gnarlymarley

My dot-xyz spam has lasted a few months and now it has dropped. It could be list washing. Probably more like petzl said it could be working and the administrators turning off the sites. It is interesting that for me, yesterday the links changed to dot-im.

Perhaps amazon doesn't like the format of SpamCops reports. If you do not hear anything you can the deputies at deputies[at]admin[dot]spamcop[dot]net.

For a quick crash course, everything between the "://" and the first "/" is the domain. The part immediately after the first "/" is there to make you think it is someone else's domain in order to add confusion. So as below, example,com is the what will get reported, even though they are trying to get you to think this is a valid image site. https :// example,com /i.pinimg,com/ This is what Lking means when he sayd bots. As the bots add a separate domain name after the first "/" in the URL of where they stole the image/content from.

✔️

As an administrator of my own server, I want to know when a link is being abused. If I can tell it is not spam, I may chose to ignore that report. This is why even though my items are not spam, I still want the reports. I get to make the final decision whether I take down the items, not SpamCop.

I wonder, if you kept up the page that gave you a "nothing to do" and reloaded it later if it would work for you. It seems strange that the page would just start working. Last time I looked at someone else's tracking URL, it used their mailhosts setup, not mine.

Due to link tracking (where spammers note if you click a link), SpamCop does not follow links. It only looks up the hostname and reports the link to the administrator. As for the missing content, it is possible that someone else had the same link, reported it, and the administrator probably already removed it.

I think I found it. Received: from beactive.it (5.149.249.179) by xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com id pDAvY7enim86 for <x>; Tue, 09 Feb 2021 01:00:58 +0100 (envelope-from <return@nvse2fv2dfx.work> The hostname appears to be too long on the above line. C:\>dig any xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com dig: 'xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com' is not a legal name (label too long) C:\>

Last time I had seen this it was a double period in a hostname, but I have yet to find one in this tracking URL.

The "=" at the end of the line is a RFC email standard. It, in combination with the new line, are not displayed in the actual body of the email. This is why the domain looks invalid in the raw format, but is valid in the when viewing. If the link was included in a spam email, why would it be a false report? Some people want to know when someone else abuse their links in spam. Links are not put into the blocking list, only the source IP of the spam is put there.

I seem to be having problems accessing the forum. Is this just me?

I posted a new feature request for this, so hopefully it gets resolved.

I had run across this captcha code and thought it needed to be submitted as a new requested feature. Apparently a java scri_pt line 18 of https://www.spamcop.net/js/captcha.js has some problems with some browsers where they don't always load the correct captcha. This java scri_pt line appears to need correction. See post below for more information. Evidence of fix:

A reminder that this is a user to user forum. If you don't hear anything from SpamCop staff, you may want to contact them at deputies[at]admin[dot]spamcop[dot]net.

I agree with your statement, but this issue seems to happening with different browsers. From this other post, they tried a different browser. If you could verify that the java scri_pt issue is also the problem, then maybe that can narrow it down. http://forum.spamcop.net/topic/29780-captcha-problem-on-registering/

I don't have an IP or tracking URL so I am not able to duplicate a look up, but my memory remembers that I never got a reply from salesforce spam. It did stop after a while, but maybe they were list washing their single opt-in lists.

One of the biggest issues of this problem is that people might stop relying on one blocking list to stop their spam. People will move to a scoring system that uses more than one blocking list or else stop using black lists.

As a side note, you can use one of the following commands to see if it is listed. dig txt 245.158.60.187.bl.spamcop.net nslookup -type=txt 245.158.60.187.bl.spamcop.net

403 usually indicates an authentication issue. Lets hope it stays working for you.

NS records such as pointing to dns1.name-services.com ? The working NS records should be pointing to such as use1.akam.net.

As a reminder you can visit all your older tracking links and submit them if you haven't already done so.

I currently don't have any problems. Been a while since I have seen this message.

I think my DNS cache is cleared now and it appears to be working. Does it work for you now?

I think my DNS cache is cleared now and it appears to be working. Does it work for you now?

I think my DNS cache is cleared now and it appears to be working. Does it work for you now?