[namecheaphosting]

Thanks JoeF ... it would be hard indeed to disagree with your assessment. What can be done to bring them to account, I ask myself - unfortunately without any ready reply.

[What is SpamCop?]

An amended version of the Custom Pages redirected original, lost in the October 2014 changes, incorporating the relevant "Where to get Help" detail from the SCWiki. Do not overlook the Forum general help file - http://forum.spamcop.net/forums/index.php?app=core&module=help

SpamCop is a comprehensive service offering something for everyone in the fight against spam. In this case, COP stands for Citizen On Patrol. SpamCop Reporters patrol their mailboxes and report the spam inside. SpamCop has the following component Services and Systems:

• Parsing & Reporting Service
• Blocking List Service (SCBL)
• Frequently Asked Questions (FAQ) www.spamcop.net hyperlinked (Original)
• Frequently Asked Questions (FAQ) single-page access (much expanded)
• Forum Portal Page
• Glossary
• Index Page entrance to the whole thing!

An alternative view suggests the following analogy;

SpamCop works exactly like the credit reporting agencies, and since most people understand how that works;

• SpamCop == Credit Reporting Agency
• SpamCop Users == Various Financial Entities that report credit info
• ISP using SpamCop to handle incoming email == Dealership using credit report information to decide whether or not to give you the car loan

Read at least one of these following entries prior to posting your query, complaint, rant, whatever. Failure to note the basic concepts may result in getting an answer that you'd probably rather not see/read!

• How-to Post a Question - Short
• Forum Use, General Intro - not so short
• How To Ask Questions The Smart Way - long/off-site
  • (not SpamCop.net affiliated - just a heck of an explanation of the obvious) Note their Disclaimer!!!
• How to use the SpamCop.net support Forum

If any/all of this existing pile of resources doesn't resolve the issue, answer the question, make you happy, then there is the option to directly contact the extremely small handfull of overworked SpamCop Staff. Two currently (and historically) handling queries are:

SpamCopAdmin -- Don D'Minion/Argyle - SpamCop Administrative affairs, also serves as a Deputy
* email address: service[at]admin.spamcop.net

Richard W -- Richard/R.W. - Deputy (SpamCop Reporting and legacy email)
* email address: deputies[at]admin.spamcop.net

For an issue with the Parsing & Reporting / Blocking List systems;
How do I contact a SpamCop Representative?

[SpamCop Email Service Changes]

... And there is absolutely no way to talk to a person about this. And when you finally break through and register here, it happily accepts your spamcop.net address to send the authorization information to...

E-mail Richard W at deputies[at]admin.spamcop.net to see if he can help with your forwarding problems.

[namecheaphosting]

Hmmm ... softlayer,com hosting (mentioned earlier above) - https://www.spamcop.net/sc?id=z6022803755z675f6f7f0149e72fb6e07ccf7f700a84z -

used by flipmailer.com in some pseudo "social networking" spam malarky. Social? I'm barely civil, where did they get my detail? When I go to SenderScore.org (need an account - free - to get full detail) I see softlayer is only the tip of the iceberg, the flipmailer junk is going through at least 296 servers in many different networks in some sort of concerted way (despite softlayer hosting the designated MX servers - 10 of them - in DNS records). Maybe the same or similar in the NameCheap case which is the subject of the discussion. We know about snow-shoeing but that is ridiculous! I fear the myrmidons of spamdom may have hit upon a new and infinitely vile "paradigm" for the distribution of their feculence.

[namecheaphosting]

...

In Safari 7 on 10.9.5 and the usual DNS etc tools on a LAN attempts to return info or display a page all just time out.

Could be problem with the nameservers you are using (ISP defaults go temporarily wonky from time to time) or it could be local cache issue. Good idea to find an authoritative nameserver to verify DNS, start with a public one to do that.

C:\Documents and Settings\Admin>nslookup -type=ns namecheaphosting.com 8.8.8.8

Server: google-public-dns-a.google.com

Address: 8.8.8.8

Non-authoritative answer:

namecheaphosting.com nameserver = ns2.web-hosting.com

namecheaphosting.com nameserver = ns1.web-hosting.com

C:\Documents and Settings\Admin>nslookup namecheaphosting.com ns1.web-hosting.com

Server: ns1.web-hosting.com

Address: 199.188.205.135

Name: namecheaphosting.com

Address: 74.81.85.95

C:\Documents and Settings\Admin>nslookup -type=ptr 74.81.85.95 ns1.web-hosting.com

Server: ns1.web-hosting.com

Address: 199.188.205.135

95.85.81.74.in-addr.arpa name = vps3.namecheaphosting.com

85.81.74.in-addr.arpa nameserver = nn101.namecheaphosting.com

85.81.74.in-addr.arpa nameserver = nn1.namecheaphosting.com

nn1.namecheaphosting.com internet address = 199.188.205.135

nn101.namecheaphosting.com internet address = 205.251.128.234

Or use http://centralops.net/co/DomainDossier.aspx - tick all the query boxes for a comprehensive report, including abuse addresses etc.

