Jump to content

petzl

Memberp
  • Content Count

    2,295
  • Joined

  • Last visited

Everything posted by petzl

  1. Not me that is having email bounced? My email address is a legacy one that is forwarded to a fastmail account. I pay for reporting spam through SpamCop which allows me to look-up IP addresses for evidence of prior reports. https://mailsc.spamcop.net/sc?track=151.101.248.253 Access for paid members only. TALOS give the IP a neutral "email reputation" if it had been listed it would be negative
  2. no reports have ever been made by SpamCop members. Don't look like it has hit spamtraps either? https://www.talosintelligence.com/reputation_center/lookup?search=151.101.248.253
  3. SpamCop blocks by email or source IP not a email address Show the IP that SpamCop is blocking for better advice.
  4. Don't think so? At least not via SpamCop
  5. petzl

    USB email client

    Been using TheBat voyager which is a bit buggy but seems adequate But would like something better Testing http://portableapps.com/apps/internet/thunderbird_portable Can't work out how to get full headers though? Open email View. Headers, ALL Don't do it?
  6. Had a look at this one only; SpamCop abuse address cache needed refreshing (works now) A good Whois for IPv6 addresses is https://dnslytics.com/whois-lookup Says it's from India also send abuse to INCIDENT [AT] cert-in.org.in pradeep.elcom[AT]gmail.com bounces/bogus
  7. petzl

    SCv5 parsing

    If SpamCop can't parse do it yourself. Look for line Authentication-Results: spf=none (sender IP is 209.85.128.68) AND Return-Path: noreply.kimcilkempolenkentunenggerdukaroboyoanyaran3@buahdalamdada.me Received: from ubuntu-s-1vcpu-1gb-fra1-01 ([68.183.75.255]) So forward as attachment to network-abuse[AT]google.com All you put in forwarded message is Received 209.85.128.68 network-abuse[AT]google.com Source 68.183.75.255 abuse[AT]digitalocean.com digitalocean.com are known ratbags so also use their abuse page https://www.digitalocean.com/company/contact/#abuse
  8. Send a tracking URL st top of page before you submit Here is your TRACKING URL - it may be saved for future reference:https://www.spamcop.net/sc?id=z6512807609z140b367a456a8adeb495bd5a26b7edd1z or screen shot https://ibb.co/4PCKSm7
  9. you can see where the data breach occurred by going here https://haveibeenpwned.com
  10. BEFORE you click submit the tracking URL is at top of page https://ibb.co/4PCKSm7
  11. no. Look below Here is your TRACKING URL - it may be saved for future reference:https://www.spamcop.net/sc?id=z6512807609z140b367a456a8adeb495bd5a26b7edd1z
  12. Before you submit a spam at the top of page is a "tracking URL" copy it and one can then see what you are on about
  13. Help if you sent a tracking URL Your email server collects a received IP address.that is are genuine IP a lot of spam has fake IP's stamped with the spam SpamCop will disregard these if there is something dodgy about it (no DNS etc) example below. Received: from WINDOWS-COSBPNE (unknown [113.140.86.66]) my email server by vmx5.spamcop.net (Postfix) with ESMTP id 07FDAAF6FB for <xxx[AT]spamcop.net>; Wed, 9 Jan 2019 13:31:08 -0800 (PST) Received: from jakwcdbio (Unknown [182.111.98.3]) claimed/fake email server stamped source DNS LOOKUPS Forward and Reverse DNS lookups are performed to see, if the name to IP and IP to name DNS lookups produce the same results. This feature is used to see if DNS is correctly set up for a host and can be an indicator for a malicious host.
  14. petzl

