Jump to content


  • Content Count

  • Joined

  • Last visited

Posts posted by petzl

  1. 18 hours ago, rdorsch said:

    Thanks for sharing the useful link.

    Fortunately, so far my domain did not show in the pwned list ­čÖé

    The relation to spam here is that one of my smtpauth passwords would show up, correct?

    "smtpauth passwords would show up, correct?"
    pwned is the term
    I have a throwaway gmail address for facebook to read newspapers, seems pwned claims it gets breached often?
    Bit of a pain to change all passwords Facebook, Gmail, cancel the "News account" clickbait I never wanted
    pwned lists all that show compromised, my passwords are upper/lowercase, alphanumeric with symbols.
    Put up a FaceBook page with REAL name to see if I could contact "lost friends"
    before I even used it facebook appears to of sold my info to a Russian spam crime gang,
    Still get phishing from them but has slowed to so far one a month. Reporting does work

  2. 3 hours ago, gnarlymarley said:

    (I think what petzl is talking about is where I have seen IP cameras and routers get hacked and the spam sent from there, but this does not appear to be coming directly from your server.  If it was coming directly from your server, I would check the server and any devices that might be sharing the same IP for possible intrusions.)

    Yes smart TV's, Amazon, google devises, mobile phones, baby monitors, security camera's, are now on the list for hackers
    Internet of Things (LoT) is the new threat.

  3. 14 hours ago, rdorsch said:

    I do not understand why I should run a virus scan if my server is not the source of the spam

    Talking about your PC a virus check is a must. Could be you have been compromised.
    I even use a VPN this encrypts my communications to and from Computer. Even my Skype calls are encrypted.
    Win!0 here just use Windows defender which right now seems very good.

  4. 16 hours ago, rdorsch said:

    Since the domain which is referenced in the spam email and my mail domain are the same, it should be trivial to catch such false positives by spamcop. I am just wondering if anything changed in the spamcop setup or if I can somewhere configure that spamcop never generates reports against my own domain submitted by me.´╗┐

    Seems strange a provider would shut down a website with one complaint?
    Make sure it has not been compromised, change password.
    Run a virus scan on your computer. If you are competing against a similar website you are possibly being attacked, often done for blackmail as well!
    Your mailhosts are not necessarily  the same as a domain. have a look
    But then SpamCop only stops reporting your email "domain"

    Contact your provider

  5. 9 hours ago, Spamnophobic said:

    @Petzl, my mailhosts haven't changed, although just to be sure I'm re-running the mailhosts "app". However, 31[dot]onefourfive[dot]190<fullstop>66 is definitely not one of my mailhosts. It is the closest the parse gets to the original spam sending address. It is a mail server in Turkey. The parse quotes one more IP, called "User", 176<dot>thirtytwo[dot]25[dot]27, which I am unable to ping (times out).

    My point is that SpamCop is unable to parse the spam mail ("No source IP address found") In the past spammers have tricked SpamCop into giving this error message. See my earlier posts in this forum. (This was eventually resolved with the help of a SpamCop administrator.)

    Well (proserve[DOT]nl, signet[DOT]nl) at a guess seems to be your email provider or network.
    You seem to be picking your email from a internal  network which probably changes?

    AFTER deleting your mailhost entry try redoing.
    If this don't update
    Contact SpamCop support
    logon and go here (there is  email address but I forget it)
    or free user
    Other reasons for contact
     (put in) "Mailhosts"

  6. 3 hours ago, Spamnophobic said:

    OK I know we have been here before, but could somebody examine my tracking url:


    perhaps forum seniors or SpamCop staff can suggest how to get these new ones reported?

    spam came from  IP  "abuse[AT]vodafone[DOT]net[DOT]tr"
    Seems you need to check/update your mailhosts or you will be reporting yourself!
    Logon to SpamCop then go here
    Paying member go here

  7. 1 minute ago, Outernaut said:

    Sorry, but that was gone after I posted the query. Yet reading everyone's response has helped me understand it better. I've no idea how, after email is checked for at minimum, 5 minutes and as for this one, as I've seen with as few others, show up two or three days late.  Thanks for the help.

    Without seeing a Tracking URL.
    Sometimes a server is turned off when it is found spewing spam

    When turned on again it spews out remaining spam.
    While you may just get it it can of been sitting on server for days.
    That is the received date SpamCop goes by, not when you receive it.

  8. 20 hours ago, gnarlymarley said:

    I have seen where the ISP/spammer marks "The issue is resolved" and by the time I go to report the spam, SpamCop doesn't let me further report as the issue has been "resolved"

    That is annoying, I then manually report from my  spammed  email address.

  9. 1 hour ago, jprogram said:

    But if spamcop is not serious on the links, then my next question of concern is: can spamcop even deal with "snowshoe" spam?

    SpamCop is just a BOT that has done a very good job for years, still does.
    One can always do better than SpamCop if you have the time.
    Snoeshoe spam dodges block list by using different IP's from same provider.
    I have almost always managed to get spam to stop. 

