Jump to content


  • Content Count

  • Joined

  • Last visited

Posts posted by petzl

  1. 2 hours ago, Lking said:

    This topic has nothing to do with spam, SpamCop or trying to manage spam.

    Although off topic the posts do not contain any links, so it has been moved to the lounge vs "Suggested tools and Applications" related to the topic of this forum.

    It was spam Both (the same?) just trying to troll IMO!

  2. 42 minutes ago, pusser_uk said:

    Reporting to abuse@microsoft.com or report_spam@hotmail.com, where it originates, seems obviously not to work but just to multiply the amount of spam that returns. All the spam has a common thread in the "reply to" field which contains in various different forms deutsche.xyz with or without extra characters. All of them have in common, https://optimized-by.rubiconproject.com plus the rest of an address. Is there a way of stopping this amount of spam or do we keep reporting through SpamCop?

    I suspect your reports are working (tried a link and came up dead) Appears you are/maybe being spammed by a "hosting site" 
    https://dan.com/ registrar : domainabuse[AT]tucows[DOT]com

    Microsoft/Azure are now open for spamming with their "free" trials.


  3. 6 hours ago, noisydaddy said:

       Listings are for 24 hours, I suspect someone has paid for a email address list full of spam-trap addresses.
    These are poisoned addresses, scrapped from Web pages/internet sources by WebBot's.
    SpamCop's blocklist is a radar, detecting malevolent emails, then blocking for 24 hours.
    Who/whatever's doing this  needs to first scan their computer for malware and change passwords
    If a who, they need to lookup double-opt-in, for marketing purposes.
    Possible this is a shared IP
    If you put a email address on the web do it this way "nobody[AT]nobody[DOT]net" please edit your post and remove the email address in it! listed in bl.spamcop.net (
    If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 20 hours.

    Causes of listing
    System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)
    SpamCop users have reported system as a source of spam less than 10 times in the past week

    Listing History
    In the past 90.4 days, it has been listed 30 times for a total of 36.7 days
    Other hosts in this "neighborhood" with spam reports

  4. 20 hours ago, sc_aswglo said:

    "Educated" idiots being smug want one to jump through their hoops now!
    They have a webpage

    But you can try reporting directly from your own email address

    Or consider having your email forwarded to your Gmail account (Leave the email forwarded on your server, do not delete)
    Then mark spam on their/your Webmail page as phishing - seems effective

  5. 2 hours ago, Raccoon said:

    Been looking around and this was just beginning last year... 


    I did a search by year and it didn't drag any others like that out; The similarities are scary. Practically spit image of my current issue.  Not to mention MAYBE same time line..? 

    SpamCop is a "Bot"
    The main problem with spamtraps email addresses is that spammers can find out what they are and use revenge attacks on servers they object to?
    I get on my throwaway Gmail account I use for marketers a fictitious "unsubscribe" which posts to a 100 spamtrap addresses this activates a blocklist?

  6. 4 hours ago, Raccoon said:

    The 2 emails that said person uses gets blocked a lot to different emails that she has had contact with in the past. They are not spam emails, they are regular emails talking about invoices/purchases which may include an attachment .pdf or two. 

    You are not the only one using that/those IP's unfortunately some clown has bought a scam mailing list full of "poisoned" or spamtrap email addresses
    A spamtrap email address are hidden in web pages in which a "spambot" has crawled through gathering email addresses. Some good, some spamtrap ones!
    Might pay to consider a different email provider?
    A very popular spam filter is SpamAssassin that uses the SpamCop blocklist to help score/decide what is spam or not
    Then there big email providers have secret blocklists and spam recognition programs that they don't disclose publicly, Cisco email servers are the best at sorting "spam from ham" and don't bother telling if mail has been deleted (they have no need to, they are that good) I don't see it and just don't care. All non-spam email goes to my inbox 100% accurate.