[Just checking]

&nbsp &nbsp&nbsp&nbsp&nbsp If I remember correctly (and it's been a very long time, so there's a very good chance that I don't! <g>), TANSTAAFL is what Heinlein used; too bad it doesn't work! <frown>

Yes, "The Moon is a Harsh Mistress" popularised it - certainly following publication of that it entered the general vocabulary (by about 1967). It is all you ever need to know about economics.

[Just checking]

Oh, alright then, TANSTAAFL tanstaafl Tanstaafl - TWO regular expressions, this one case-insensitive

[Just checking]

Just checking - PFK - ah good, those 'free form' ones have no permanence outside of their original placement. Unlike the 'regular expressions' such as SC

[Just checking]

Activated the ACRONYM tag, using SC to bring it to life**. Apart from standard acronyms, (just the one so far) it can be used in 'free form' to add commentary, explanation to any post, readers just "hover" their cursors over the underlined text (like hovering on an xkcd cartoon) - as to be seen in the post http://forum.spamcop.net/forums/topic/14446-keep-getting-hacked-please-read/page-2#entry90756 and below.

** had to wait for a thunderstorm, lightning, threw the switch and it was done. "It's ALIVE," I cried, joyously. The wife looked at me strangely then stood firmly in front of the cutlery drawer while the cat beat a stealthy but dignified retreat.

[Just checking]

&nbsp &nbsp&nbsp&nbsp&nbsp  'tab' tag - this has been fixed now but the fix not applied retrospectively since the tag was only available for such a short time before being scrunched in the forum update, nobbled before it was used but a handfull of times.

Well, worse things happen at sea. And at least it isn't ailiased out by a 'quick' edit this time.

No, no, save your applause ...

[Just checking]

Munging e-mail addresses [at] [at]domain account[at] account[at]domain

Not quite as elegant as I remember it but near enough for government work.

[Just checking]

A "new" BB Code 'TAB':

&nbsp &nbsp&nbsp&nbsp&nbsp Here is an example of the 'tab' tag used to indent the beginning of a block of text. Only the first characters/line following the tag should indented, by one standard tab space (5 spaces), succeeding lines within the same text block defined by the tag revert to their normal left margin. No, I don't know what happens if you use it in conjunction with the other text positioning tags, 'right', 'left' or 'center', I leave that as an exercise for the student.

Note, once posted, use only "FULL Edit" else the non-breaking space characters become those annoying substitutions ( Â Â Â Â Â ) instead of clear space. Easily recovered - just re-edit (no changes needed) in full edit mode and submit.

Now, instead of a 3-character ellipsis one can use the 11 characters of opening and closing 'tab' tags. And at last we can show in plain text what headers with line continuation indents look like.

Received: from icp-osb-smtpdir7.iinet.net.au ([10.2.56.7])

&nbsp &nbsp&nbsp&nbsp&nbsp by icp-osb-dovedir-wa2.iinet.net.au (Dovecot) with LMTP id ZL55FQhpy1P3LAAA3sXqFA

&nbsp &nbsp&nbsp&nbsp&nbsp ; Sun, 20 Jul 2014 09:00:07 +0000

Even 'code' didn't always show that EXACTLY.

Received: from icp-osb-smtpdir7.iinet.net.au ([10.2.56.7])
	by icp-osb-dovedir-wa2.iinet.net.au (Dovecot) with LMTP id ZL55FQhpy1P3LAAA3sXqFA
; Sun, 20 Jul 2014 09:00:07 +0000

[Just checking]

Leading tabs and/or blanks are eliminated in posts (except inside 'code' and 'codebox' tabs IIRC). 'indent' works with an HTML <span> tag so is (effectively) a paragraph-type thing. I guess there are other ways but I don't know any off-hand.

[Just checking]

When forum auto whitespace removal isn't the look you're after (and 'center' doesn't quite do it)

use the (newly-added) 'indent' tag

(twice)

- lack of which had bugged me for a while ...

[Just checking]

ollǝH

[CESmail System changes]

Can you "cite" that please I seem to of missed it

To me a good thing if true

Point 8. in the first post in http://forum.spamcop.net/forums/index.php?showtopic=14280

[CESmail System changes]

What exactly are you suggesting we achieve and how? NOT looking to pick a fight, but asking respectfully.

Share ideas, share information (here), find a way around/other solutions - certainly some more information from CESMail is needed too, to make the situation more clear, but some people probably have no idea how to make spam submissions other than through the mail interface - those too will need "our" help.

[CESmail System changes]

The exquisitely uninformative wording as well as the Saturday night massacre timing of this announcement suggest that either it was a poorly thought out last minute decision or a take-the-money-and-run scam.

{sigh} not to mention an almost infinite number of other, perhaps more charitable, explanations. Has nobody else noticed how the reporting system was struggling on Saturday? Related? We'll probably never know but makes me, for one, wonder about straws and camel's backs and the unending attacks on the whole system which you can be sure have been happening.