  10. 8 hours ago, Steve said:


    Tried refreshing the page several times and nothing worked to bring up the abuse contact for this IP Address. Upon running a check at whois.nic.ad.jp, I got this result:

    Botnet device needs scanning with password change "abuse[AT]webhostedgroup[DOT]com"

    Through compromised WEB IP
    device needs scanning with password change

  11. 42 minutes ago, Baloo said:

    Though gnarlymarley's question was obviously not for me, I have the exact same problem: spinning circle to the left of the blue refresh button. I disabled Ublock Origin, tried it with Chrome, Firefox, tried it from Incognito mode, tried it from my work PC (different ISP). Fails the same way.

    This is from a Apple/Mac?
    If so try safe mode, usually the Virus scanner stopping Captcha?

  12. Quote

    This might be an issue as if you have the block list enable, then the reports stop and the IP falls off the list quicker.  Hopefully, they run across a spamtrap which I believe it will continue to accept spam while it is on the block list.

    Cisco have their own ways of creating blocklists for their email servers, This is what makes them sought after.
    There is nothing to set-up, no false-positives nor false -negatives. Has evolved from it's "Senderbase" days


  13. 3 hours ago, efa said:

    Is there something I can do to add those source IP to the blocklist?

    Is it useful to continue to post those spam in Spamcop reporting form?

    Keep reporting them they may get on he SpamCop Blocklist, Cisco is likely to add the spammers ISP, silently, add to their and owners/customers of their servers blacklist,
    which mean very few will even see them (they are bit binned/banned) Cisco is a major supplier of email servers which are spam free.
    Just post the SpamCop trace URL's

  14. 6 hours ago, efa said:

    - following the remova´╗┐l link do not stop the spam bombing

    So this is phishing and you never subscribed! with bogus unsubscribe, they are also IP hoping to avoid block-listing, called snowshoe spamming

    6 hours ago, efa said:

    You say "Pay to forward the spam you receive to ..." because payed SC service will send the complaint to mail server source?

    SpamCop not doing it this time report is "devnulled"

    6 hours ago, efa said:

    Why you say to preamble with "Criminal phishing and DDoS" ?

    Even in your case it is! If you start getting flooded with spam you stand the chance of your email account being disabled,
    Happened to my Gmail account,
    Chinese attack, "abuse]AT]12321[DOT]cn" is the supposed corrupt Government report address,
    they claim they want reports Forwarded as attachment before acting. 

  15. 8 hours ago, efa said:

    apparently the first block is not listed in any BL:

    Tried the Unsubscribe link? They have your email address anyway. has had 8 spam reports over last 90 days,
    Might be spam laws in Germany but many of Germanys ISP's don't  accept SpamCop reports?
    Ideally still report though SpamCop creates statistics which are used by anti-spam org's
    Pay to forward the spam you receive to "abuse[AT]mapp[DOT]com" include full text and body.
    Above that a  preamble like

    Criminal phishing, bogus reply address, bogus unsubscribe (NEVER subscribed), DDoS


  16. 4 hours ago, ArtmakersWorlds said:

    I report it all assuming I check within 2 days of it showing up.┬á┬á That account in question I don't always.┬á┬á But yea, report it all.┬á If everyone did this it would stop so much faster.´╗┐


    Thanks again for spamcop.  best service out there.

    Gmail/other throwaway accounts, need to confirm email accounts say a week later aside from their auto-ack and remove anything in their "cloud accounts"
    I keep reporting these criminals to gmail with this "addy", who keep attacking although now slowly

    Criminal  phishing, bogus reply address, bogus unsubscribe
    This/my email address I believe sold to this Russian (?) Crime gang by FaceBook


  17. 11 hours ago, its8up said:


    Found th´╗┐e sp´╗┐am that appare´╗┐ntly breaks the SPAMCOP pa´╗┐ge.┬á It is ´╗┐below for your p´╗┐leasure.┬á Any id´╗┐ea what is going on ´╗┐with this thing?

    No idea
    From African botnet probably Gmail antics  netabuse[AT]mtn[DOT]bj
    Through email server

  18. 3 hours ago, denby said:

    It is confusing.   I use Spamcop to report spam.  Here is one of the tracking codes:


    So try clicking the unsubscribe link.
    They have your email anyhow,
    yes it can be used to confirm your address and probably bogus link. 
    Do-not write your email address in any box asking for it. It 's bogus!
    When you submit your next spam just include the top 3 links  delete the rest
    below those 3 links clink "enter, for one space" then write truncated, then submit 
    Doing this should remove "Too many links." failure

    View this email in your browser

  19. 1 hour ago, ArtmakersWorlds said:

    Does google even care about spamcop complaints? 

    Google free service would rely  only automation, it is very good at sorting spam from ham
    If you log onto their webmail and mark all your spam as phishing it is acted upon.
    Each spam complaint would cost around $50 for a abuse team to work on, but I do believe abuse reports are gone over by Google
    I rarely get spam in my Gmail account