[spam Showing Up With Old Dates/Times]

On a busy email address, spam comes in but occasionally with older dates/times. It's sometimes rejected by SC due to it's age. 

This is a example: https://www.spamcop.net/sc?id=z6706167000zcd603f42bf470b11f07d5489c8829d4dz (rejected saying it was to large (not! Rejected because it appears old?)

Today is March 14, 2021. 
There are several emails dating back to March 10, 2021 and the spam showing the date of March 10, 2021 was not delivered until today. The spam seems to have been backdated or held until today, but with March 10 date.

How is this even possible?

TIA

~o~

[To Bounce or Not to Bounce?]

On 10/16/2020 at 3:29 PM, gnarlymarley said:

I think some clarification needs to be around the word bounce.  If you are bouncing during the smtp connection, then the bounce will not originate from your server, but will be sent from the sending server.  If you accept the email, and then bounce later, it will be coming from your server.

My preference is to disable anything that might show my server's IP, such as a bounce after SMTP accept, and to have my server to reject during the SMTP connection so the IP in the bounce would be the sending server's IP, not mine.

One account I am interested in protecting (Y.Com for example) is on a shared server/IP. It's one of those reseller programs similar to what Hostgator and the like offer. The account has it's own domain name of course, and may have a multitude of email addresses. The email IP octet set has one number different in the last octet than the site IP shared address. i.e. Site may be 123.456.789.001 and the email is 123.456.789.002 

I sent a email out from me@y.com to myself at a telecom email address. The headers showed the IP for the shared host email IP, followed by my ip at the telecom. If I understand you correctly, then my IP is showing? Is there a handy-dandy how-to for noobs you could recommend that addresses this issue of 'to bounce or just delete'. ?

I very much appreciate your time,

~o~

[To Bounce or Not to Bounce?]

Can someone tell me where I should be asking this question? Should I open a account at cPanel and ask them? 

Thanks

 

[To Bounce or Not to Bounce?]

41 minutes ago, gnarlymarley said:

I think some clarification needs to be around the word bounce.  If you are bouncing during the smtp connection, then the bounce will not originate from your server, but will be sent from the sending server.  If you accept the email, and then bounce later, it will be coming from your server.

My preference is to disable anything that might show my server's IP, such as a bounce after SMTP accept, and to have my server to reject during the SMTP connection so the IP in the bounce would be the sending server's IP, not mine.

I will try to explain better:

Mail arrives at server and in cPanel > Global Email Filters is where I enter the IP, and choose what to do with that IP next time email arrives. The "Action" options are:

To Filter, I use:

1. I enter a name for the filter (I use the offending IP - easier to find),
2. then under Rules, from drop-down I choose "Any Header" > "Contains" and enter the IP address, or parts of it.
3. and Under Actions, is where I choose what to do with it. My choices are:

• Discard Message
•  Redirect to email
• Fail with message (bounce?)
• Stop processing rules
• Deliver to folder
• Pipe to a program

 I assume these checks are done as email arrives. Do you think 'Fail with message' shows my IP or senders? 

Too, the server Host tells me they scan for spam using default of '5' and use Spamcop, so I shouldn't have to do anything, BUT, I have my settings via spam Assassin (now Apache SpamAssassin) set to 2.5 and raunchy spam with phishing, worm, or Trojans still come through daily. The generic spam, those with my winning the latest Apple stalker, a contest winner, parcel waiting for pick up or receive my millions of dollars on hold, ad nauseum arrive daily. 

[To Bounce or Not to Bounce?]

I'm no longer able to find the article here about to Bounce or not to Bounce so apologies.

Preamble:
(using cPanel > Global Email Filters settings)
When adding a IP address to a black list,  I can choose "Fail With Message" and prompted with a text box to provide the "message".
There is a lot of chatter (82 pages @ 25 topics each with numerous replies) regarding bouncing, but no pro or cons to bouncing emails.

QUESTION:
GURUS! Is it best practice to bounce, or not to bounce and just delete them?

TIA,

~o~
 

[OVH.Net spam ?]

On 9/29/2020 at 1:50 PM, gnarlymarley said:

I am curious if you are not getting bounces or if the invoice emails are going to their spam folders and they are not paying attention to it.  Google has made some changes to their spam folders a few years back and now I have to check the spam folder on a daily basis for non-spam email.