    spam reporting question

    https://www.talosintelligence.com/reputation_center/lookup?search=62.172.235.230 Shows some one don't care UK military server compromised https://www.raf.mod.uk/our-organisation/stations/raf-marham/ https://www.spamhaus.org/sbl/query/SBL428795
  15. https://www.spamcop.net/sc?id=z6451502850zd07b723238632868903d2821f0fe36ddz would like to know the actual Youtube video these/this spam uses in received spam? Java scrip hides the source, tried right click video source no-good. These criminals have 100's posted under bogus names on youtube example "https://youtu.be/edu1UmfJbTg" on the right shows from all same crime gang they go through https://t-soft.cc/lp.php heres my last abuse report Criminal phishing, bogus reply address, bogus unsubscribe This/my email address I believe provided to this Russian (?) Crime gang by FaceBook posted from 139.59.244.76 is an open proxy abuse@digitalocean.com phishing-report@us-cert.gov http://cbl.abuseat.org/lookup.cgi?ip=139.59.244.76 URL https://pushstat.sendpulse.com/pushurls/361646/NzM5NjQz/97152513cf76a54da69215685da34b92/7c977009d5861eebb711656eb7d87a74 Resolves to 193.70.13.222 abuse@ovh.net Redirects to http://click.affcrunch.com/aff_r?offer_id=1674&aff_id=3669&url=http%3A%2F%2Fclick2go.link%2Fclick.php%3Fproject_id%3DSbn-%26affiliate_id%3DZhn-%26custom1%3D10238e359a5f2258488583da02e039%26custom2%3Dv2&urlauth=643935563311863739629751418684 Resolves to 52.210.90.239 : abuse@amazonaws.com linked via phishing spam bogus reply address, bogus unsubscribe numerous youtube videos posted anon no listed owner/channel? https://www.youtube.com/watch?v=2b5nWGfptz0 network-abuse@google.com
  16. Thanks have slowed this criminal down but comes back every few months
  17. petzl

    Telephone spam callers

    Another here https://jollyrogertelephone.com
  18. petzl

    spam reporting question

    child porn source 182.111.98.3 anti-spam@ns.chinanet.cn.net 113.140.86.66 anti-spam@ns.chinanet.cn.net offending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader example just forwarded as attachment from my email account Received: from WINDOWS-COSBPNE (unknown [113.140.86.66]) my email server by vmx5.spamcop.net (Postfix) with ESMTP id 07FDAAF6FB for <xxx[AT]spamcop.net>; Wed, 9 Jan 2019 13:31:08 -0800 (PST) Received: from jakwcdbio (Unknown [182.111.98.3]) claimed/fake email server stamped source email server seems a fake one https://mxtoolbox.com/SuperTool.aspx?action=smtp%3a113.140.86.66&amp;run=toolpage
  19. petzl

    spam reporting question

    Forward as attachment from your email to abuse address is another way botnet source 88.198.112.174 'abuse@hetzner.de Email server change password 62.172.235.230 abuse@bt.com Received: from 127.0.0.1 (EHLO our.madebysonder.com) (62.172.235.230) your email server to you by mta4452.mail.bf1.yahoo.com with SMTP; Wed, 09 Jan 2019 11:52:48 +0000 Received: from User (static.88-198-112-174.clients.your-server.de [88.198.112.174]) source to your email server by our.madebysonder.com (Postfix) with ESMTPA id 1306A30601B9; Tue, 8 Jan 2019 12:00:03 +0000 (GMT) reference urls https://www.talosintelligence.com https://mxtoolbox.com/diagnostic.aspx https://dnslytics.com/whois-lookup
  20. petzl

    spam reporting question

    Rubbish bin never read. The Cert address is run by the Government who can get criminals arrested
  21. petzl

    spam reporting question

    Add INCIDENT[ AT ] cert-in.org.in To you report "pracharnamapvtltd - gmail*com" is a apparent bit bin
  22. petzl

    spam reporting question

    Gmail/Google don't care about customers, to them they are just data fodder! Aside from reporting spam mark it phishing
  23. remove this line X-Received: by 2002:a5d:660e:: with SMTP id n14mr29805602wru.19.1546161368641; then it works if you can mark it as phishing all spam https://www.spamcop.net/sc?id=z6509955159z47f3673f640081f71a9089e0d8df55dcz
  24. good link wonder if anything is done aside from registering?
  25. never had a failed drive? but if I junk computer use them in hard drive enclosures for USB storage.(hold all my DVD movies) if not needed hammer them.
×