Jump to content

petzl

Memberp
  • Content Count

    2,445
  • Joined

  • Last visited

Posts posted by petzl


  1. 11 hours ago, tcit said:

    I don't use Windows. I investigated a bit the JS code and there's an issue with the way the headers are generated for the AJAX calls that fetches the captcha picture.

     try to register in "Safe mode"?
    Know nothing about Apple computers but others report their virus program/other software/even spyware interfering with Captcha


  2. On 2/21/2020 at 4:11 AM, guido.mazzone said:

    I have the same problem, with both Chrome and Firefox, I also tried with two different IP addresses, so I'm almost sure it's not a problem caused by my computer or connection.

    For Windows pays to download free version of Ccleaner   
    Be warned it may need extra program to be unchecked (tries to load other software), no need to update (it is nag-ware) but your choice.
    It will clean out all cookies, but you can select "options" to save needed cookies


  3. 1 hour ago, denby said:

    I've noticed alot of my spam reports are going to abuse[AT]google[DOT]com.   Here is one from a few minutes ago

    you need to BEFORE submitting spam report to look at page top to get a tracking URL
    Here is your TRACKING URL - it may be saved for future reference:
    https://www.spamcop.net/sc?id=z6618049412z30e4d714e651653bd291e90d56526533z


    Makes things clear as to whats happening and who is getting reports,


  4. 1 hour ago, lbickley said:

    Any ideas on how to deal with this (other than asking every mail ISP one uses to bypass spamrl for all one's email)?

    Become assimilated get a Gmail account, Free but you are the product 
    Best email system for clearing spam, not heard of false positives is Cisco spam filter.
    You need a email provider that uses a Cisco email server.
    You just don't get spam and there is nothing to do. You don't see it.
    A company I worked for uses them, no problems no spam, brilliant
     


  5. 3 hours ago, DiverDoc said:

    RE: 167.89.80.93 (Administrator etc ...)

    To:abuse#sendgrid.com@devnull.spamcop.net

    Can one of you such bright people please advise me what this means and how I should proceed with future instances of spam from this sender?

     

    A few providers  do not accept SpamCop reports
    They only accept reports from the email account that received them!


  6. 6 hours ago, gnarlymarley said:

    There were a number of administrators that copied the spamcop blacklist settings but changed only the dns part to point to their own blacklist and they left the text as blaming spamcop.

    Yes if the IP shows as ever being blocked by SpamCop  it would lose it's GOOD TALOS reputation
    EMAIL REPUTATION Good
    Not uncommon for SpamCops blocklist to be falsely blamed
    However this IP has a malware infection, But never been reported by SpamCop
    195.225.38.17  abuse[at]gazprombank [dot]r u.
    https://www.abuseat.org/lookup.cgi?ip=195.225.38.17


  7. 10 hours ago, sergei_msk said:

    Hi,

    Thanks all for answers!

    There aren't mail in abuse[at]gazprombank[dot]ru.

    This (attached file) message received our users from recipient.

    SpamCop blocklist can be activated by a large number of emails hitting "SpamCop's spamtraps" .

    These email addresses are not public but can be scraped by "bots" from poisoned Web-sites.
     
    Records of such attacks are not recorded will be blocked for 24 hours from last spam.

    Two reasons for this is someone is not using a Virus scanner and a computer/device has been compromised
    or best practice for marketing is not being done "double opt-in confirmation"
    Minimum is
    https://en.wikipedia.org/wiki/Opt-in_email#Best_practice
    How easy is it to be put on a/your mail list? 
    Your competitors may well try to sabotage your mail list by loading it with poisoned email addresses?


  8. 8 hours ago, HasJuggled7 said:

    I probably should have posted something about Spamazon in the July/August timeframe after a mistake I made when preparing to send a report. I fat fingered the mouse and an empty message went to Spamazon (ec2-abuse@amazon.com). The bane of my existence at that time was Parsec Cloud (and still is - keep reading - I get *very* little spam from any other sources) as at times I was receiving their garbage every other hour on weekends (all weekend).  I received the standard response as an initial response almost immediately after I accidentally clicked [send]:
     

    I always forward my Amazon spam to abuse [AT] amazon [DOT] com which now has stopped from amazon 
    spammer has moved to India
    https://www.spamcop.net/sc?id=z6614613333z33924b4aa692bdb379203b970853f7efz
    Creep is using a number of Indian IP's but same fingerprint as Amazon spam
    "contact[AT]gyaneshwarcomputer[DOT]com"  "abuse[AT]alphainfonet[DOT]com"  "admin[AT]mukeshtech[DOT]com"
     


  9. 4 hours ago, Steve said:

    The "Show Original" option and then "Copy to clipboard" and then I paste into the submission field in SC and submit. Those emails are the only one I have problems with. All other emails go through fine.