@gnarlymarley
First of all, I don't accept public wmail from clients. Either they use their real email, or they don't get a reply. So, when invoices go out, it's to real email address. Google, Microsoft and ilk are not involved.

I have the invoices sent to a real email and BCC my invoicing ware to another email address. Like so: (public mail is NOT involved - ever!)

 From: billing@anotherdomain.TLD
 Reply to: billing@anotherdomain.TLD
 To: Client@domainname.TLD 
 BCC:billing@anotherdomain.TLD, copies@copies.TLD

The BCCs arrive. I added a additional test by BCC: my_private_email@Big-Telcom.TLD and those arrive as well.

Two clients use a big telecom instead, thereby branding/advertising the telecom, not their own domain, but using a 2 x 4 to convince them otherwise is still illegal. They get their invoices. Not to their-site.TLD

On 10/3/2020 at 11:45 AM, KNERD said:

If Gmail is rejecting the emails, then there will be a notice in the rejection email as to why, and what you can do about it.

@KNERD
I refuse to send invoices through any public web-mail stalker. All my clients have their own TLD. I even offer to set them up with real email 'nullamque causam'. So Google and ilk are never involved. Those that insist on not using a real email address, get their invoices via snail-mail +$6.50 fee. Most pay the fee since it's only once 6 or 12 month, pending plan.

The crux is this, that most are served invoices from the same mail server - the only thing not reaching clients are the invoices.  I checked the server but no emails deleted, bounced, or junked. 

 

On 10/2/2020 at 8:17 AM, KNERD said:

Are you running your own mail server?

@KNERD
You betcha! Wouldn't have it any other way, save for 10 email accounts at my telecom. The rest, clients and myself on my own Email servers.

[Reply-To abuse]

On 9/30/2020 at 3:39 PM, jakeqz said:

On 9/27/2020 at 12:03 PM, Outernaut said:

Too, I am amazed at the number of clients that sport a good domain and use name@gmail.com of boss@mywebsite.com.  I often ask "Why don't to you use your own domain address and promote that instead of promoting google?" I'm met with that 'deer in the headlights stare'.

I know.  Often they had the Gmail address before the website, and to have two email addresses seems a complexity beyond them.  "But I can set up forwarding for you."  "Too complicated."  "An email account @yourwebsite will look more professional."  "I'm doing fine.  I just wanted a website, that's all."

Yeppers.  I try not to use the term "email" when referring to Gmail, because if Gmail were Email, they'd call it 'Email', not Gmail.  Telus, a large telecom in Canada, recently sent all customers Email accounts to Gmail, but they still use their regular ****@telus.net  It's just the Google can now scan and profile Telus customer Gmails and pimp their data to peeps and perves. Europe forbade Google and fined them for spying on Gmail users, but no such law in N.A.   Mozilla sold out clients privacy to Google as well. 

I've always believed that if one can't get government or corporations to do the honest and right thing, they must embarrass them into it. Case example; it took one person to light the fire and two years hard work, but embarrassed Google and Microsoft into doing the right thing, a battle started by a person that wrote to techCrunch, which the BBC picked up and the New York Times also did a story but in much more detail .
Both Google and Microsoft took umbrage, but did the right things and made significant changes to their search algorithms. By the way, apparently, the issue had been reported to several child protection agencies - which did  nothing.

There must be a similar way to get Google to stop mining people's privacy.

~o~

[OVH.Net spam ?]

On 9/29/2020 at 1:50 PM, gnarlymarley said:

On 9/27/2020 at 11:09 AM, Outernaut said:

Recently, none get through, and I only find out after 2 months when no one has paid - they are not getting them. I get copies from same account that sends the invoices.

I am curious if you are not getting bounces or if the invoice emails are going to their spam folders and they are not paying attention to it.  Google has made some changes to their spam folders a few years back and now I have to check the spam folder on a daily basis for non-spam email.

I have no idea @gnarlymarley where the emails are going.Any mail with any of those addresses ends up in the byte bucket.

As for my own domains' email send-outs disappearing, it seems only Google mail rejects them. Was probably something I said

I hate to say this, but I guess I'll have to set up a kmail account at Google, and check what's happening that way. I still think Pinemail was better.

~o~

[Reply-To abuse]

18 hours ago, jakeqz said:

Thanks.  I am pretty much in agreement.  I'll try and respond more fully when I have time...

