Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by gnarlymarley

  1. gnarlymarley

    No data found--Spamcop do not see header

    Was intermittent for me and maybe was prod-sc-app007. It is working for me now and all my old links that were broken are fixed. You may need to note down if this was a different server than app007 and get the deputies to put in a trouble ticket.
  2. gnarlymarley

    spamcop report spam

    It was only a handful of spammers that tried to figure out who I was. They kept sending similar emails to my hotmail at the time while changing the To: header and a number at the bottom of the body. Been a while since I have seen their attempt to detect me. Awesome!
  3. gnarlymarley

    spamcop report spam

    The spammers will try to change headers or unique identifiers to try to figure out who is reporting. Hopefully they get shutdown first instead. About two decades ago, I was seeing it jump from 5 to around 70 seconds. At that time there were factors such as DB speed and webservers and it would try to detect high loads and put in a higher time. The amount of reports would change that wait number. The spamgraph might be good for you to check out to see if that is still happening with the number of reports and the wait time. https://www.spamcop.net/spamgraph.shtml?spamstats
  4. gnarlymarley


    spammers like to make their stuff look legitimate. I believe gmail has fallen to the spammers level. If they are paid enough, they will probably continue to have the domain unblocked.
  5. I wonder if this has something to do with mailhosts. It almost seems the parser might be dying on this line: Received: from singlehosti.com (singlehosti.com. Does it change if you remove only that one line?
  6. gnarlymarley

    Can I copy reports to my ISP

    When you add fuel to your account, there is a third party report option that shows up on each report that you can add your ISP's email. I am not sure I would use it as your ISP would probably just turn off the reports such as noted with sendgrid in this forum post.
  7. gnarlymarley


    Also, the (Notes) portion is a link to some text boxes further down on the page where you can add some information to the particular report that goes out. The group text box for is up by the "Send Reports" button, and the individual text boxes are below.
  8. That edit button could also be based on either time signed up or amount of posts. I have the edit button for some posts of mine in this forum going back to before June 8th. I suspect a forum admin might be able to do it if you no longer have edit access when you are logged in.
  9. gnarlymarley

    Reporting addresses bouncing?

    This is in part why I have to check my whois for my domain every few months to make sure it is correct. I am not sure if they have the same requirement for the whois for IP addresses.
  10. gnarlymarley

    Sendgrid reports dev'nulled?

    Might be good to have this as a new feature since most of these reports are not going any where any way.
  11. I am excited for the time when the whois portion gets fixed and properly redirects on its own.
  12. gnarlymarley

    forum spam handling

    This is in part why I try to put a note for the reports going to legitimate hosters such as "You might want to work with your customer to clean up their compromised system."
  13. gnarlymarley

    obscure address in coded content

    I guess I have a scri_pt to do this for me before the spam gets submitted for reporting. Probably a good idea to have.
  14. gnarlymarley

    504 Gateway Timeout

    Interesting. I still see the same thing too with both of your links, but all mine work fine. If you have not had any luck figuring this out, I would suggest to contact the deputies: https://www.spamcop.net/fom-serve/cache/12.html
  15. I have had much thought on this, and I no longer trust much of the addresses that are called abuse or postmaster anymore. I figure that as long as my address is munged in the report and I give out the minimal headers in the report (meaning the spam gets pulled from my border server and reported), they I am not sure it matters as they already have that information from when they connected to my email server. I myself have not seen any repeat spam to be reported to vvsg180@gmail.com, so it very well could be legit.
  16. Yep, the admins are trying to resolve that issue by curbing some spam that seems to be affecting gmail's rules. This thread appears to be related to:
  17. gnarlymarley

    Report Ends With "Parsing Header:"

    I see a dot at the beginning of the domain at right after the "by".
  18. It has been a long time since I got spam at my abuse address. With mine being an alias, I still like the ability to know what address the email was sent to. It sure would be nice if the whois cache could be sync'ed and be more accurate.
  19. gnarlymarley

    Sendgrid reports dev'nulled?

    Yes. Also, if I remember correctly, some ISPs were not happy about the munged reports and turned it off because of that.
  20. gnarlymarley

    forum spam handling

    I can cut and paste from wordpad almost faster than running a scri_pt anymore these days. A few months ago, we had some duplicates where the email subject (or the post's title) where one started with "http" and the other started with " http". So if a bot is posting it, would the bot randomly add a space in the title? (Either at the beginning or the middle.) I think the quickest one I saw a few months ago was between three and four minutes. If I was going to automate any part of this (via a bot), the sign up portion would be what I would automate. Most of the providers have imap or pop and the fetchmail command can output the email directly to a scri_pt. I expect that if I were to do this, the posts would show around the first 10 seconds of every minute. (It could be they do a randomized sleep, but cron starts at the top of the minute.)
  21. gnarlymarley

    forum spam handling

    Nope, the capcha is not working. I think it was only about two months ago that Richard increased the capcha challenge level. Due to the typos and spaces, I don't think this is done by computer. I think it is done by one or two humans. If it is humans and you try to stop them with a capcha, you will also stop legitimate forum users. But then they have already developed AI on computers that can read any capcha more accurately than humans, so maybe it is a computer. The "typos" as I call them appear to be when copying from a microsoft product where a space is sometimes added at the beginning or end.
  22. gnarlymarley

    forum spam handling

    Maybe better yet is to have all posts that have a URL, but it is not a spamcop URL (forum or tracking URL) all go to be moderated if it is supported.
  23. gnarlymarley

    forum spam handling

    Does the forum support keyword filtering redirection for moderation? (Meaning that if someone posts with something URL that contains supplement or keto, the post will not be seen until a moderator approves it?)
  24. Interesting that the cached whois says it is from the mirror and the format of it is slightly different. Also interesting that APNIC and RIPE seem to have abandoned the separate abuse handle in favor of the following line: % Abuse contact for ' -' is 'nayon.isn@bangla.net.bd' If I recall correctly, everyone used to use something similar to the following: OrgAbuseEmail: abuse@example.com
  25. The link still forwards. Apparently, the link is a search where it clicks the "I feel lucky button" and forwards directly to the first returned google search result. The "I feel lucky" button as being part of the URL: btnI=bQm4