Jump to content


  • Content Count

  • Joined

  • Last visited

Posts posted by petzl

  1. 9 hours ago, gnarlymarley said:

    I believe gmail has fallen to the spammers level.  If they are paid enough, they will probably continue to have the domain unblocked.

    Amazon go through "free account/web page" trails and are useless if not pro-spammer with dealing with abuse,
    If enough amazon spam get reported as phishing, which it is. the blocking of amazonaws domain is automatic but takes a lot,
    This would be serious for Amazon whose main business is on-line shopping.

  2. 59 minutes ago, Sisyphus said:

    I received this email:


    This message serves as confirmation that you are now successfully registered in our support center.

    Registered Email: <some numbers>@reports.spamcop.net
    Password: <some letters and numbers>

    You can visit the Support Desk at any time by going to https://yoursupportdesk.net/

    Please do let us know if you have any questions.



    Support Center: https://yoursupportdesk.net/index.php?


    Is there any reason to think this isn't spam?


    Seems like a vague reply to a SpamCop submission/report you made?
    Just ignore it

  3. 3 hours ago, 5280 Guy said:

    I have also started copying the "abuse" addresses and sending the spam (with headers) to those addresses, so that reports aren't only going to notes.

    amazon abuse desk seem to me to be in on the spammer
    Go to the bogus unsubscribe and you will be asked to put email address in there put those that are amazon connected.
    If gmail report them as "phishing" as I do. Gmail get enough phishing reports they will block amazon domains entirely, hopefully put them out of business


  4. 1 hour ago, emanmb said:

    the tracking URL.  Why would I do that?  Can you run me thru the process?

    BEFORE you submit spam, after you parse at top of page there always is
    SpamCop v 5.0.0 © 2019 Cisco Systems, Inc. All rights reserved.
    Here is your TRACKING URL - it may be saved for future reference:


    I don't get much spam so this is a few days old. click the link and you can see it.

  5. 13 hours ago, emanmb said:

    That's what's so odd is this one was not the challenge email but a purchase confirmation with an order # .  The first one that arrived was asking for verification.

    "They" seem to have your name, which is a worry.
    Make sure you are running a virus/malware program like windows defender
    Often it's one of your contacts that don't do this, meaning  your information is stolen from them
    Learn how to copy and past a "Tracking URL", Found top of page BEFORE you submit spam.

  6. 2 hours ago, shirayuki said:

    whois returns search-apnic-not-arin#apnic.net@devnull.spamcop.net


    Use whois.apnic.net instead of whois.arin.net as the mail address "search-apnic-not-arin" says.


    Chinese spam abuse address is ipas [AT] cnnic [DOT] cn not that I have ever any success in reporting their abuse
    Usually Webmailer or email server

  7. 7 hours ago, nhraj700 said:

    Looks like you have to have Google G Suite which is intended for Admin's running an email group for Companies, Schools and other groups. About all I can do is block addresses which go to spam folder.

    On another note I have been able to have about a dozen domains suspended, however the spammers quickly react by creating/using other ones.

    I  have a suspicion that Namecheap are behind the SpamCop forum spam flood also
    Namecheap seem to be run by "Igor Efimenko" from the Ukraine 

  8. 1 hour ago, gnarlymarley said:

    I can cut and paste from wordpad almost faster than running a scri_pt anymore these days.  A few months ago, we had some duplicates where the email subject (or the post's title) where one started with "http" and the other started with " http".  So if a bot is posting it, would the bot randomly add a space in the title?  (Either at the beginning or the middle.)

    I think the quickest one I saw a few months ago was between three and four minutes.  If I was going to automate any part of this (via a bot), the sign up portion would be what I would automate.  Most of the providers have imap or pop and the fetchmail command can output the email directly to a scri_pt.  I expect that if I were to do this, the posts would show around the first 10 seconds of every minute.  (It could be they do a randomized sleep, but cron starts at the top of the minute.)

    The log-in IP is not a Bot'; 
    Namecheap runs 1000's of Bot's from their domains, all with different IP's.
    Domain blocklisting is now the most effective way of stopping forum spam.

    latest flood
    https://topwellnessblog.cXm/fungus-eliminator/  abuseXnamecheap.cXm

  9. 1 hour ago, RobiBue said:


    I’m there with Lking. Until these people post their junk, there is not knowing if they are going to spam or not.

    Besides, adding changes to the forum software would only work if the company that designed the system would implement the changes. (As was mentioned in my thread by Lking)

    Well were referring to Forum spam
    I believe domains can be blocked from Forums by IP maybe domain (more effective) 
    The villains running Namecheap seem to be Ukrainian of origin
    The IP's to block if domain cannot be, are range or " -"
    But beyond my pay-grade
    Thought phpBB could block domains using a Wildcard?

  10. 46 minutes ago, Lking said:

    blocking login to the forum?

    That's it.
    The solution is here I think
    Latest forum flood
    https://www.myfitnesspharm.cXm/total-life-maxx/  Cloudflare


  11. 9 minutes ago, Lking said:

    No I do not see a why to adjust ReCapure  As for a block of IP that would be a philological change above my pay grade.

    In that light looking back at logs for the month of August, if we are going to blocks of IPs then we should block gmail and outlook. Which of course we can't.

    Domain namecheap IMO need blocking, if not your pay grade whose?
    You get the IP of the post, the only IP's I get are from the URL

  12. 6 hours ago, Lking said:

    FYI While setting up a new phpBB I noticed that if enabled the SpamCop Block list to filter user's IP.  spamhuas is also used.

    The option cautions about "slowdowns" and false positives.  Not sure how admin will know about false positives.

    "janicemcneill1" pushing fake drugs soon after?
    Can you increase ReCapture to 0.9 I believe is maximum?
    But then this may not be a direct SpamBot?
    Seems to be blackhat "namecheap" spam which operate spambots from their domains
    Can you block Namecheap domains? or " -"

  13. 3 hours ago, th_th said:


    Recently I noticed that some reports cannot be confirmed, e.g.



    These links produce a "Gateway Timeout" message for me.

    Thanks for your advices.

    parsing is working? Check text not word-wrapped, spam size (truncate) etc

    Truncate large spam like I did here  SpamCop sometimes hangs on big spam just truncate after/below headers

  14. 3 minutes ago, Lking said:

    Well not working the way we expect.  (Surely did not block/slow down any spammers this morning!)

    On the other hand when I checked earlier, I checked the box and got a series of 4 or 5 'find the traffic lights, car, bicycles'   Now it checks the box for me. So I tried changing my IP (moved VPN from Texas to Chicago).  Still didn't ask.  Cookies maybe?? It did seem to take a second to say I was OK - could be slow network or system was reading a cookie

    At any rate, It is not significantly blocking spammers.  If my anecdotal test is true, a human gets passed the first one, and the bot can do the rest.

    My bank has three fields, two need different passwords?
    Maybe a solution, I read though you believe they are manually entered not by Bot?