No need unless you want to. You did ask WDYT and my reply is what I think

Internet Stalking (stalking being the kindest word)  is a deep rabbit hole and at the bottom of most holes is usually a load of poop. And it ain't the bunny's!

[My new antispyware tool --- too good !]

I think this topic is old, but not obsolete - yet and  still with good, useful cautions. 

IMO:
There is no such thing as a free meal, nor is there such a thing as "free" software/app/program/scripts/services whatever it's called this month.

The government and corporate stalkers have pre-purposed what our rights to privacy are. There being no fixed dollar value on 'privacy', privacy is therefore deemed value-less. In exchange for "free" -stuff-, we pay with value-less privacy.

READ THE PRIVACY POLICY and/or Terms of Use of almost any telcom giant or any small business-card style website and if you survive the legalese and gobbledygook you'll find that using the sites services or whatever, invalidates your right to privacy and that it is open season on your privacy.

In short, Internet "free" means no money is exchanged - just your privacy. Keep in mind, that it is best to read the privacy policy, BEFORE entering in to any agreement with any -thing- on the Internet.

ALSO:
When you see those annoying, thug-like warnings that states "We use cookies and other ..." Note the keywords "and other"! If they do not explain what "other" is, then they don't want you to know what else it is they are doing with your privacy so run - there are many websites that will probably have what you're looking for, without stalking you with "and other" embedded spyware. Too, "cookies" are not always the cute little helpers they pretend to be.

~O~

[Unusual]

20 hours ago, petzl said:

Some mailservers run their own blocklist and blame bl.spamcop.net 
go here to see what your email servers reputation is
https://talosintelligence.com/reputation_center

@petzl  
Good stuff to know petzl. Thanks.

[Reply-To abuse]

16 hours ago, jakeqz said:

I think it should offer the option to report to the provider of any email address listed in `Reply-To`.  If Google received enough spam reports for a specific email address, they would close down the associated accounts, and this kind of spam could be significantly reduced.

 

WDYT?

Personally, I think any kind of spam should be easily reported to a central 'spam' clearing house. But that costs money and most giants are so micro-managed that a 25 cent cost raises flags - and the responsibility of spam-prevention is what they dump onto webmail clients -  a cost-saving to the Giants and 'free tools' for customers to embark on dealing with spam themselves. In times past we'd call that tossed to the wolves. Giants call it additional free service.

Gmail, IMHO is the hot-bed for spammers. As are most ¹free webmail-wannabe real E-mail web sites.

It seems there is to much for the giants to even care about when they can just pass the buck, and the spam, to it's customers victims.

As a 'host' to 68 sites, each with a different number of email accounts, I try very hard to keep them free from spam. Yes, they have a variety of tools with which they can use to reduce spam, but no one wants to take the time to dig out the offenders addresses, take the steps to add the offender to a list, to delete the spam when it comes from that source.

Too, I am amazed at the number of clients that sport a good domain and use name@gmail.com of boss@mywebsite.com.
I often ask "Why don't to you use your own domain address and promote that instead of promoting google?" I'm met with that 'deer in the headlights stare'.

I believe that Google has already assimilated most of the roughly 10,617,060 tons of grey matter walking about so the slow demise of real email via a email client is dying or forced out by telcoms who pimp people's privacy out by profiling users via Webmail.

You asked for it - You did say "WDYT?"  

~o~

¹ Free webail in exchange for it being scanned, analyzed, and added to your Google profile. The 'web' shows us that our 'right to privacy' is non-existent and that our privacy is open-season to those that harvest our information, and it's only seen as a value to them, not us. spam is so far down the list of telcoms interests that not even Google could find it, or want to.

 

[OVH.Net spam ?]

On 9/25/2020 at 6:10 PM, KNERD said:

It's gotten so bad, I have just outright started blocking IP address ranges of service providers when I get spam from them 2-3 times in a row. This means they are not going to take action, thus need to be blocked

I'm confused, because my 'system' that has been sending invoices for years, using the same format, except edited a couple of times so as not to appear spamish are blacklisted. Recently, none get through, and I only find out after 2 months when no one has paid - they are not getting them. I get copies from same account that sends the invoices. Somewhere, a anti-spam decided to add my IP to their list based on what - invoice attached?  It's getting so that legal, honest emails are being beaten down while faked large corporate names abused in spam (Apple winner etcetera) get off. 