As for "take-the-money-and-run scam" - really? After all these years of super-cheap subscriptions (matching the service with the economy IS proving a bit of a challenge when looking for alternatives, isn't it?).

People are hurt and lashing out is natural but "we" can achieve so much more once we get over that.

[SpamCop Email Service Changes]

ViRGE, haven't heard back from you yet, hope it is OK with you to share the exchange ...

From: Farelf

Re:Discussing Spamcop Alternatives, Aug 10 2014, 01:53 PM

echo "CC: list should be here." .

Hi ViRGE,

I should think that comprehensive discussion of the situation, including alternatives to establish the functionality that will be lost (as far as that can be achieved), would be appropriate. There will a divergence of views and (no doubt) much misinformation which can only be tempered by the more informed views and solid information coming from a wide-ranging airing.

I confess, I'm not a lot of help here, not being a mail user, but would trust that the usership can find their way through to some useful outcomes.

Regards,

Steve

P.S. I might post this in public, OK?

S

From: ViRGE

Discussing Spamcop Alternatives, Aug 10 2014, 01:40 PM

echo "CC: list should be here."

Hi Farelf;

In light of this evening's announcement about CESmail ceasing the email hosting portion of their business, I am wondering if we may have formal permission to discuss Spamcop alternatives on this forum? I realize that was an issue before when CESmail was still a hosting operation, but seeing as they are now getting out of that business, I am hoping this is no long a conflict of interest. smile.gif

-Thanks

ViRGE

[SpamCop Email Service Changes]

My emphasis...

...If you have any further questions or concerns, please send them to questions[at]spamcop.net

(ex the SC e-mail advice) Assume folk are using this channel?

[SpamCop Email Service Changes]

Merged and pinned (taking on trust - no "official" notification seen by me).

[[Resolved] Forwarding as attachment from New Yahoo]

William, Steve T's search (exactly as posted) should return this page

https://www.google.com/search?cof=S%3Ahttp%...rum.spamcop.net

- which is a more manageable 6 results, hopefully one or more of which will assist. Without the quotes it still only returns 10 results.

I think perhaps you used [Enter words to search...][GO] window control on the index page or the the "Search" link (any page) above that. Steve meant the -

[search for -->] [..................] [GO] [spamCop Forum & SpamCop FAQ][â–¼] window (any page)

- even further up the page. I've confused myself with the differing searches time enough before now - yes, they're each a little different in how they work.

HTH

Steve S

[serverhub.com]

Yep, and denies them wriggle room should they subsequently try to profess ignorance, should the question ever arise with any enforcement agency.

[serverhub.com]

Yeah I didn't save the tracking URLs for those -- so I just went to Recent Reports to snag what I could. Would be nice if SC presented the tracking URL in Recent Reports. Anyway here are two of today's serverhub.com spams by tracking URL.

Nice is our middle name:

FAQ Entry: Getting a Tracking URL from a Report ID

But don't worry about retrieving - SC staff can use the Report IDs you provided earlier, if they want to investigate.

...

These spams are just goofy with weird keywords. I don't know if they are to get past spam filters or if they are a form of reverse tracking. Report the spam and they know you did because they see what was reported and can track it back to the reporter / recipient. All serverhub.com spam gets copied to spam[at]uce.gov and knujon.

Yes, unusually pointless-seeming but one imagines it has some point, since it is presumably costing "Rendering Partner" or someone something to send it. Anyway thanks for the alert - maybe someone 'here' can shed some light and maybe it will interest SC too. This really looks like a snowshoe operation to me, very low volume detected by SenderScore but SenderBase seems to be seeing short intense bursts of activity - about as high as volumes for individual servers ever get (5.1 and 5.3 magnitude for those last two IP addresses) which is a liability on the resources of the internet and on the patience of its users, if all of it is spam (or even one tenth of it).

Curious ...

[serverhub.com]

...So assuming there's a special arrangement for between SC and Serverhub to support that address, why does SC continue to do so? All it looks like to me is a way for them to monitor how much spam they can crank out before running afoul of the SCBL.

Am I missing something?...

Yes, certainly looks like your initial 'tongue-in-cheek' supposition might not have been far off the mark. 'Follow the money,' as they say, that might be all there is to it, a profitable commercial arrangement for both parties. And illegal in terms of the current US legislation, one imagines, if the service provider is aware of 'marketing' by the client in contravention of the anti-spam provisions (which point might be a touch hard to prove). Those are NOT Tracking URLs by the way - but I'm sure Don will be interested in them. Clearly there is no 'list-washing' going on, which would be the principal SC concern, I suppose, but maybe there's some other form of 'gaming' going on to carefully monitor the (apparent) snowshoe operation, as you suggest.

All-in-all, some thin lines involved and many thanks for highlighting the situation! If they're cunning enough to snowshoe without tripping the dedicated component of the Spamhaus SBL (http://www.spamhaus.org/css/) then they're certainly a problem for the internet community. No single RBL or anti-spam tool can ever catch all spam.