Jump to content

petzl

Memberp
 View Profile  See their activity

  • Content Count

    2,271

  • Joined

  • Last visited

Posts posted by petzl

  1. Posted

    10 minutes ago, Spamnophobic said:

    When I submit a spam, either forwarded as an attachment or with full text pasted into the box, the parse goes no  further than "Parsing header:".  No "Report spam" or other button is shown. Example:

    https://www.spamcop.net/sc?id=z6555638759zce8ca756ddbb272131813a1b95647e30z

    This does not happen with all spams.

    Clever spammer trick to foul SpamCop's machinery, glitch in said machinery? Anyone have an idea?

    looks like a network receiving email
    95.213.181.165  abusexselectel.ru

  2. Posted

    10 hours ago, Jazzwineman said:

    Cloudfare needs to be criminally prosecuted and further sued into oblivion. Ihave zero interest in helping the business of someone that has conspired with enemies of the United States, as well as allow commission of other crimes against  the USA. That is is like a landlord that rents to a group of people and then is informed by law enforcement that these tenants are running a meth lab and the landlord takes a hands off approach and refuses to respond or make any effort to throw the tenants out.

     

    TBB

    Still looking
    https://blog.cloudflare.com/project-galileo-fifth-anniversary/

  3. Posted · Edited by petzl

    5 hours ago, lisati said:

    One of the links in the body of the message tracks back to cloudflare.

    For websites a different problem
    Cloudfare are "presently" selling "cheap" cloud storing space
    A lot of naive clients are not using secure passwords
    Cloudfare need to insist and check password compliance state the maximum characters their password can handle, with a minimum of 9 characters ideally need to have at least one  .Lowercase, uppercase,a numeral and a special symbol like, ( ) - = @ $ ^ & ? etc,
    Perhaps generate a unique one randomly between 20 and 32 characters for every customer
    Then insist that a malware/virus scanner is being run (like Windows defender)

    They are not doing this

  6. Posted

    1 hour ago, RobiBue said:

    1/2 way agree wit Petzl 😉

    1. fake bounce: no, it's a real bounce
    2. spammer has you as return address: yes. That's why you're receiving the bounce 😞

    The address that the spammer sent the spam to, is invalid (either never existed or got removed from usage) and since your address was the return address (From:) ...

    another reason to hate spammers...

    but no point in submitting that one, as the owner is legit... they just replied to you to let you know that "your" mail couldn't be delivered...

    that's another reason why spamcop goes after the Received: headers and not the From: email addresses 😉

     

    found it but it's still spam using a email account
    a8-31.smtp-out.amazonses.com
     

     

  9. Posted

    3 hours ago, showker said:

    About a week ago I started getting zero spam from my Spamcop account.

    This is the first time since 1997 that I have NO spam in the spam folder for over a week.  --- not even Chinese spam, which has come every single day for twenty years.  How can this be?

     

    Just botnet DDoS attacks, although using Chinese botnets I believe the insertion of Chinese writing in spam body may of been added as a red herring.
    Same for the fake drug spams which seemed to be coordinated with the Chinese botnet blitz,
    I found reporting https://12321.cn did shut the botnet down, they insist abuse reports be sent as attachment
    Can't guarantee that botnet attack won't start again?
    What I typically included in report

    botnet source - ddos
    111.76.169.40   anti-spamxns.chinanet.cn.net
    see  
    http://www.abuseat.org/lookup.cgi?ip=111.76.169.40
    email server - reset password
    219.235.112.153   ipasxcnnic.cn, 
     Warning - Does not support TLS. 

    offending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader

  10. Posted · Edited by petzl

    9 hours ago, gnarlymarley said:

    I went through my logs and noticed I didn't have any from the the IP range of 2402:bc00::/32.  The last time I had anything from 2402::/16 was in 2017.  So I definitely missed this.

    mine was through my SpamCop email account over 100 a day (reported everyone), mainly through Chinese Botnet, with Chinese writing,  along with worldwide  botnet fake drug etc,  but stopped around a month ago now nothing
    I suspect the spam content was "red hearing" e.g. putting Chinese in spam body and using Chinese botnet? 
    Typical report below

    botnet source - ddos
    111.76.169.40   anti-spamxns.chinanet.cn.net
    see  
    http://www.abuseat.org/lookup.cgi?ip=111.76.169.40

    email server - reset password
    219.235.112.153   ipasxcnnic.cn, 
     Warning - Does not support TLS. 

    offending email forwarded also, can be read as text attachment with a text/ASCII editor like notepad or eml text reader

  17. Posted · Edited by petzl

    1 hour ago, hank said:

    Well fooey.  Sure makes me look like an idiot to my ISP support folks who were told their headers were broken, and they followed the newly improved links to find no problem.

    So I guess I tell them there's no problem with their mail headers, it was just an artifact of something that the Spamcop support guy found wrong and fixed.  Eh?  Or is there still something wrong needing fixing?

    Well, I'll be back if I get more error messages.

     

    This is normal to everyone. You are not alone.
    Your mailhost was not working even though you had it entered correctly.
    Makes everyone look foolish

  21. Posted · Edited by petzl

    3 hours ago, MIG said:

    did think the fact your account has been sorted may be why the original URLs were no longer reporting the original error, but, when I look at the tracking URLs you posted, on page 1, I cannot find - https://www.spamcop.net/sc?id=z6551256550z0ed85f5a7d03a6f2cbf8b615d226c5f0z, when I look at SCF Page 2 - I can find it 3 times, and those are: when Petzl looks at it & references it, when I look at it & reference it & when I reference it, asking the question, "where did it come from?"...

    I found it by clicking through the links
    SpamCop reparses every time you call it up once fixed problem won't reappear
    For instance if you update abuse address cache and it changes it will then show new abuse address

×