Jump to content

turetzsr

Forum Admin
  • Content Count

    5,460
  • Joined

  • Last visited

Posts posted by turetzsr


  1. &nbsp &nbsp&nbsp&nbsp&nbsp Not to speak for them but my suspicion is that the SpamCop staff are not looking for ways to tweak the parser other than to make changes necessary to keep up with spammer advances. But you never know, sometimes such recommendations are adopted, often without comment in the SC Forums.

    &nbsp &nbsp&nbsp&nbsp&nbsp You could inquire directly of the SpamCop staff by writing to deputies[at]admin.spamcop.net.


  2. [at]turetzsr - Steve it was originally FAR more than just "inserting a blank line" - you may recall the parse said something about "correcting bizzaro headers" when the 2-part submission form was used.

    <snip>

    &nbsp &nbsp&nbsp&nbsp&nbsp Actually, no, Steve, I don't, so I'm happy that you mention that there is greater differences than I have so far noticed!


  3. Body or headers or both? What is the "second box"? You should just use the single box version of the webform submission form - the 2 box outlook/eudora workaround form shouldn't be used/necessary/applicable. I'm probably misunderstanding the question/intent. Aaagh ... in any event a nightmare with "Basic Mail" webmail (which may not be the same as "Classic" but it is what I'm using anyway).

    <snip>

    &nbsp &nbsp&nbsp&nbsp&nbsp If I understand correctly, either can be used. I believe that the "Outlook/Eudora" workaround simply removes the need to ensure that there is a blank line between the internet headers and the spam body.

    I have not had any problem with copying the headers out of Yahoo. However, when I copy the body I just get the text not the website addresses linked to that text. Because of that I am not reporting any scam website referenced in the spam. The view source option gives me the source for the whole Yahoo page not the message.

    &nbsp &nbsp&nbsp&nbsp&nbsp Finding the spam source is SpamCop's principal purpose and that is done entirely through analyzing the headers. If you are concerned about spamvertized links in the spam body, you would want to report to a system that has that as its principal role, such as Knujon or Complainterator, which are discussed in other SpamCop Forum Topics. I did some searching in Yahoo!Mail to try to find a way to show the full text of an e-mail but couldn't find one; you could ask Yahoo Support if it's possible and, if so, how to do that.


  4. &nbsp &nbsp&nbsp&nbsp&nbsp Here's one:

    Ingredients:

    • Water
    • Spaghetti

    Preparation:

    • Pour water into a pot that will hold at least twice as much water as needed to completely submerge the spaghetti.
    • Bring water to a rapid boil.
    • Add spaghetti.
    • Return to boil.
    • Cook for another eight minutes or until it has reached desired level of softness (taste some to test it).
    • Turn off heat.
    • Drain spaghetti as thoroughly as possible.
    • Add seasoning and spices to taste. Spaghetti sauce, either store-bought or homemade, onion (white, green, sweet, powdered), garlic powder, cheese are popular options.

    :) <g>


  5. &nbsp &nbsp&nbsp&nbsp&nbsp Not that I can answer your question but just to check understanding: you are saying that your Exchange server was blocking e-mail because you had configured it to reject e-mails coming from IP addresses on the SCBl but that it was causing rejection of e-mails coming from IP addresses that are not on the SCBl? Not that I'm an expert on how the SCBl works but my understanding was that that isn't possible (although I don't doubt you -- my understanding of either what you did or how using the SCBl works is flawed). I would like to point out that SC recommends not using the SCBl to reject spam but, rather, to filter/ sort it and deliver it to a location other than users' inboxes so that it can be evaluated for "false positives" as you seemed to have experienced. When you "checked SpamCop's blocklist for several of the sending mail servers and found that none of them were on the list," did you check the copy of the SCBl that your Exchange server was using to reject or did you use some other mechanism? I ask because it is possible that the copy your Exchange server was using was out-of-date or somehow corrupted.


  6. &nbsp &nbsp&nbsp&nbsp&nbsp From what I understand, SpamCop expects strict fidelity to e-mail standards, so if yyyy-mmm-dd hh:mm:ss is not in accordance with standards, SC will not interpret it as a date and SC typically will not accommodate requests for exceptions.

    &nbsp &nbsp&nbsp&nbsp&nbsp If no better answer gets presented here, you may wish to confirm my understanding with the SC Deputies (deputies[at]admin.spamcop.net).


