Jump to content

gnarlymarley

Memberp
  • Posts

    835
  • Joined

  • Last visited

2 Followers

Contact Methods

  • AIM
    gn02020202
  • Yahoo
    gnarlymarley

Profile Information

  • Gender
    Male
  • Location
    utah, USA
  • Interests
    reporting spam

Recent Profile Visitors

5,414 profile views

gnarlymarley's Achievements

Advanced Member

Advanced Member (3/6)

0

Reputation

  1. anyone8, as per Lking mentioned some of these domains are flaky. What I do is to keep the tracking URL and then go back to it a few minutes later to see if SpamCop would pick up the IP. Sometimes waiting and refreshing works for flaky domains.
  2. @Brendon, could this be what you might be talking about? ;; ANSWER SECTION: spamcop.net. 251 IN NS ns1-11.akam.net. spamcop.net. 251 IN NS ns1-90.akam.net. spamcop.net. 251 IN NS ns1-109.akam.net. spamcop.net. 251 IN NS ns1-73.akam.net. spamcop.net. 251 IN NS use1.akam.net. spamcop.net. 251 IN NS asia3.akam.net. spamcop.net. 251 IN NS ns1-93.akam.net. spamcop.net. 251 IN NS ns1-117.akam.net. $ dig vmx.spamcop.net @use1.akam.net ; <<>> DiG 9.18.20 <<>> vmx.spamcop.net @use1.akam.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43587 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;vmx.spamcop.net. IN A ;; ANSWER SECTION: vmx.spamcop.net. 300 IN A 184.94.240.112 ;; Query time: 18 msec ;; SERVER: 72.246.46.64#53(use1.akam.net) (UDP) ;; WHEN: Sat Mar 09 07:06:23 MST 2024 ;; MSG SIZE rcvd: 60 $
  3. One possible alternate to the SpamCop blocking list could be SpamAssassin. You can tie weights to SpamCop such that it would take more than one Blocking list to block spam. You can also whitelist email addresses or make rules that override the SpamCop blocking list. if certain keywords show up in that email.
  4. I changed from using RBLs to using SpamAssassin. Now using SpamAssassin for me, I can do "and/or" rules where just because something might be on the SpamCop blocking list, it is not blocked unless it is also on another RBL as well. (And I can add a weight percentage to each RBL.)
  5. I get that mailhosts forgery message if my ISP changes or I try to submit an email for an address not on my mailhosts. You might need to resend the mailhosts email setup without deleting the mailhosts entry to have the mailhost entry refreshed.
  6. Are you using a shared IP? https://www.spamcop.net/w3m?action=checkblock&ip=40.107.94.90 Looking at the blocking list entry, it looks like someone maybe reporting emails as spam to SpamCop. Some things to note, you might want to check that your email list is using double opt-in or else anyone can add an email address. You might also need to check routers and cameras have not been hacked.
  7. Most of my recent reports have a "Cache/Refresh" link I can click to have it update from the whois listing.
  8. You know you are irritating a spammer if they are trying to retaliate. The only real way to make a spammer think your account is dead is to reject the email at the border server. You might be able to accomplish this by "blocking" the user and sending it to the spam folder, but most of the spammers will just try a different address to get past your filters. Since Gmail and Microsoft don't let me control the border server, I setup my own email server and use SpamAssassin to filter out the spammers. A few fine tuned rules and it blocks the spammer. In watching the rejections, I noticed that some spammers retry more often when it rejects.
  9. A few notes to add to Lking;s post. You might want to check that your IP cameras and routers are secure. You might also be sharing an IP with someone who is sending email that is causing it to show up on multiple blocking lists.
  10. You do have to click each link in the mail for every spam. I believe SpamCop did this so that you would double check that the message is actually spam (because we don't want to accidentally report good messages). Now if the email address was never used for legitimate email, then I believe you might be able to work out using the quick.xxxx8888xxxx8888xxxx@spam.spamcop.net address. (I believe you might have to work with the deputies to have this turned on.)
  11. Wow, they finally got blocked. One thing to note is that Microsoft was warned numerous times before their inaction allowed the IP to show up on the blocklist. I have been getting abuse from their IP with a few messages a day from a .shop address trying to immitate some paypal links.
  12. Could it be an issue with the HTML formatting? I see the first link doesn't have the closing tag. The third link has the tag formatted wrong. The second link has a IMG in the middle. Also, the content boundaries seem a little strange.
  13. I setup my own mail server for this reason years ago. I try to avoid forwarding as an attachment directly through one of the "free email accounts" because they seem to flag them quicker if they are an attachment heading to a spamcop submit address.
  14. fe80:: is the local interface address and is not to be used on the internet. It is used to dynamically acquire an actual IPv6 address. More likely that one of the server's IPv4 address is on the blacklist and resending the email went through a different outbound server. I have heard that a lot of people get spam from outlook.com/onMicrosoft.com. So I wouldn't be surprised if they had a server on the black list. Because of this kind of issues with the random blocks, I now lean toward using SpamAssassin instead of just a single blacklist. It takes a combination of various keywords and multiple blacklists in order for me to block inbound email in my server.
  15. So, I believe in the forums that there are two types of Microsoft spams. One is from the IPv6 issue where Microsoft is using millions of addresses internally, but I believe SpamCop mailhosts only remembers fifteen. The other, is where they are actually coming from microsoft as you have listed. I believe the *.onmicrosoft.com might be their cloud setup. For some reason, I seem to have very little spam the past week for some reason. The only suggestion I have (after you are attempted the reporting to them) is to report as many as you can to feed the blocking list.
×
×
  • Create New...