Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Max

  • Rank
  1. Max

    Suggestion for New Option

    New suggestions (I hope...!) : on the reporting page, section "Make sure this mail IS spam :" when the "subject" is iso-8859 encoded (more and more often), I think it would be more useful to show the clear text instead of "(=?ISO-8859-1?b?V29ybGRzIGZhc3Rlc3Qgc2hpcH...)" (maybe in another colour to show that "something has been done") when the first line of the body is "This is a multi-part message in MIME format...", this phrase also is not very informative, either more of the body should be shown (>10 lines instead of 3) or the first lines of "real text" should be shown (again in colour if you want) Thanks in advance. and [just to conform to the new standard] : PS : Sorry, Julian, but me too I'll work during easter vacation...!
  2. Max

    Is filing reports worth it?

    You should ask Miss Betsy to fix the [ q u o t e ] tag in her message, first of the list you refer to...
  3. Простите меня ! - Sorry for this typo ("on the" vs. "by"). In fact I already understood your method ("new spam" by the web, and the rest by e-mail, reporting somewhen in the future) But thanks for the explanation of "false negatives". (I really did not understand this.) Concerning your "greeting"... You are right, let's turn back to some serious occupation... МИР...
  4. I'm sorry, professional reasons don't allow me to put my hompage URL on pages of this forum. In fact, timezone -5 is wrong, should be -4 (no summer time)... I'm a fairly international guy. Vous pouvez m'écrire en français, je n'aurai aucun problème à vous comprendre. Sie können mir auch auf deutsch schreiben, ich hoffe auch in diesem Fall fehlerfrei antworten zu können. I can't figure out how to switch to cyrillic alphabet or to Hiragana or Kanji alphabet, and I don't like isolatin-transcriptions, so I don't try russian or japanese... (if you insist : watakshi wa doitsu jin desu!) But let's stick to English, seems to be a kind of policy in this forum. for example: Pour "false negatives on the web", oui. (Portugese won't help me much, I fear...) I'm sorry, did not want to be offensive, maybe I'm just too tired to understand the complex structure of your phrase... But this little incident made me discover your interesting hompage... Спасибо... и До свидания !
  5. similar questions are very often asked... to get an answer, you must say *exactly* what you do. Not just "i forward the mail to ..." but (e.g.) I use Outlook Express. I click on the spam message, and then I click on "Forward message", then a window opens with the included message, and I put "submit...." into the "To:" line => in this case it is normal it won't work. second example : I use Netscape. I select the spam message, click on "Forward". the composition window opens, but as I chose in my preferences "Forward messages as attachment", I do NOT see the included message. I select the "To" field, type "su", select the completion "submit....." and click on "Send" then I type "me" into the "URL" field of a navigator window, select the completion "member.spamcop...", click on "Report Now"... => in this case it WILL work. Or let's put it like this : first question : do you forward as attachment ? or, if you use copy-paste into the SpamCop form, can you see the "Received:" lines at the very beginning ? These "received:" lines are the essential information. They are lost as well when forwarding "as quotation", as when doing copy-paste of the usually displayed message (with only From:, To:, Date:, and the message body.). In that case, spamcop won't and can't do much (except maybe tracing URLs - but I doubt it will.)
  6. I have some doubt that mis-configuring a mail server can make it "break the chain" as you say [i.e. making it discard the firstmost 'Received' line, if I understand well...] (well, Microsoft might add such an option and call this a feature...) PS : (concerning former messages) I agree that *quick* spam reporting and blocking is important, the aim being to save internet and personal resources... but one should keep this aim in mind, and why not derogate to the automated procedure if this would be helpful? (e.g. when bounces and complaints of (very) many users create more network traffic than (one or a few but exceptional) spams...?)
  7. I understood "Yum, this spam is fresh" and "Report Now" - for the rest, I miss some essential elements of grammar (verbs?) ... This said, I wanted to suggest that in addition to the "Yum", one could be informed about whether or not the spam corresponds to a *new* IP number not yet on the BL and/or what IP's are(would be) added as consequence of the current report. PS: and, to elucidate the timezone juggling problem, a more quantitive answer in addition to the "Yum" would be nice (e.g., add " (5 hrs 23 min)" after the "...fresh"). Thanks for your attention !
  8. Max

    Avoiding LOGIN page?

    How come that there are still people using IE ?! Never tried out Mozilla and/or Netscape ? (I can't imagine that it's because you insist on automatically reporting to Microsoft all you do on your computer? Or you still hope to discover a flight simulator or racing game or flipper in IE, as you know forExcel and MSWord ? (see http://www.eeggs.com/items/8240.html and related ) - give up, all you can hope for is some funny text in IE...)
  9. Hey, why not just say "thanks" to SpamCop Ellen for unblocking a site whose "guiltyness" seems rather uncertain ? I thinks it'a a good idea to maintain usefullness and acceptance of SpamCop blacklists by being rather tolerant w.r.t. IP's of "honest" sites, even if a few "bad" elements have discredited these servers be sending some "real" spams. E.g. the network people of my instituion refuse use of blacklist because they say their mission is to assure delivery of 100% of all non spam e-mails. (I agree that that's maybe not a good choice w.r.t. overall productivity...) So it would be better for me if there was a very reduced blacklist of 100% certified "evil" IP numbers, rather that an almost complete and minutewise updated list of IP numbers from which somwhen some spam has been sent (or maybe only reported by error by some unconscious Spamcop user). PS: [added later] The following message of "yourbuddy" explains maybe better what I want to say: http://forum.spamcop.net/forums/index.php?...findpost&p=3149 And as a loyal Spamcop member, I would like to see it staying popular...
  10. Things that seem trivial for advanced users may not be it for some "newbies"; maybe one shoud recall : the essential information for spamcop is in the "header" of the mail, which does not mean (only) the usually displayed fields like "From : xxx ; Date : xxx ; To: xxx" (there are more or less irrelevant), but mainly the usually hidden lines "Received: from xxx by yyy" These lines are the main information used by spamcop. (and even there, only the IP numbers, not the names, are relevant) Now, these lines are (almost) never put when you "forward" a message as a quotation, especially the "forward" function of Horde (the versions I know) does not do it. And, AFAIK, the "redirect" function of Horde is not good either : spamcop won't complain, but I think that the original headers are replaced by new headers corresponding to your "redirection" message (at least one Horde server on which I just checked it out), so in fact you risk to blacklist yourself !! (maybe spamcop is intelligent enough not to do this... did you already use the "Report Now" function ? I suppose when you got no error message, spamcop simply ignored your message because there were 0 spams *attached*) Moral : you really have to *forward as attachment* (which works fine with Mozilla e.g.) or, use the copy-paste way through the web based submission form (then also, make sure that the "Received: ..." lines are present). (And, as mentioned, you can always check if a given way of forwarding would be good, in sending it to yourself and checking if you can see in the received message the original "Received: from.... by ..." lines.)
  11. Max