Anti-spam may fade away, and lose it's battle. But only because the large corporate peons running Gmail, YahooMail, HotMail (still), Livemail and other privacy harvesters and ilk won't support anti-spam.  Most people have been conned into using webmail and are just commodity - innocent collateral Googies. 

I now use SpamCop just to paste those entire message source so I can easily read the tracks and manually adding the first 3 octets of  the lazy ISP to cPanel > Email > Global Email Filters. I still submit the spam - but that is no longer why I use SpamCop.

~0~

[Disappointed in links]

G'day,

I am disappointed in the forum web site here. Today, I had time ti kill and wanted to learn more about SpamCop, even in light of the complaint seen regarding reported ISPs not showing up.

Wanting to be in the right place, I went to 

that said it changed to "How we use SpamCop - Detailed Examples". I thought, wow, just what I need and clicked the "How we..." link and arrived at:

I find a number of 404's and wonder if SpamCop is eroding away and that, and in light of @KNERDs comments and the continuing onslaught on the same fake Apple, Samsung, Amazon, Building plans, et alia spam from same source (OVH) and others has me wondering if CISCO (owners of SpamCop? - that's a question) care at all. CISCO, if still owners, should take more pride in SpamCop and put some $'s behind it, support those who worked so hard to being it to where it is, and allow them to make it work again, something Hosts can depend on.

Just say'n s'all,

~o~

p.s. Sorry about SECOND duplicate Error image, but unable to delete it.

[OVH.Net spam ?]

On 2/1/2019 at 2:35 PM, Art101 said:

It's so sad. The Internet — the most important advance in human communication since the invention of the printing press — is highjacked by crazy, money-grubbing, jerkoff spammers. 

Just had to get my 50 bits in (inflation!).

I use it, I hate it , but need it because it's how we have to conduct business now days - that is, the "Internet". I wouldn't call it "advance" because it's made human beings personal -stuff- the most sought after commodity on the Internet. It has created a desire; a real need and generates the tools for business and government to Stalk, Monitor, Record and Control people. (SMRC). The Internet is digital Heroin/Crack/Meth combined.

The Internet brought hopes of tearing down borders, uniting people of all countries in joint efforts to rid poverty, better sources of food production, and a basic understanding between people (sans government and corporate controls). COVID-19(84) was a great opportunity for countries to rapidly analyze, disseminate, share and attack it globally. Instead, every country built walls around  their privatized kingdoms, and always, each accusing the other of using the 'net to interfere and direct the other's state affairs.

Google and ilk have reduced the WORLD-WIDE web into local-area classifieds in exchange for our rights to privacy. Facebook, Google. Microsoft ignore our basic humans rights and pimp us out to anyone with the $'s.

Your last phrase ..."is highjacked by crazy, money-grubbing, jerkoff spammers." nails it.  Almost 2 years after you made that comment, it's only gotten worse. 

The downside aside, there is some greatness in how medicine, surgery, advancements in science and medicine came about thanks to the Net. But at what costs? And in conclusion, there are circumstances where some have a great need to hide because they did the 'right thing', and Google, and cohorts want to sell that too.

Just agree'n s'all

~o~

[spam with no sender source? How is that?]

On 9/13/2020 at 3:50 PM, petzl said:

Your email provider  has not stamped a received FROM IP line
Although a IP is mentioned 166.181.83.113 ?

Just a note to say thanks - it's great having pro's explain things. 

[spam with no sender source? How is that?]

I just received this spam and manually applied it to SpamCop (spamcop.net)

Hope the "Tracking URL" will help.

https://www.spamcop.net/sc?id=z6649444921z99fe2e4ed82404e339f14c6492a2f6c3z

Question:

Did this come from the internal site to where it was sent?

~O~

 

[forum url have changed]

On 10/14/2019 at 11:23 AM, Lking said:

As you may have noticed there is a difference between the base domain, "SpamCop.net" and the SUB domain "forum.spamcop.net' 

I just encountered the same link to nowhere. It doesn't do the Spamcop image any good to still have a dead link for almost a year since it was reported.
The cause, in my experience, has not much to do with it. The link points to http://forum.spamcop.net/forums/index.php?showforum=10 which is easy enough to fix.  It happens when people move things around or rename without checking for links.