  7. 7 hours ago, Raccoon said:


    I rechecked the time for the delisting and its at 22 hours. I don't think its changed at all since your last report previously. 😥

    The SpamCop blocklist is spam traps getting hit , spamtraps are factious email address's that should not be getting email (like a radar)
    When a spamtrap is hit ir resets the the block back to 24 hours
    Some have been sent to real addresses and been reported as spam
    These are some of the reported subject lines which look "spammy" to me
    Those whishing to do "email marketing" should learn about "Double Opt-in"

    Order premium generic healing production here. 
    Inviting:-) can u chat? Let's try to idyllic talks;-) My Mister charming
    =?utf-8?q?=5Bpossible_spam=5D?= Hi 
    Y o u R TransUni0n, Equifax_And Experian Credit Scores In_Sec0nds For 0 Dolla...
    Own top rated treatment products here!


    Listing History

    In the past 87.5 days, it has been listed 20 times for a total of 50.4 days

    Other hosts in this "neighborhood" with spam reports


  8. 6 hours ago, gnarlymarley said:

    I have noticed that sometimes spammers use too many URLs in their spam.  Would it be possible to group links by hostname and processs them by that?  When the report is sent, they combine there.  Moving it to the hostname means if all the links share the same hostname, they can still be reported.  This would also save on DNS look ups if the links are below the limit.


    Sometimes yo goto do this your self Namecheap sites are the ones that hammer our group here!
    Domain Name: TIZIFI.COM
       Registry Domain ID: 2522690312_DOMAIN_COM-VRSN
       Registrar WHOIS Server: whois.namecheap.com
       Registrar URL: http://www.namecheap.com
       Updated Date: 2020-05-06T08:47:07Z
       Creation Date: 2020-05-06T08:47:04Z
       Registry Expiry Date: 2021-05-06T08:47:04Z
       Registrar: NameCheap, Inc.
       Registrar IANA ID: 1068
       Registrar Abuse Contact Email:  mailto:abuse[AT]namechea[DOT].com

  9. 7 hours ago, MarkA said:

    If there are obvious issues with the headers, it seems that the mail provider needs to fix.

    First look at preferences tab select
    Report Handling Options
    Then check "Enable quick data reports" should be checked
    Quick Data Reports
    Enable quick data reports
    Disable quick data reports

    You still may need permission to use this, it was turned off some years ago because of to much errant use. 
    My spam is low and prefer to copy and paste spam headers/body, and follow links to send abuse complaint to registrar

  10. 1 hour ago, MarkA said:

    It's not clear here what constitutes traversing more than one domain, unless it's having issues with either the IP or the handoff from mailchannels to dreamhost, and then my final email address in those headers is neither of those, being a hosted domain at Dreamhost.

    So from bad to worse now.  I don't have any forwarding between email accounts as part of this.


    Seemed to me your Mail host had changed. It was not working at anyrate
    Log into your SpamCop account
    Go to preferences 
    Put in a working email address, if need be set up a Gmail one
    Then try to set up your mailhosts again

  11. 18 hours ago, MarkA said:

    Any update for Dreamhost and Mailchannels here yet?  I'm a long time spamcop user but new to the forums for this issue and am having similar recent issues with my Dreamhost reporting.  And though I'm not experiencing a parser hang, the parser simply now says my mailhost is not configured correctly:

    Just login to SpamCop click the tag mailhosts delete Dreamhost and Mailchannels (scroll down to "Delete Host")
    Afterwards resend. Allow a hour? before resending just in case SpamCop is a bit slow in the taking.


  12. 15 minutes ago, petzl said:

    Would help if you sent a SpamCop Track

    BEFORE you click submit look at page TOP
    Here is your TRACKING URL - it may be saved for future reference:

    Worked for me?

    With Gmail if you could report on your Gmail Webmail link spam as phishing it disables links for gmail users
    Looks like some naïve user is not using a virus/malware checker, On windows   Microsoft Defender Antivirus & More is best choice, one has already paid for this program and it is very good. Probably the best.

  13. 21 minutes ago, emanmb said:

    I guess in some ways I'm looking for patterns where none really exist but for the randomness of what methods my yahoo spammers send me stuff.  If I look in my gmail account it's stuff from all over the place.  The consistency at which my one yahoo receives spam from google sources made me wonder what was up, and if google takes SC reports seriously at all.  It probably means nothing :) 

    With Gmail learn to mark spam as "phishing". That immediately shuts down Google drive links

  14. 1 hour ago, Maine Train said:

