Jump to content

petzl

Memberp
  • Content Count

    2,316
  • Joined

  • Last visited

Everything posted by petzl

  1. petzl

    Spoofed email?

    BEFORE you submit spam, after you parse at top of page there always is SpamCop v 5.0.0 © 2019 Cisco Systems, Inc. All rights reserved.Here is your TRACKING URL - it may be saved for future reference:https://www.spamcop.net/sc?id=z6572437903zd60f155c1fe49e83c6c1c3a6bf21da31z I don't get much spam so this is a few days old. click the link and you can see it.
  2. petzl

    Spoofed email?

    "They" seem to have your name, which is a worry. Make sure you are running a virus/malware program like windows defender Often it's one of your contacts that don't do this, meaning your information is stolen from them Learn how to copy and past a "Tracking URL", Found top of page BEFORE you submit spam.
  3. Works here. Please edit and replace your email address with a X spammer have BOT's that scrape for email addresses. https://www.spamcop.net/sc?id=z6572443596z451dd1d5510142e9b441eb428a9fcceez
  4. Seems to be from a network, SpamCop can't parse network email
  5. Would help if you could show a "Tracking URL" when you parse and before submitting there id a link at top of page Copy and past that link
  6. Chinese spam abuse address is ipas [AT] cnnic [DOT] cn not that I have ever any success in reporting their abuse Usually Webmailer or email server
  7. petzl

    Massive spam Attack - Looking For Input

    I have a suspicion that Namecheap are behind the SpamCop forum spam flood also Namecheap seem to be run by "Igor Efimenko" from the Ukraine
  8. petzl

    Massive spam Attack - Looking For Input

    you can block domain spam wiyh google not sure if iy goes to spam folder though? https://support.google.com/a/answer/2364632?hl=en
  9. petzl

    forum spam handling

    The log-in IP is not a Bot'; Namecheap runs 1000's of Bot's from their domains, all with different IP's. Domain blocklisting is now the most effective way of stopping forum spam. https://www.spamhaus.org/news/article/786/mta-developers-allow-use-of-domain-dnsbls-at-the-smtp-level latest flood https://topwellnessblog.cXm/fungus-eliminator/ 185.61.152.24 abuseXnamecheap.cXm
  10. petzl

    forum spam handling

    just looking at latest forum flood https://pil4pedia.com/krygen-xl/ 198.54.125.159 NAMECHEAPHOSTING.COM https://topwellnessblog.com/control-x-keto/ 185.61.152.24 NAMECHEAPHOSTING.COM
  11. petzl

    SCBL Usage

    Well were referring to Forum spam I believe domains can be blocked from Forums by IP maybe domain (more effective) The villains running Namecheap seem to be Ukrainian of origin The IP's to block if domain cannot be, are range 98.54.112.0/20 or "198.54.112.0 - 198.54.127.255" But beyond my pay-grade Thought phpBB could block domains using a Wildcard?
  12. petzl

    SCBL Usage

    That's it. The solution is here I think https://www.spamhaus.org/news/article/786/mta-developers-allow-use-of-domain-dnsbls-at-the-smtp-level Latest forum flood https://www.myfitnesspharm.cXm/total-life-maxx/ 104.31.94.46 Cloudflare https://www.fitnesscarezone.cXm/superketo/ 198.54.125.251 DNS1.NAMECHEAPHOSTING.COM https://fitcareketo.cXm/krygen-xl-male-enhancement/ 198.54.126.12 DNS1.NAMECHEAPHOSTING.COM
  13. petzl

    SCBL Usage

    Flood from namecheck domain starting https://topwellnessblog.cXm/sunday-scaries-cbd-gummies/ 185.61.152.24 abuseXnamecheapXcom https://pil4pedia.cXm/control-x-keto/ 198.54.125.159 abuseXnamecheapXcom
  14. petzl

    SCBL Usage

    Domain namecheap IMO need blocking, if not your pay grade whose? https://www.spamhaus.org/news/article/786/mta-developers-allow-use-of-domain-dnsbls-at-the-smtp-level You get the IP of the post, the only IP's I get are from the URL
  15. petzl

    SCBL Usage

    "janicemcneill1" pushing fake drugs soon after? Can you increase ReCapture to 0.9 I believe is maximum? But then this may not be a direct SpamBot? https://www.spamhaus.org/news/article/786/mta-developers-allow-use-of-domain-dnsbls-at-the-smtp-level Seems to be blackhat "namecheap" spam which operate spambots from their domains Can you block Namecheap domains? 198.54.112.0/20 or "198.54.112.0 - 198.54.127.255" https://talosintelligence.com/reputation_center/lookup?search=198.54.115.238#whois
  16. petzl