The fix is to remove the "forums" before "index.php" so it looks like:

[1] http://forum.spamcop.net/index.php?showforums=10  instead of
[2] http://forum.spamcop.net/forums/index.php?showforum=10

version 1 above will at least take the clicker to the main page of Forums.  Or, if you want the clicker to go to the New Feature Request, that "10" in the original link, then use:
http://forum.spamcop.net/forum/10-new-feature-request/

easy-peasy

~o~

 

[SpamCop says it's too old, it's not]

37 minutes ago, Lking said:

If you search for "Tracking URL" (including the quotes) using the search tool, top right of each page, you will find 112 local references to "Tracking URL" that may be more helpful than a internet wide search.

Thanks any way.

 

[SpamCop says it's too old, it's not]

1 hour ago, Lking said:

As others suggested, a Tracking URL would be more helpful. 
....
By not including the raw email in the forum, its content is not crawled by bots and indexed giving visibility to the spammer.

Thanks. Now everyone will think you answered the question. A PM would have sufficed.

Lord Google says it's (Tracking URL) is for web sites.

OK, won't include any source again.

Are YOU able to answer the question about using IP's because spammers use a few IPs to spoof domain names that we end up sending to SpamBot that may blacklist innocent web owners.

~o~

[SpamCop on cPanel - do-able?]

On 8/2/2020 at 2:59 PM, gnarlymarley said:

I suspect you might be able to do that with the following but the manual is not completely clear on how:

blacklist_from [170.0.0.0/8]

Since I run my own name server, I setup my own black list there such as:

*.170.blacklist.local. IN A 127.0.0.1
*.170.blacklist.local. IN TXT "blocked whole range 20200802"

 

spam Assassin/spam Filters seems stuck in the domain name/TLD groove when it comes to blocking senders. No where have I found a way to block IP addresses. Not without spending a great deal more time and money in a VPN I'll need 34 of them) and then, ~maybe'~ perhaps possibly block IP #'s.

It's no wonder that spammers get away using 173.44.201.16, and using real domain names as the sender/reply-to when all they want is for us click on the link in the email so they get their affiliate commission, or we open the Trojan.  This 173.44.201.16/18/20 ...  is ones that I receive with dozens a day all with different domain names. 

Assuming 173.#.#.# is on a shared host, then wouldn't blocking 173.*.*.* deny email from all the other domains on that shared host? If so - maybe the honest ones will rant enough that the Host will have to review their logs and do their job as landlords of some web lots-for-rent.

I can block 173.44.201.16, and same spammer uses 173.44.201.18 from visiting the web server, why not email? One day - maybe.

Today, I manually pasted the message sources to SpamCop, as I have this last week, and they still keep coming from the same yahoo. Today, about 20 of them - all with same IP, different domain names/TLD. Now I feel guilty for sending stuff that may block the innocent web domains!

BTW - The Forum topic you linked me to is 16 years old; the author said he made changes, but didn't say what, and the topic changed to chicken pox somehow. But thanks any way.

~0~

[SpamCop says it's too old, it's not]

On 5/15/2020 at 12:39 PM, gnarlymarley said:

~o~,

A tracking URL would be able to help us debug the issue.  What you will be looking for is there is a "Date:" header and a "Received:" header.  SpamCop does not look at the "Date:" header....

RESPONSE:::

Using ThunderBird (TB) Email client, this just arrived at 11:01 - by my Windows clock. The time shown arriving by TB is "12:16 PM"  Between 11:00 AM until now (11:07 PM)  the email account has sent 11 emails, and received 63. TB checks for email every 10 minutes.

NOTE: That all previous emails of today were retrieved by TB within  the 10 minute 'check' auto-task. The following is the only one that is 11 hours late.

 

I hope it is enough, and not too much.