    Neither are accessible, need a SpamCop track.
    That said I set-up a Facebook account with my real name with my real name Gmail address.
    Went to bed, next day getting spam in it?
    Criminal  phishing, bogus reply address, bogus unsubscribe
    This/my email address I believe sold to this Russian (?) Crime gang by FaceBook



  15. 2 hours ago, Claudio said:

    Hello, does it make sense to keep routing information set up by a deputy more than ten years ago? Example:


    SC says the origin is and wants to complain to abuse(@)hostingexpress.com and abuse(@)nwrks.net according to information set up by a deputy in 2004:
    However, arin.net says:
    https://search.arin.net/rdap/?query= = eig-abuse(@)endurance.com

    I preferred this email but there's no way to dispute or flag a route as needing attention. Should I notify someone? Maybe there's a reason the NIC information is not used. Thanks.


    Gets annoying to everyone, suggest once a year SpamCop year send a double opt-in requirement to keep address active?

  16. 3 hours ago, Maine Train said:

      I haven't been on the forum for a long time, so I'm trying to get familiar with it again. I'm seeing threads from 2007 and earlier, but assuming that any without a year are 2020, meaning there's still activity here. I hope so, because I've got a weird situation involving a spammer/scammer trying to impersonate one of my high school classmates.

      In the "old days," most of the people here were way more savvy about the Interwebz in general and spam in particular than I was, so I'm pretty sure someone will have some useful insight on the situation. Would anyone like to hear the whole story?

    Learn how to send a SpamCop track at top of submitted spam BEFORE you report, this helps look at one's reasoning.
    sample below
    Here is your TRACKING URL - it may be saved for future reference:
    Skip to Reports

  17. 1 hour ago, gnarlymarley said:

    Would be nice if companies would keep their contact information up to date in whois.

    I remember when it was postmaster@blal.blah that address got spammed to oblivion.
    Many now want spam reports done on secret web pages. Gmail give a reply to abuse page/form now


    f you would like to report suspected spam, Malware, Phishing, or other abuse on Google Cloud, please fill out the form at the following link:


  18. 5 hours ago, hank said:

    How about "mail.spamcop.net" -- shouldn't that be a good address?

    Suddenly my reporting of spam is rejected, password reset doesn't help, ping says it's an unknown host, sometimes, and other times gives very long delays, viz:

    30 packets transmitted, 29 packets received, 3.3% packet loss
    round-trip min/avg/max/stddev = 201.782/228.961/292.230/29.676 ms

    mail.spamcop.net is not a routeable IP address
    Cannot resolve mail.spamcop.net

    SpamCop email addresses are a legacy, all mail to your Spamcop email are just forwarded to the email address in your preferences

  19. 8 hours ago, showker said:

    Has Spamcop stopped reporting the spamvertised site

    Not for me, but does have some links it cannot reach so dismisses them as fake, when I can access them on my browser.
    But cannot with my text only browser (NetDemon) a text browser is what SpamCop would use in lookup

    You perhaps need to try a few by manual spam reporting you will get a more effective result IMO.
    You can also work out how to make the BOT SpamCop work better for you.
    You need for windows two FreeWare programs.

    IPNetInfo v1.95 (IPv4 lookup abuse contact, for IPv6 addresses I use SpamCop)
    http://www.nirsoft.net/utils/ipnetinfo_setup.exe  (direct download link)

    Win32Whois (website registra abuse contact)

  20. 2 hours ago, showker said:

    for the last several months, spamcop reports do NOT reveal or report the spamvertised site.

    Everyone knows it's no use reporting the SENDER of the email, and if it's AmazonAWS, CloudFlare, Google or DigitalOcean, it's no use reporting them anyway because they ignore reports.

    It's the benefactor of the spam that needs to be reported and get blocked.

    Why did Spamcop stop doing that ????


    AmazonAWS won't accept SpamCop reports for starters. Possibly AmazonAWS is also where the links are?
    Forward your spam to abuse[AT]amazonaws[DOT]com and paste headers and body as text as well

    Need a Tracking URL to see

  21. 1 hour ago, EkriirkE said:

    What are you going on about?  You can't get a tracking link for a spam you haven't submitted yet.  That's a catch 22.  And I'm not trying to report spamcop report links

    Unless headers are shown safest way is by a Tracking URL
    ,Without one or headers have no idea what you are on about either?
    If you paste headers replace your email address with a x