  7. Hi, jhg,

    <snip>

    2. Was the "Interested third party" (tj at terramar.net) a Mailroute spam tracking address?

    3. What changed at SpamCop such that this third party is no longer receiving spam reports?

    2. It does seem that there's a relationship between Mailroute and terramar: see Robtex entry for Mailroute.net.

    3. Please explain why you believe there to have been a change in SpamCop. I would suspect that the change was on the Mailroute end rather than on the SC end.


  8. Hi, reciprocity,

    &nbsp &nbsp&nbsp&nbsp&nbsp It looks more-or-less correct to me, assuming that all the "Received" lines above the "Received: from onhu (unknown [37.9.53.106])" line is internal to your ISP and/ or e-mail provider and/ or services any of your providers use to handle incoming e-mail.


  9. Hi, jhg,
    &nbsp &nbsp&nbsp&nbsp&nbsp When I enter 192.157.244.142 into the SC spam parser form at www.spamcop.net, SC replies:

    Parsing input: 192.157.244.142
    [report history]
    Routing details for 192.157.244.142
    [refresh/show] Cached whois for 192.157.244.142 : abuse[at]scalabledns.com
    Using best contacts abuse[at]scalabledns.com

    Statistics:
    192.157.244.142 listed in bl.spamcop.net (127.0.0.2)
    More Information..
    192.157.244.142 not listed in cbl.abuseat.org
    192.157.244.142 listed in dnsbl.sorbs.net ( 1 )
    Reporting addresses:
    abuse%5Bat%5Dscalabledns.com

    &nbsp &nbsp&nbsp&nbsp&nbsp When I click on the link labeled "refresh/show," the following is returned (emphasis -- italics -- by me):

    Removing old cache entries.
    Tracking details
    Display data:
    "whois 192.157.244.142[at]whois.arin.net" (Getting contact from whois.arin.net )
    Found AbuseEmail in whois abuse[at]scalabledns.com
    192.157.192.0 - 192.157.255.255:abuse[at]scalabledns.com
    Routing details for 192.157.244.142
    Using best contacts abuse[at]scalabledns.com

    &nbsp &nbsp&nbsp&nbsp&nbsp When I look up 192.157.244.142 at whois.arin.net, the following appears:

    Network
    <snip>
    Point of Contact[
    Name: Abuse
    <snip>
    Email: abuse[at]scalabledns.com


  10. Hi, show&tell,

    &nbsp &nbsp&nbsp&nbsp&nbsp Sorry to hear of your problem!

    &nbsp &nbsp&nbsp&nbsp&nbsp My recommendation to you would be the same as the other Steve's recommendation to the OP: "... write to Don D'Minion (SpamCop Admin) at spamcop[at]spro.net - with the full error message and context and your reporting account details (do not post those here)."


  11. <snip>

    Can we get further off-topic? Of course we can!

    <snip>

    &nbsp &nbsp&nbsp&nbsp&nbsp And now we've strayed yet further from tongue-in-cheek but relatively harmless pseudo warnings and adult beverage recipes :) <g> to handy suggestions for would-be terrorists! :o <gasp>


  12. &nbsp &nbsp&nbsp&nbsp&nbsp In a similar vein, symptoms like severe abdominal pain might be another problem for which medical investigation may be warranted. In my case, it was due to a relatively harmless kidney stone and, had I known that (and that the pain would subside in about an hour), I would not have bothered having it checked. But the Cat-scan the emergency staff used to find the stone also found kidney cancer. I presume that saved my life.


  13. &nbsp &nbsp&nbsp&nbsp&nbsp Careful, lisati, that's a quite dangerous chemical -- it has been known to cause death when submerged in it for too long, not to mention the fact that it is used for at least two different well-known types of torture! For your headache, you may wish to try diluting it with a couple of 2-(acetoxy)benzoic acid or N-(4-hydroxyphenyl)ethanamide!


  14. &nbsp &nbsp&nbsp&nbsp&nbsp And even if it doesn't, you don't mind so much. :) <g> Quite coincidentally, I was thinking just such a thought, for the first time in my 61 years (that I can remember), about just that approach being something that might benefit a caller to our local public TV station that was described to me a few days ago. :) <g>

×