LaserMoon

Over the past few days, I've encountered the following error several times when manually submitting spam to SpamCop in the web interface: Eventually it goes through after a few refreshes.

A bit off-topic, but yes, there are several "extra" things to be reported that are outside of SpamCop's scope: - The entire URL obfuscation chain (to URL shortening providers, or to services used as redirects such as Twitter, Wix, AWS S3, Google Sites) - Image hosting. - Gmail or other email addresses used as the reply-to field.

And what exactly is "MyCoucheTard.onmicrosoft.com"? smtp.mailfrom=tssolution.ru; dmarc=none action=none header.from=tssolution.ru; dkim=none (message not signed); arc=none\nDKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=MyCoucheTard.onmicrosoft.com; s=selector1-MyCoucheTard-onmicrosoft-com;

This is beyond parody, Microsoft is now openly enabling scammers to send the lowest tier of spam "FBI NOTIFICATION FUND" signed by "CHRISTOPHER A. WRAY" <ksmg@tssolution.ru>. They even give the Russian spammers their own little subdomain for convenience: dig +short MX tssolution.ru 0 tssolution-ru.mail.protection.outlook.com. 10 mx.yandex.net. Amazon EC2 is light years ahead of Microsoft when it comes to pretty much everything.

For several months I've been registering an uptick in spam sent from Microsoft services, both from Azure and from Outlook. Are they vulnerable to exploitation, or are they merely incompetent at handling abuse reports? We literally tell them "here's the user abusing your services", yet the same abuser is allowed to send spam for months on end. Their handling of abuse reports is also unhelpful, the message is always: Something like this is never experienced with serious established infrastructure providers.

Found this on a webhost review site, thought you guys might like it: https://hostadvice.com/hosting-company/serverion-reviews/#user-reviews

The vast majority of spam that I get uses domains registered by Namecheap to both send the spam (from @domain), and to link to content and tracking scripts. Namecheap's policy, as far as I can tell, is to only remove a domain if it shows up in the Spamhaus blacklist. So the spammers' policy is to keep registering new domains, and Namecheap won't bother them as long as the infrastructure used is external (typically Russian). Does this match your experience?

Junk sent from a Google App contains the unique identifier of the GApp in the headers. Upon reporting the URI (to both google-cloud-compliance@google.com and https://support.google.com/code/contact/cloud_platform_report), here's how Google responds: Regarding the following URLs: yxs0mcxbeclorenz58-central-parc-ch.20210112.gappssmtp.com To request the blocking of these URLs from Google Search results under European law, please use this form: https://support.google.com/legal/contact/lr_eudpa?product=websearch If you need to send additional information in relation to your request, please respond to the email confirmation you receive after you send in the form. If you have already filled out the above form, your request will be processed shortly. Did they completely fail to look into and block the activity of the reported Google App and instead just automatically classified it as a privacy issue about a search result?

Is there any indication that they are taking action based on these messages?

Just received this from postmaster@outlook.com: Delivery has failed to these recipients or groups: report_spam@hotmail.com Your message couldn't be delivered. Despite repeated attempts to deliver your message connection time outs with the recipient's email server prevented delivery. Contact the recipient by some other means (by phone, for example) and ask them to tell their email admin that it appears that their email system is timing out when your email system is trying to connect to it. Give them the error details shown below. It's likely that the recipient's email admin is the only one who can fix this problem. report_spam@hotmail.com 10/7/2021 8:17:21 AM - Server at MN2PR21MB1230.namprd21.prod.outlook.com returned '550 5.4.315 Message expired, connection timed out(Socket error code 10060)' 10/7/2021 8:07:21 AM - Server at xmr-internal.protection.outlook.com (10.233.166.17) returned '450 4.4.315 Connection timed out [Message=Socket error code 10060] [LastAttemptedServerName=xmr-internal.protection.outlook.com] [LastAttemptedIP=10.233.166.17:25] [CB1PEPF00003800.namprd00.prod.outlook.com](Socket error code 10060)' Microsoft's CERT form (https://msrc.microsoft.com/report/abuse) was also down for a whole day because one of their JS resources failed to load. What's going on with Microsoft?

Hi Ron, I think Google doesn't accept spam reports that come in by mail. If you're reporting spam as a hobby, you may want to look at automating submissions to this form: https://support.google.com/mail/contact/abuse?hl=en Heads up: sometimes spammers spoof their emails to make it look like they originate from a Gmail address.

If you do a Google search for "aronu01mbaonu@gmail.com" you will see it was reported on blacklists almost a year ago. It's still sending scam emails now, and the originating server is actually Google. So what's going on, is Google that bad with detecting who uses their services to send "African scam" emails?

I confirm that the vast majority of spammy domains that I look at are registered through Namecheap.

Hello, When I report spam sent to Hotmail addresses, SpamCop wrongly indicates one of the internal Hotmail IPv6 IPs as the source. Where can I report situations like this to help improve SpamCop?

No, that's not it. The filesize is 48K. I'm attaching just that part of the email that is sufficient to cause Chrome to freeze. It's a single line with more than 30 thousand characters. Pasting it in other textareas on other websites doesn't freeze Chrome, though. html.txt

Hello, I have an email sample that makes the SpamCop web form freeze (and crash) on Google Chrome as soon as the text is pasted in the form (Mozilla Firefox doesn't have this issue, but Chromium-based Microsoft Edge does). By the looks of it, it has to do with specially-crafted HTML attributes. (Does SpamCop try to to any client-side parsing, other than to check the length?) Is there a technical contact where I can send the file for analysis? Thanks.

Hello, I know SpamCop works by reporting spam to infrastructure providers (targeting the servers sending the emails and those hosting the resources linked to in the body of the emails). A comment posted on this forum on July 16, 2020 suggested that spam sent from Germany can also be reported to allgemeiner-spam@internet-beschwerdestelle.de (+ another address for illegal content). This got me thinking, what other avenues are there? Maybe a specific server provider uses a web form, not an email address (like Hetzner, in the linked thread, or Gmail). Maybe a specific server provider won't accept reports from SpamCop, but will accept them if you send them yourself (AWS EC2). Maybe a specific domain registrar will take action on a reported domain, if that domain is present in certain trusted blacklists. Maybe more national governments have a dedicated email address where spam can be reported. Maybe there is a GDPR avenue for servers hosted in some EU countries. My question is, has anyone put together a guide for how to best target spam based on origin?