    504 Gateway Timeout

    parsing is working? Check text not word-wrapped, spam size (truncate) etc https://www.spamcop.net/sc?id=z6568509516zb4a50db9ae358c68e84b99b98c9d710bz Truncate large spam like I did here SpamCop sometimes hangs on big spam just truncate after/below headers https://www.spamcop.net/sc?id=z6563917550zbe79e3f2c89f87c8b1048a3ab624b7e3z;action=display
  17. petzl

    forum spam handling

    Yes I value your experience. Signed out removed all cookies and passed the "captcha" test one click?
  18. petzl

    forum spam handling

    My bank has three fields, two need different passwords? Maybe a solution, I read though you believe they are manually entered not by Bot?
  19. petzl

    forum spam handling

    Just a check box I'm not a robot
  20. petzl

    forum spam handling

    Not working it seems?
  21. petzl

    forum spam handling

    Just need to invoke a CAPCHA or what is 1+2 = or something similar Anyone who can't work this out is not going to be a full quid This forum is being destroyed by spammer static. Google can't search it efficiently and was a good anti-spam resource,
  22. petzl

    Massive spam Attack - Looking For Input

    Seems to me Namecheap are "shining" on you Spamhaus does list domains surprised namecheap are not on it? Namecheap don't like negative publicity Bodgie, worthless , inferior; false. name address? probably email as well, try forward as attachment spammers spam to "green1.dakotaATgmail.com", if proven fake (bounces) you can try ICANN to deregister Namecheap for non-compliance.. Registrars are supposed to confirm accuracy? All domain sites contact information has to be true and accurate. SpamCop was once deregistered when it changed its fax number and neglected to update this. Joker.com did not support spammers This was during the "spam wars" where $$new blocklist opportunists$$ attacked SpamCop because of it's success and were dobbed in by competitor/s ASAP fax number was noticed changed. Namecheap seems to have security issues this is a reply in comments from article about Namecheap. Credit Card info stolen (last purchase: Namecheap)My last purchase was a DNS certificate through NameCheap. 24 hours later: $1,000 of fraud coming through on that card. Anyone else here having any issues?
  23. petzl

    Massive spam Attack - Looking For Input

    is out of action I checked, possible for servers to scan outgoing email? Also in Gmails webmail click spam for "report phishing" in options after opening email. Gmail will block from domains as opposed to blocking IP's if enough phishing hits just checked again, Thursday 22/08, it's back-up! http://67.229.173.51 Registrar Abuse Contact Email: mailto:abuse@namecheap.com
  24. petzl

    Massive spam Attack - Looking For Input

    You lost me on this one. Send to who, the Registrar, Host or Cert? And for DDOS attack? Is this what I am getting with a spambot. Or is that more of a server that's getting it not my home network? What addresses are you putting in the TO field. Domain Addresses or Host IP's? look at a SpamCop report, it will list what IP address it came from and a "key word" to look for, I use Opera web browser and "Ctrl + F" put a search bar on top, put/paste this keyword into it and you should easily see the offending IP, more importantly the server name picking it up. KEYWORD to use in future searches. "win32whois" will give the abuse addresses to post to. include the US cert and who ever. "" Best to do this from your Gmail web page, after opening email, click options "3 vertical dots" (top right) then select "Show original" a new page/tab will open showing you the IP "SPF: PASS with IP 111.111.111.111 Learn more" under that it will give the domain name "DKIM: 'PASS' with domain emails.XXXXXXX Learn more" Depending on spam you "forward as attachment" to (Always in the "To" field) abuse desks government agencies. this means you are telling recipients who is getting reports maybe raising your priority. put these abuse contacts in your address book or on notepad to copy/paste later, "phishing-report at us-cert gov" sounds good but most if not all Gov agencies sit on their elbows because they can't find their ass's, but looks threatening to abuse desks and you may get lucky and them VERY unlucky Seems to me Namecheap are saying they are bring domains down, don't forget to check though. http://67.229.79.114 is still up?
  25. petzl

    Massive spam Attack - Looking For Input

    Namecheap are the registrar all they have to do is change password access, seem spammer is using compromised accounts? so would think they can disown them, Spamhaus is also evidence in reports. NameCheap are the most abused by botnet spammers http://domainincite.com/22472-spamhaus-ranks-most-botted-tlds-and-registrars Not good publicity for NameCheap so they may look into it? Also report the host IP abuse (a few do something also use/report to the country CERT ) Also there is no need to use up SpamCop data just send as attachment from your email/Gmail account (mark as phishing) as attachment, much cheaper. for DDoS attack. put all addresses in the TO field. example of what I put in email body to give you a heads-up show spamhaus link in your case (if one is given) Namecheap are playing the fool noway they can't get a domain name from a IP address Traceroute will/should do this 67.229.79.114 = http://palterer.org abuse[AT]namecheap.com 89.163.243.41 = new.bedlamized.com abuse[AT]namecheap.com 62.210.76.243 agmaa.net abuse[AT]namecheap.com botnet source - ddos 36.27.123.65 antispamXzjnoc.hz.zj.cn see http://www.abuseat.org/lookup.cgi?ip=36.27.123.65 offending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader
×