petzl

If you can work out the IP your email server received spam from a whois program makes it easy. This ones for Windows. Freeware http://www.nirsoft.net/utils/ipnetinfo.html

And reported spam kept on database for 3 months, example https://www.spamcop.net/sc?id=z6593732954zaf393e656b12c75bfc0c782f527aacd8z

A few providers do not accept SpamCop reports They only accept reports from the email account that received them!

Yes if the IP shows as ever being blocked by SpamCop it would lose it's GOOD TALOS reputation EMAIL REPUTATION Good Not uncommon for SpamCops blocklist to be falsely blamed However this IP has a malware infection, But never been reported by SpamCop 195.225.38.17 abuse[at]gazprombank [dot]r u. https://www.abuseat.org/lookup.cgi?ip=195.225.38.17

SpamCop blocklist can be activated by a large number of emails hitting "SpamCop's spamtraps" . These email addresses are not public but can be scraped by "bots" from poisoned Web-sites. Records of such attacks are not recorded will be blocked for 24 hours from last spam. Two reasons for this is someone is not using a Virus scanner and a computer/device has been compromised or best practice for marketing is not being done "double opt-in confirmation" Minimum is https://en.wikipedia.org/wiki/Opt-in_email#Best_practice How easy is it to be put on a/your mail list? Your competitors may well try to sabotage your mail list by loading it with poisoned email addresses?

No reports made by SpamCop members for 90 days which is as long as records are kept? Can you show the bounce, edit it to remove any sensitive information

I just forward to "abuse [AT] amazon [DOT] com" "stop-spoofing [AT] amazon [DOT] com" From my Gmail account directly

Sometimes SpamCop reports re ignored! These creeps I report directly from the email account they attack

I always forward my Amazon spam to abuse [AT] amazon [DOT] com which now has stopped from amazon spammer has moved to India https://www.spamcop.net/sc?id=z6614613333z33924b4aa692bdb379203b970853f7efz Creep is using a number of Indian IP's but same fingerprint as Amazon spam "contact[AT]gyaneshwarcomputer[DOT]com" "abuse[AT]alphainfonet[DOT]com" "admin[AT]mukeshtech[DOT]com"

That's all I do with mine Seems though when spammer sends though gmail to gmail becomes a intranet SpamCop cannot parse Just report as phishing and gmail will deal with it Reported a while ago https://www.spamcop.net/sc?id=z6613089010zeca3f141148e65c17956cc77885b5331z

Working for me two days ago? Fake drug spam. https://www.spamcop.net/sc?id=z6612624629z1abe5cddebae09ba94ce8ea7968ce25bz

This seems posted from within Gmail to Gmail which means it is intranet spam, there is also no body in spam, Seems the headers are incomplete also. With full headers and no body, just under headers, hit enter twice and write "No body in spam" for SpamCop to work. Just mark it in Gmail as phishing

Would like some IP numbers a few track urls But if SpamCop is not working in stopping spam you need to do this yourself Just pick say five spams or more to report, All probably from same spammer This should give results on all 158 spams Learn which is the IP YOUR email server receives email from then the IP that sent it. Just report that IP by forwarding from your email The best defense is attack!

And it may bounce from there. It's in the "Marshall Islands" so don't get your hopes up? https://en.wikipedia.org/wiki/Marshall_Islands

SpamCop cannot report these spams, but it does tell you the IP address from whence they came. Also the URL in body of message With SpamCop, a "BOT", one sometimes need to step in to do spam reports more effectively. By showing you where I would of sent them, were just letting you see example

You need to forward from your email account with this preamble at top of report http://173.240.15.12 Name: lebis.disians.com IP: 173.240.15.12 Domain: disians.com\ Registrar Abuse Contact Email: mailto:abuse[AT]web.com EMAIL IP 173.240.15.12 abuse[AT]bigboxhost.com SpamCop has this wrong http://b.link/E-Leclerc-fr IP 18.208.23.249 abuse[AT]amazonaws.com Then paste headers and text body as you did for SpamCop

When some email server or Botnet starts spewing spam, occasionally they are taken offline. but when started up again it finishes the out of date spew! When you parse spam at top of page before you submit there is a tracking URL posting this, one can look up IP's to see when spam was happening and when it stopped and if it restarts For instance 35.182.184.76 couple of sites I use to check, was a Botnet, but it now seems a malware scan was done and has fixed it. https://talosintelligence.com/reputation_center/lookup?search=35.182.184.76 https://www.abuseat.org/lookup.cgi?ip=35.182.184.76

Nearly all stopped for me also after forwarding their spam back at them with a nerdy note! That said I still get the odd multiple spam splurge at once all from different IP's Something wrong with their security. Possibly one of their home connected WiFi gadgets?

You need to report to abuse[AT]amazonaws[DOT]com from Gmails WebPage Click "Show original" on your gmail WebMail page. you will see the IP that sent it to Gmail SPF: PASS with IP 52.54.105.63 Learn more Forward it to AmazonAWS paste the IP above the text you paste into forwarded message. I paste this above headers and body text Criminal phishing, bogus reply address, bogus unsubscribe (NEVER subscribed), DDoS Banned all Amazon and subsidiaries purchases because of inept AWS abuse responses to AmazonAWS DDoS multiple IP email attacks It looks to me Amazon should block port 25 to prevent viruses and spam tools managing to connect directly from infected machines through your NAT? All those who have access to your network need to scan for malware. If detected change password injection 52.54.105.63 abuseXamazonawsXcom

Speak to your email provider.

Just got a couple today from Amazon https://www.spamcop.net/sc?id=z6609487289z0285b33932067f7daed6ceaeb71b8f51z

These are Amazon IP's so it is up to Amazon to fix or not their spam problem. I assume it is from inside Amazon Corp.

167.89.8.98 is often in headers but probbaly spoofed Gmail tell you the IP they recieved email from Someone working for Amazon have a infected computer Everyone in Amazon simply have to run a malware scan to fix it blocking port 25 would stop it as well.

It looks to me Amazon must block port 25 to prevent viruses and spam tools managing to connect directly from infected machines through their NAT?

Probably these/this forum is scrapped for email addresses.