Jump to content

gnarlymarley

Memberp
  • Content Count

    523
  • Joined

  • Last visited

Posts posted by gnarlymarley


  1. 7 hours ago, pusser_uk said:

    Reporting to abuse@microsoft.com or report_spam@hotmail.com, where it originates, seems obviously not to work but just to multiply the amount of spam that returns.

    My dot-xyz spam has lasted a few months and now it has dropped.  It could be list washing.  Probably more like petzl said it could be working and the administrators turning off the sites.  It is interesting that for me, yesterday the links changed to dot-im.

    6 hours ago, petzl said:

    I suspect your reports are working (tried a link and came up dead) Appears you are/maybe being spammed by a "hosting site" 

     


  2. 3 hours ago, Tau said:

    Here are all the URls with the websites SC wants to report. I'm a noob in html and many other things related to internet, but it seems to me that these URl's structure is strange: they ALL include another website into them, and a subdomain related to image hosting, but they are not tagged with html code related to images, thus identified by SC parsing process.

    For a quick crash course, everything between the "://" and the first "/" is the domain.  The part immediately after the first "/" is there to make you think it is someone else's domain in order to add confusion.  So as below, example,com is the what will get reported, even though they are trying to get you to think this is a valid image site.

    https :// example,com /i.pinimg,com/

    2 hours ago, Lking said:

    One of the disadvantages of a well indexed internet content is that the bots/spiders that craw the internet for content do not read the content quite the same way you, a human does.

    This is what Lking means when he sayd bots.  As the bots add a separate domain name after the first "/" in the URL of where they stole the image/content from.


  3. On 2/8/2021 at 10:55 AM, Tau said:

    These urls have pinimg.com in them (except the first one that has pynimg, which obviously is a typo), and this is a Pinterest alias, there URL are fake images links, and these domains are not involved with the spam, so yes it seems irrelevant that SC proposes to report to the hosts admins.
     I suppose that SC proposes to report them because in html view, they appear to be clickable (it's only one digit in the body), I think I understand that now.  

    As an administrator of my own server, I want to know when a link is being abused.  If I can tell it is not spam, I may chose to ignore that report.  This is why even though my items are not spam, I still want the reports.  I get to make the final decision whether I take down the items, not SpamCop.


  4. On 2/12/2021 at 7:17 PM, RobiBue said:

    I don't know if @Richard W or @Lking or another forum admin could figure out where your "nothing to do" problem lies... several years ago Don D'Minion (3rd message in following thread: 

    I wonder, if you kept up the page that gave you a "nothing to do" and reloaded it later if it would work for you.  It seems strange that the page would just start working.

    On 2/12/2021 at 7:17 PM, RobiBue said:

    added a yahoo host to the account, but from what I understand, you have no mailhosts in your account (neither have I FWIW) so the problem must lie elsewhere...

    Last time I looked at someone else's tracking URL, it used their mailhosts setup, not mine.


  5. Due to link tracking (where spammers note if you click a link), SpamCop does not follow links.  It only looks up the hostname and reports the link to the administrator.  As for the missing content, it is possible that someone else had the same link, reported it, and the administrator probably already removed it.


  6. I think I found it.

    Received: from beactive.it (5.149.249.179) by xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com id pDAvY7enim86 for <x>; Tue, 09 Feb 2021 01:00:58 +0100 (envelope-from <return@nvse2fv2dfx.work>

    The hostname appears to be too long on the above line.

    C:\>dig any xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com
    dig: 'xHRZDMoSZQtTgIAffdczjrWWwatOgPNzFmircaawrvITFdBVQxutRnEWUepKPlOSwGJOqJfGFYyixSZjQnQWiQxqdPmvWeFgxrYmbRuJHWQgniKgFaMzPNMarqJOpuDIqmBFzSYld.mail.protection.outlook.com' is not a legal name (label too long)
    
    C:\>

     


  7. 2 hours ago, Tau said:

    It seems that the URLs with these domains are invalid, with the format:  https://punita=
     henna.com/i.pinymg.com/150x150/3d/2c/86/xxxxxxxxxxxxxxx 

    The "=" at the end of the line is a RFC email standard.  It, in combination with the new line, are not displayed in the actual body of the email.  This is why the domain looks invalid in the raw format, but is valid in the when viewing.

    2 hours ago, Tau said:

    I try to check by myself before sending a report, so I didn't report them, as it seems that this is an error and it would be a false report.

    Am I right? And if so, I there a way for SC to improve the parsing and avoid there fake links?
    For a previous spam, I was also proposed to report Facebook, and it was obviously wrong...

    If the link was included in a spam email, why would it be a false report?  Some people want to know when someone else abuse their links in spam.  Links are not put into the blocking list, only the source IP of the spam is put there.

     


  8. 11 minutes ago, Rasmus167 said:

    You blocked an entire ISP with all there 10 k customers. None of my customers receives email, not even in spam. We send important communication to our customers who don't have access to this information now. You FUC*ED us and our customers. 

    A reminder that this is a user to user forum.  If you don't hear anything from SpamCop staff, you may want to contact them at deputies[at]admin[dot]spamcop[dot]net.


  9. 2 hours ago, gmacar said:

    The captcha is broken and should be fixed. Thank you.

    I agree with your statement, but this issue seems to happening with different browsers.  From this other post, they tried a different browser.  If you could verify that the java scri_pt issue is also the problem, then maybe that can narrow it down.

    http://forum.spamcop.net/topic/29780-captcha-problem-on-registering/


  10. Hmmm, seems there is a problem with the blocking list.  I dropped a note to deputies[at]admin[dot]spamcop[dot]net and I hope it goes through.

    C:\>dig 444.333.222.111.bl.spamcop.net any
    
    ; <<>> DiG 9.7.3 <<>> 444.333.222.111.bl.spamcop.net any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37143
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;444.333.222.111.bl.spamcop.net.        IN      ANY
    
    ;; ANSWER SECTION:
    444.333.222.111.bl.spamcop.net. 1493 IN A       91.195.240.87
    
    ;; Query time: 27 msec
    ;; SERVER: 192.168.16.1#53(192.168.16.1)
    ;; WHEN: Sun Jan 31 08:53:18 2021
    ;; MSG SIZE  rcvd: 64
    
    
    C:\>

    SpamCop always has returned an IP in the localhost range.  My fear is something may have been cached for a period of time and I hope this doesn't take a few days to resolve.

×