam email list. The only people that are likely to use the opt-out link are your friends who know who you are but would rather not receive email from you. The following may or may not apply to your situation but should be considered anyway
  16. There were actually 2 separate issues raised here. Steve answered the 1st which was the [at] being replaced with at. - This is simply a function of this forum's setup The second issue was the report address itself. I have sent an email to Don to look into this issue. As stated, this is without question not the address of "Administrator of network where email originates"
  17. Seems like an error in the SpamCop database. Will send an email to Don and see if he can fix the problem.
  18. If you are talking about a single user account or multiple single user accounts, follow Don's suggestion above, but if you are talking about a true "corporate" account with 2-500 employees then see the wiki entry at: http://forum.spamcop.net/scwik/SpamCopMailSmallBusiness
  19. see http://forum.spamcop.net/scwik/SpamCopPassWordProblems
  20. Don I think you may have read this thread differently. I believe the request is for sending source information, not who filed the spamcop complaint I believe Peter is in the middle between his IP host and Peter's user who sent the mail Peter, did I describe the situation correctly? then Don should be able to help you. Or are you looking for info on who the email was sent to? in which case you are out of luck
  21. dbiel

    Mail/dns issues

    It looks like not all mail has made it to the inbox or held mail folder. I had to have one user resend the message. I did a test to multiple email address that all forward to my spamcop address and they all were received quickly. At least that is some good news.
  22. Not that I know of. All credit cards are process through paypal
  23. Here is a link that should work. It does allow for an amount like $13.82 http://www.spamcop.net/fom-serve/cache/300.html
  24. Reply- Thanks for reporting this issue, unfortunately there is nothing we can do about it. I would recommend using the search function found in the forum which does still work Reply - This is an age old issue that we are aware of but unfortunately are unable to do anything about it. It should be noted that there are actually two separate SpamCop companies, (see: http://forum.spamcop.net/scwik/SpamCopWhatIs ) one that handles Reporting and the one that handles the email service. The forum and wiki exist as part of the email side of the company and is maintained solely by regular users, like yourself. Don is about the only one from the official "Reporting side of SpamCop" who does from time to time post replies to specific questions here, but he is unwilling to provide any assistance in updating and maintaining the forum FAQ or Wiki. The official spamcop.net help pages are so far out of date that they are nearly worthless. It is a shame that no one from the official side of SpamCop is willing to assist us mere users to maintain the forum or wiki FAQ entries let alone the official one. Reply - You may want to take a look at: http://forum.spamcop.net/forums/lofiversio...php/t11498.html You can use the Forum search tool at the top of the window to either search the Forum/FAQ or the Wiki (use dropdown box to switch the search to the wiki) Sorry that I do not have time to be of more assistance. Good luck in to search. We would love for you to post your finding here.
  25. dbiel

    Seemingly Leaky Filter

    How are you accessing your mail? The filters will not work automaticly unless you use the webmail interface. Also have you tried running the filters manually?
×