Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by gnarlymarley

  1. gnarlymarley

    Spamvertised site hiding from Spamcop?

    hmmmm, I noticed that the dig returned in 208 milliseconds. I have seen this issue in the past myself and I always thought it maybe one of two things, either something related to the TTL mismatch or they figured out the SpamCop DNS lookup servers and blocked those. Do we know the timeout of the parser? I realize that we need to leave it off this forumn, however, 200 milliseconds seems kinda low to me.
  2. gnarlymarley

    spam.spamcop.net DNS issues?

    No issues located on any of the DNS servers that I can see. spam.spamcop.net is a MX record only and is meant to be used only for email submissions. Maybe you are thinking of http://spamcop.net?
  3. gnarlymarley

    HTTPs for SpamCop sign in

    This is because the certificate was signed for a different host. Firefox shows the following: You may need to to download and accept the certificate if you really want to use the HTTPS. For me, I have not had any issue using HTTP for many years now.
  4. gnarlymarley

    Reporting to SpamCop Not Working

    SpamCop offers two services, reporting anonymously and blacklisting. That is about all they can do. If the CEO is the actual spammer, now they have a good address they can share with their buddies. Anonymous reporting works by hiding your email address. This way, the spammers get put onto the blocklist and the anonymous munged reports hide most stuff sent back to them. As others have mentioned, you will need deep pockets. Most likely, legal means will not stop a spammer as they always have somewhere else to go. The only way is to do this is to block their whole IP range with your own blacklist. They will need to change IP ranges and if you are persistent, they will eventually give up. You would need to unblock their networks once they move on just in case a good person acquires the ip range There is not much you can do to stop the spam completely. However, you can slow them down if you can use the blacklist (http://www.spamcop.net/bl.shtml) and report anonymously. Spammers usually send to multiple email address and if everyone reported the spam that they got, it would shutdown the spammers very quickly through the use of the blacklist. The blacklist does have a timeout, so once the spammer gives up with that IP, it is removed off the list. This helps with a poor soul acquires the IP range later on. The blacklist has more benefits than issues and does help a ton.
  5. gnarlymarley

    some reported spams fall into a black hole

    This sounds like it might be similar to my recent problem. I have a gmail account and they are randomly filtering out messages with a secret filter to the bit bucket. Sometimes they filter out the response and I just need to login to SpamCop, reset my email status, and report via the link there. Sometimes they filter out the forwarding. It is frustrating and the only solution I found was to change providers.
  6. gnarlymarley

    IP not found

    I have wondered this too as SpamCop also has occasional issues looking up DNS in the host parsing side. As near as I could tell in the past, the spammer would have four servers and two of them were bad. In your particular case, I see that one of the dns servers is pointing to an invalid name (ns2.zwig.ru.). Many DNS servers try to look at the other server and see if the name is there. It could be possible that the SpamCop code could be hitting this server error and scrapping the look up as a failed.
  7. gnarlymarley

    'Blank' email / bad headers

    Where do the 'blank' emails come from? It is blank on your email client, or is it blank after you submit it? If you have the headers and are able to submit, then you will have a tracking url (see turetzsr's reply)
  8. I have just tried the normal reporting using the email response and it worked. I did not try the link from the main login page. Might be working from there too now.
  9. gnarlymarley

    Spamcop.net SPF misconfiguration?

    right, I mean [at]spam.spamcop.net does not have SPF record. It does have the valid MX records that are sufficient to get into my mail server.
  10. gnarlymarley

    Spamcop.net SPF misconfiguration?

    my messages usually come from [at]spam.spamcop.net, which has not DNS record. I imagine this should be fixed by now as all is working for me.
  11. gnarlymarley

    forum spammer using my email! pleae help!!!

    If someone else is using your email address, doesn't that mean it was misdirected? According the SpamCop FAQ (http://www.spamcop.net/fom-serve/cache/14.html), a message is reportable if it was not requested (either explicitly or implicitly). This means that unless that this was done through a third party (for which you did sign up), it was unsolicited.
  12. This is just about pointless because the combinations of "s***[at]yahoo.com", where * is a wildcard, would be 42*42*42 or close to 74,000 addresses. Add more character wildcards or the millions of domains and this can explode the list. As previously stated, some of the addresses you add could be forged, but if you end up adding everything on that the wildcard matches, it will get valid addresses. I did that once and unknowingly caused issues with some friends. Blocked senders can be especially dangerous if you have some software that automatically reports those senders.
  13. gnarlymarley

    spam spoofing my Yahoo Mail address

    The server is imap.mail.yahoo.com. Here is the link for the setup: http://www.google.com/url?sa=t&rct=j&a...aWM&cad=rja
  14. gnarlymarley

    spam Redirecting Links

    I wish SpamCop could have made this check, but what if the first URL contains a unique number? SpamCop's check would effectively looks like it clicked the link and tell the spammer that they sent the email to valid addresses. Maybe SpamCop could add a database of URL shortners so it knows which ones to check?
  15. gnarlymarley

    Yahoo! Mail removing links in spam

    Google is now doing this with their gmail accounts, if the message could be untrusted.
  16. gnarlymarley

    [Resolved] 419 spam Header Won't Parse

    Thanks for posting the tracking URLs. Hopefully, we can collect these links to help IPv6 support become a reality.
  17. I have thought much about this with my own current address. The problem with a used email account is that someone out there either knows the address, or has it in their addressbook. Due to this possibility alone, if an account was ever used by a human, it can never be a SpamTrap. In the past, I actually did this and had a misreported buddy get the admin talk. All I can say is ouch! Now "I'm sorry!" just does not work anymore. That said, the only way you can turn over an address to SpamCop is to guarantee that no humans are ever going to send messages there. I myself would refused to manually report email from that account, unless it is guaranteed to be declared humanless. The only person that knows if email at that account could be spam is you.
  18. gnarlymarley

    AmazonLocal reporting

    Now that is odd. That tracking URL does not have the IP they specify on it.
  19. gnarlymarley

    Reporting problems today?

    If you are talking about the email submission, it has always been there on the "report spam" page. The only difference between a "free" user and a "paying" user is the short line above the "Your average reporting time is:" line.
  20. gnarlymarley

    Reporting problems today?

    I believe this is the URL they are talking about: http://forum.spamcop.net/scwik/QuickReporting/
  21. gnarlymarley

    Reporting problems today?

    either/or. I do not have enough spam to tell for sure, but I think my slow ones might be having whois issues with RIPE. This will include both the mail source IP and the link host as the whois portion of the parser works the same on both.
  22. gnarlymarley

    Reporting problems today?

    Could it be divided out that your slow ones were in the RIPE area?
  23. gnarlymarley

    Reporting problems today?

    The sad thing is that the SCBL is not getting populated with new stuff during the downtime. I would think that would hurt ironport more than it would help their own software.
  24. gnarlymarley

    Reporting problems today?

    Yea, Looks like it might be still broke.
  25. gnarlymarley

    Reporting problems today?

    I believe this is somewhat normal as one spam can be sent to more than one email. I believe each of those sent out count separately.