    That's all I do with mine
    Seems though when spammer sends though gmail to gmail becomes a intranet SpamCop cannot parse
    Just report as phishing and gmail will deal with it
    Reported a while ago
    https://www.spamcop.net/sc?id=z6613089010zeca3f141148e65c17956cc77885b5331z


  10. 1 hour ago, Steve said:

    How do I correct that?

    Here is the tracking URL for said spam:

    https://www.spamcop.net/sc?id=z6612810826ze91817a6e8de425dff5c5f477fd46726z

    This seems posted from within Gmail to Gmail which means it is intranet spam,
    there is also no body in spam, Seems the headers are incomplete also.
    With full headers and no body, just under headers, hit enter twice and write "No body in spam" for SpamCop to work.
    Just mark it in Gmail as phishing


  11. 4 hours ago, Gingko said:

    I could eventually forward all of them to their respective senders, but does it worth the attempt?

    Would like some IP numbers a few track urls

    But if SpamCop is not working in stopping spam you need to do this yourself

    Just pick say five spams or more to report, All probably from same spammer

    This should give results on all 158 spams
    Learn which is the IP YOUR  email server receives email from then the IP that sent it. 
    Just report that IP by forwarding from your email
    The best defense is attack!


  12. 12 hours ago, Gingko said:

    I don't understand.

    Where should I forward this if it is not to Spamcop?
    I hope you are not telling me to forward directly to the spammer or to some hosting service related to it?

    Gingko

    SpamCop cannot report these spams, but it does tell you the IP address from whence they came.
    Also the URL in body of message
    With SpamCop, a "BOT", one sometimes need to step in to do spam reports more effectively.
    By showing you where I would of sent them, were just letting you see example


  13. 3 hours ago, Gingko said:

    For the quoted headers above, the tracking URL is https://www.spamcop.net/sc?id=z6611133626z038eafa006f7aed4232b8a0c6617a97az

    You need to forward from your email account with this preamble at top of report
    http://173.240.15.12
    Name:   lebis.disians.com
    IP:        173.240.15.12
    Domain:    disians.com\
    Registrar Abuse Contact Email:  mailto:abuse[AT]web.com

    EMAIL IP 173.240.15.12   abuse[AT]bigboxhost.com SpamCop has this wrong

    http://b.link/E-Leclerc-fr 
    IP  18.208.23.249  abuse[AT]amazonaws.com

    Then paste headers and text body as you did for SpamCop


  14. 3 hours ago, Gingko said:

    Ahem… Of course, yes, but…
    What are you calling “A tracking URL”, and how could it be useful, especially in this case?

    When some email server or Botnet starts spewing spam, occasionally they are taken offline. but when started up again it finishes the out of date spew!
    When you parse spam at top of page before you submit there is a tracking URL posting this, one can look up IP's to see when spam was happening and when it stopped and if it restarts
    For instance 35.182.184.76 couple of sites I use to check, was a Botnet, but it now seems a malware scan was done and has fixed it.
    https://talosintelligence.com/reputation_center/lookup?search=35.182.184.76
    https://www.abuseat.org/lookup.cgi?ip=35.182.184.76


  15. 2 hours ago, gnarlymarley said:

    Interesting that my amazon spam has nearly all stopped after I had submitted ten reports in a four day period.

    Nearly all stopped for me also after forwarding their spam back at them with a nerdy note!
    That said I still get the odd multiple spam splurge at once all from different IP's 
    Something wrong with their security. Possibly one of their home connected WiFi gadgets?


  16. 22 hours ago, HeatherReid43 said:

    any idea how do take care of this and stop the spam source ?

    You need to report to abuse[AT]amazonaws[DOT]com from Gmails WebPage

    Click "Show original" on your gmail WebMail page.
    you will see the IP that sent it to Gmail
    SPF:    PASS with IP 52.54.105.63 Learn more
    Forward it to AmazonAWS paste the IP above the text you paste into forwarded message.

    I paste this above headers and body text
     

    Criminal phishing, bogus reply address, bogus unsubscribe (NEVER subscribed), DDoS 
    Banned all Amazon and subsidiaries purchases because of inept AWS abuse responses to AmazonAWS DDoS multiple IP email attacks 
    
    It looks to me Amazon should block port 25 to prevent viruses and spam tools managing to connect directly from infected machines through your NAT? All those who have access to your network need to scan for malware. If detected change password
    
    injection  
    52.54.105.63  abuseXamazonawsXcom


     

×