Jump to content

Neil Parks

  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Neil Parks

  • Rank
  1. http://www.spamcop.net/sc?id=z5632619976z6...378fa79e8de34fz If I'm reading this correctly, it looks like a report was supposed to go to abuse AT xo DOT com, but the report was not sent. Could that have something to do with the fact that all the other reporting addresses were invalid?
  2. Same error here: http://www.spamcop.net/sc?id=z5477202101z1...f497d0dc64e72dz
  3. Neil Parks

    "Can't parse date of spam for age detection"

    I may have inadvertently posted this to the wrong forum: http://forum.spamcop.net/forums/index.php?showtopic=13113
  4. Please look at http://www.spamcop.net/sc?id=z5458084753z8...fefa396f939e37z Please notice that the letter x has been inserted into the dates in the Received records. This is how the same Received records appear in the original spam as I received it: The original spam also contained this Cc record: Notice that the apparent addresses in the "n1.zoner.com" domain are actually components of the date and time! To test whether this Cc record was affecting the Spamcop process, I resubmitted the spam with that one record--and ONLY that one record--removed. The result can be found in: http://www.spamcop.net/sc?id=z5458098409z5...f75cd686396f64z This second submission was processed and reported successfully.
  5. I have received several spams recently with clickable links in the bit.ly domain. Spamcop invariably routes the report to abuse[at]bit.ly. But on occasion I have received some spams with links in the tinyurl.com domain. Spamcop follows those links and sends its reports based on the actual site being linked. I'm just curious as to why Spamcop does not do the same for bit.ly.
  6. Neil Parks

    IPv6 Again

    Please have a look at this tracker: http://www.spamcop.net/sc?id=z5365951489zf...02d05da767f8ebz There is an IPv6, but it occurs entirely within a domain that is on my mailhosts list, rollernet.us. Rollernet received the email from yahoo.com. Until the IPv6 parser is ready, could something such as this be treated as an exception?
  7. There seems to be a problem today (Tuesday). When I click the above link I am supposed to see spam for which reporting is not yet completed. Instead it is showing me the opposite: It brings up spams for which reports have already been sent. Paging through the "Past reports" screens, I see several spams listed for which reports have not been sent. The last report that was completed was at 10:43 Eastern Daylight Time today. I clicked on a couple of reporting links in a confirmation email, and those seem to be working normally. It is apparently only the "Unreported spam Saved: Report Now" that is going wrong.
  8. I deleted the entry for gatewaydefender.com and tried to add it again. I got 3 test emails. When I returned each of them I was referred to the link where I could request a waiver. I did that, and the waiver was granted. Result: The dropdowns for gatewaydefender.com look exactly as they did before. Same 2 "host/domains" and same 2 relaying IP's.
  9. My perspective is that it did not fix the problem. What is it I should look for? The dropdown entries under gatewaydefender.com are exactly what I quoted above--nothing more.
  10. Gladly. How do I do that? I already tried using the "Add New Hosts" for that email address, but nothing new was added. Just to make things more confusing, another spam that traveled through was successfully reported: http://www.spamcop.net/sc?id=z832505370z09...fe31fac67316aez
  11. I am starting to see some strange rejections from Spamcop. Representative example: http://www.spamcop.net/sc?id=z832505369zd7...8351ccbd6ead94z My registered mailhosts include: Apparently gatewaydefender.com has added some new IP's in the 209.153.138.x series.
  12. After further review, I don't think I was so wrong after all. http://forum.spamcop.net/forums/index.php?showtopic=2009 That's exactly what I was expecting, and that isn't what's happening.
  13. I'm aware of all the things that you said. But I guess I didn't make my point clearly enough: I could have edited all that localhost junk out before submitting the spam, and it would have parsed CORRECTLY--as all the spams I have reported in the past parsed correctly. I could have DELETED everything through this: Received: from localhost (localhost []) by horiyos.capalon.com (Postfix) with ESMTP id 3373D16DED3 for <x>; Wed, 28 Sep 2005 06:47:18 -0400 (EDT) and sent it to SC starting with this: Received: from d58-104-255-9.dsl.nsw.optusnet.com.au (d58-104-255-9.dsl.nsw.optusnet.com.au []) by horiyos.capalon.com (Postfix) with SMTP id 498C816E0A4 for <x>; Wed, 28 Sep 2005 06:47:10 -0400 (EDT) I guess I misunderstood the PURPOSE of the mailhost registration plan (and I think that's a good word for it.) I thought that SC's code (you think I don't know it's a program??) would then recognize all headers associated with registered domains such as capalon.com, and skip down to where it found one that was not. But obviously I was wrong about that and I'll just have to go back to the old cut-and-paste way that was working before.
  14. Another example of same situtation, just to verify that the one above is not an isolated instance: http://www.spamcop.net/sc?id=z810156097z35...ca2179cacda0f2z
  15. http://www.spamcop.net/sc?id=z810156459zb3...60c16244220421z This is one of the first times I have attempted to report spam since registering for the Mailhost plan. I get mail at an address in "torah.org" which uses a mail server "capalon.com". That forwards to an address in "en.com" (Exchange Net, Voyager, Corecomm, gatewaydefender.com). As instructed by the Mailhost screens, I registered both addresses in "reverse" order--the en.com address first and then the torah.org address. Prior to joining the new plan I would just delete all the top headers that showed the traffic between capalon.com and en.com. Tne first Received line you saw would clearly show where capalon.com received it from the spammer's IP. I joined the Mailhost plan hoping to make things easier for myself. I thought now I could just forward the email to SC as an attachment, and you would know how to read down through the authorized relays to get to the spammer's IP. But alas, that is not the way it turned out. As you can see if you go to the URL above and look at the headers, SC stopped one record short of its goal. Capalon routes its mail internally by way of a host before it goes off to en.com. SC got fooled by that extra internal routing, and did not go onto the next line which clearly shows where it entered Capalon. I hope that problem can be corrected.