From - Wed Aug  5 22:58:08 2020
X-Account-Key: account5
X-UIDL: UID4435-1531670317
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:                                                                                 
Return-Path: <info-a146-2260-2262-6dae75f5=2337072=8@specialtstaffing.com>
Delivered-To: --REDACTED--
Received: from --REDACTED--
	by elm.###########.com with LMTP
	id 8K2XFSuaK1+KSQAAEzXE3g
	(envelope-from <info-a146-2260-2262-6dae75f5=2337072=8@specialtstaffing.com>)
	for <--REDACTED-->; Thu, 06 Aug 2020 01:50:35 -0400
Return-path: <info-a146-2260-2262-6dae75f5=2337072=8@specialtstaffing.com>
Envelope-to: --REDACTED--
Delivery-date: Thu, 06 Aug 2020 01:50:35 -0400
Received: from hiko5.specialtstaffing.com ([212.129.27.136]:36558)
	by elm.--REDACTED--.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.93)
	(envelope-from <info-a146-2260-2262-6dae75f5=2337072=8@specialtstaffing.com>)
	id 1k3YnL-0004nI-WD
	for --REDACTED--; Thu, 06 Aug 2020 01:50:35 -0400
Subject: Confidential: Premium Account Update ...!!
From: "Bitcoin-Team" <info@specialtstaffing.com>
To: --REDACTED--
Sender: info@specialtstaffing.com
Reply-To: info@specialtstaffing.com
Date: 05 Aug 2020 19:16:17 -0000
List-Unsubscribe: <https://track-des.specialtstaffing.com/ga/unsubscribe/2-2337072-146-1146-2262-25dd84b5df146fe-6194970106?confirmed=1>,
 <mailto:info-a146-2260-2262-6dae75f5=2337072=8u@specialtstaffing.com>
X-CampaignID: s4:2260-3393e99952aae9c7
Message-ID: <mid-ed5112dc651635258de6ebc8f9daac19-2@specialtstaffing.com>
X-Mailer-Info: 8.QYxQjN.gMyYDM.Qaul2YAlmb0VmcuVGdp52YuMWY.gMzMzNwcjM.gMyYjM
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary="==f6f474df7f8a7153e32458571ba76c01"
X-spam-Status: No, score=1.3
X-spam-Score: 13
X-spam-Bar: +
X-Ham-Report: spam detection software, running on the system "elm.--REDACTED--.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Congratulations on your Premium Customer account. This confidential
    message is for: --REDACTED--. Investment plan on account: # 9854 Read
    the details here: 
 Content analysis details:   (1.3 points, 2.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
                             blocked.  See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: specialtstaffing.com]
  1.1 DATE_IN_PAST_06_12     Date: is 6 to 12 hours before Received: date
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or
                             Formatted Colors in HTML
  0.0 HTML_MESSAGE           BODY: HTML included in message
  0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
                             identical to background
  0.2 KAM_TRACKIMAGE         RAW: Message has a remote image explicitly meant
                             for tracking
X-spam-Flag: NO

This is a multi-part message in MIME format.

--==f6f474df7f8a7153e32458571ba76c01
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Congratulations on your Premium Customer account. This
confidential message is for: --REDACTED--.

Investment plan on account: # 9854

Read the details here:

For the highest return on investment, it is recommended that you
<< brevity >>

 

Thanks for waiting.

~o~

 

[SpamCop on cPanel - do-able?]

On 7/23/2020 at 7:50 PM, gnarlymarley said:

 Is this the type of integration you are looking for?  I am not sure if you have a special score for it or would be using the default score.

Thank you @gnarlymarley  I very much appreciate your time.
I've no idea if that is what I'm looking for. If it would be accessible, which it is not, then maybe - IF it will let me block IP addresses - as in 170.###.###.###. That link-post has over 4,500 words to digest and most of it is geekinese. I traversed all of the cPanel>spam Filters (told by host that spam Assassin is spam Filters), but could not find any "rule" you allude to, or place to add it. I perused  "New SpamAssassin rules" and frankly, it's way over my head, not my forte, and time is not on my side.

As it is, if you look at my OP, under "Email" in the image, is all the Email functions available to us. I find it very odd that there is no ability to block/ban email from/to ip addresses. Since this spammer uses a few of the ip addresses range in 170.* and uses a new email address in each spam.

~O~

[[Resolved] Outlook 2007 Settings--where are they?]

On 9/25/2013 at 4:37 PM, petzl said:

Pay to just mark message read leave on server

http://forum.spamcop.net/forums/index.php?...ost&p=79165

Bad link.

[Three Ways to Report spam]

On 10/4/2019 at 1:27 AM, Hanco said:

Rules:

• SCBL lists IP addresses

When you Gurus use acronyms, PLEASE, at least ONCE, use the full the expression. As in Gee, I Hate Acronyms (IHA) and THEN use your acronyms, even if replying to how much IHA.

It makes it easier, and faster for us noobs, and we're not aghast at trying to figure out what a baseball league has to do with spam reporting.

*BTW - SCBL by lord Google is  "Santa Clara Baseball League", and other teams belonging to the league.

Thank you

~o~

* No need to go there, I found (finally) the explanation for your SCBL.