    Computer Cops Blacklisted

    Using netscape/mozilla (and most probably even these ill-designed micro$oft products I would never dare to launch (*) ), you can *and should* check the option "Do not load images in mail and Newsgroup messages" (in Mozilla: Preferences->Security->Images) Then you can look without any risk at the message (it won't use any of the links contained) and if you trust it, you can load the image individually. (*) note that IE as installed by default also tries to connect to microsoft each time you open it ! Moral (mine, at least) : if you really do need to use M$-Windows because of hardware that does not work on linux, then at least use Netscape for web & mail, OpenOffice for text & spreadsheets, and in general all possible replacements to the M$ analogons, for which the viruses are designed (and which, by the way, are designed to saturate your harddisk and CPU resources to make you buy bigger machines - by hiding flight simulators and flippers in word processing and spreadsheet programs, for example !!! -- this is plain truth, as you can check it yourself by hitting the well known key combinations!)
  12. Max

    No notifications

    I confirm (don't know yet if lost or delayed) : mails sent at 8:30 this morning still can't be reported at 12:30 (my local time) - not event directly on the website ! :-( ! If sending the acknowledgements makes your server too busy, drop (or delay) this ; but give priority to the possibility of finalising reports via the "Welcome..." page ! (Hey, I would have had several "Yum"s this morning ! - and I *needed* them so much ! You spoiled my day ! ;-) There is no more sense in my life, now !)
  13. Max


    Giving your e-mail addresses here in plain text will not decrease the spam you'll receive at these 2 addresses.... When posting on a forum, you should at least write "... dot ... at ..." Even the forum at spamcop.net is freely available to all webcrawlers & similar robots... Apart from that, a partial reply to your "why ?" could be: (I permit myself, as you describe yourself as "not very technical...") not the e-mail address of your daughter, but the IP number of this domain is blocked for reasons of spamming - in fact, the IP address ("number" of the computer) of the sending server is the only thing one can know for sure when receiving a mail - the username, e-mail of the sender and all else (written "name" of the sending computer...) can be quite easily be falsified and are therefore not relevent for the "spam blocking filters".
  14. Max

    Submitting Spam

    I have a suggestion fitting the subject "reporting.... and then ??" so I post it here rather that opening a new(?) subject : I use the "forwarding multiple messages at once as attachments" technique to report spam, but find 2 or 3 inconveniences to do so, that could rather easily be avoided: 1. most annoying and most easy to "fix" : after clicking on "Report Now" and sending the report for a message, I come to the page "report sent to ...., report sent to ...." There is no useful link thereafter, and clicking the "back" button would re-post the spam report, so I have to search the "Welcome regstered user" page in the "history" (= back twice, in fact), click again on "report now", etc. It would be SO nice, if this famous "Report Now" link (corresponding to the NEXT message) would just re-appear after the "sent report" confirmation page. 2. usually, my ("destination") e-mail address is nicely blanked out ( <x> ) in the header for the spam report. But sometimes, (randomly for me), e.g. my fist name remains (say, like " To: Firstname <x>") and this completely removes all privacy (searching my firstname at my domain gives a unique result with all my private information on personal pages in addition) So, the algorithm of detection and elimination of my proper name should be improved, also for the header and body of the message : of course the spammers get it because my email address (professional one) is of the form "Firstname.Lastname[at]..." - so I suggest that the whole message should be parsed (case insensitive) for the words before the "[at]" sign in the destination address, and all matches be eliminated (e.g., replaced by "X"). Also, when I copy-paste the message into the form on the Welcome page, my Name and/or e-mail address remain (sometimes(?)) in the report : is the copy-pasted message not treated in the same way than the forwarded one ? Well, that's all I wanted to say (I packed multiple things into the "2"...) apart from this, I find this service great and hope you'll get enough support to continue the fight more and more effectively... (Do you also consider making available your database to institutions like police etc... of USA and/or other countries (china !?) who try to investigate into this dark buisiness ?)
  15. Max

    china number 1 ?

    Well, according to the number of people living in China, it should be normal that most e-mails come from there... but more seriously, the fact that the e-mail comes from a .cn address does not really mean that it originates from China, in the sense of being composed in that country! the reason seems that the .cn toplevel domain managers are rather permissive (they want to make money) so they let you get (and host for you) a domain name with least requirements... and a web page on a server with the PHP command 'email()' enabled is sufficient to send spam from that address, wherever you are in the world... (while the "professionals" will use more sophisticated techniques...)