Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by waugh

  1. Spamcop Webmail Down -- Can't Get In Via the Web
  2. It has been several minutes since I sent test mail to myself, but it's not showing up in my inbox on webmail.spamcop.net. The last spam I received is from 1 3/4 hr. ago.
  3. DavidT, thanks for pointing out the Twitter address.
  4. I use sneakemail.com in front. I might try making sneakemail direct the likely spam to spamcop.net, and the mail that comes on non-spam addresses elsewhere (e. g. Yahoo or Google). But my immediate problem is I tried to register an online account with a firm with which I already have a relationship, and their web software doesn't provide a way to resend the confirmation e-mail.
  5. When I go to my "Past Reports" tab, it shows no reports, even though I made some recently via webmail. The reporting account I'm logged into has the same credentials as my webmail account. Jack Waugh
  6. waugh

    [Resolved] Reports not found

    By "webmail", I meant Spamcop webmail. Now when I go to both of the links given by petzl, it shows my reports that I made after discovering the problem. When I discovered the problem, when I logged in, the page I reached right after login told me that there had been bounces from my mail address (which is Spamcop webmail). I pressed the button that indicates that the problem is "resolved". So maybe the Spamcop reporting interface drops all reports that come from a bouncing e-mail address. So, anyway, it looks as though whatever the problem was, it is resolved now. I can see the reports that come from my reporting now. Thanks for the help. Jack Waugh
  7. If anyone reading this has the time and inclination to decode an obfuscated JS program, you can "curl" it from http://upqwtqkzt.www1.biz/main.php (referenced in spam) (if it hasn't already been taken down or changed). It shouldn't be that hard to substitute for the E V A L something that will display the embedded code, if you know java scri_pt and the DOM. [edit] live link removed
  8. I did another partial de-obfuscation of another malware delivery vector. The result is still quite obfuscated and amounts to 15022 characters of JS. I don't know of any place to post my partial result for in case anyone wants to take it further.
  9. These are just remarks in passing; I'm not asking for solutions. Today I received a spam to an address of mine that I have published continuously all over the web for the last at least 13 to maybe 15 years, and it reminded me how infrequently that happens. By far most of the spams I receive (maybe 20 or 25 a day) come on addresses that I gave to corporations when signing up for their services. An intermediate number (a few a month) come to an address that I used (stupidly) as my name on Wikipedia. All the latter are in Chinese.
  10. waugh

    spam Count by Leak Path of Address

    I, too, am struck by how much our reports differ. Some of the entities such that my address with them has somehow leaked are: - Ameritrade - Zecco Trading - Smartgroups (defunct web service) - ContrarianPicks (not surprising; an obvious scam in the first place) - Return Path (not surprising) - StuffIt (software for Microsoft O/S) - this forum None of the addresses produces any hits in Google search.
  11. Had to unfriend TPB chums to get unblocked. http://www.theregister.co.uk/2011/10/13/du...cuses_spamhaus/
  12. Well, I think that if anyone wanted to submit it to said rating sites (which I won't take the time to do; sorry), they'd be standing on firm ground. I have not the slightest doubt that it is malware of some kind.
  13. waugh

    [Resolved] Marry him or else

    Even better, install Linux.
  14. The webmail tool has a filtering system that can classify e-mail based on a number of constraints that can be set by the customer. The customer can combine constraints using some Boolean expressions (albeit limited in depth). For messages that meet these constraints, the customer can choose "move to folder . . .", for example, as one of the possible actions for the system to apply to those messages. This is already very useful. This is to suggest the addition of another action option beside "move to folder . . .", namely, "report as spam". If I had this feature, I could cause certain spams to be reported with much less delay than currently happens because all reporting from my account has to be mediated manually by me. I would still take responsibility for the accuracy of the reports. I know that traffic coming on certain addresses is all spam. In the case of each of these addresses, the spammers got it and I retired it from legitimate use. In each case, it was a disposable e-mail address given to a commercial firm and I have since given the firm (via their web site) a new address via which to reach me, and I have verified that they are using the new address. So I know that anything coming on the old one is spam. Thank you for considering my suggestion.
  15. Despite all the limitations I asserted (correctly or not) above about switching to using a virtual folder for highlighting spam, I now do exactly that. I don't have the redirection to "Held Mail" turned on. Everything comes to my inbox. I still have filters that send to Trash anything flagged from the Spamcop blacklist or having above a certain SpamAssassin score. These leave in my inbox the messages I really want to report. So I go to my "spam" virtual folder, which exposes just the messages in my Inbox that came on the addresses that only spammers use. I report those messages as spam quite fast and regularly. Once that virtual folder looks empty, I can go to my Inbox and see my real mail almost free of spam. A "Thank you" to the person who first brought up here the idea of using a virtual folder for highlighting spam to report.
  16. Yum, pork shoulder. OK, thanks. There's a great scene in the movie _The Prizewinner of Defiance, Ohio_, a move I highly recommend. The wife and children are eating caviar from a spree through a store that the wife won in some jingle contest (it's set in the 1950's). The husband just wants to eat Hormel pam brand canned pork shoulder.
  17. Continuing the side conversation about virtual folders vs. "filters" -- In a "filter", you can include a predicate that observes any arbitrary mail header you choose. That lets me filter on spam Assassin ratings. Virtual folders cannot do the same.
  18. When I only use the virtual folders, they don't disappear. I have seen them disappear when I attempted to add new ones. I cannot reproduce this behavior; the occurrence of it was spurious. But it happened enough that I won't invest much effort into building them for antispam purposes. Also, the system doesn't provide a way to transfer information between the virtual folders and the "filters" (of course, both are filters). So, if I have invested effort in "filters", if I wanted to use "virtual folders" with the same predicates, I'd have to re-enter the predicates (leaf and branch) by hand. So that places before me a barrier to switching techniques.
  19. I have seen the system forget virtual folders, not very long ago.
  20. I, too, felt surprise when I first noticed this trend by the spammers. It would seem to work against their purposes. Pretty soon I added some filter terms so that mail sent to me "from" some of my public addresses would go into the folder I use for reviewing very probable spam before reporting it. I also filter into this folder on terms in the subject line, such as "rod", "instrument", "little friend", "virility", "manhood", "stick", "watch", "timepiece", and "we will call you back". Also, on addresses of mine that no longer have a legitimate use. I put the union of all that in that folder. A quick look through the subjects or in a few cases a tag in the "from" part (from Sneakemail) indicating which address of mine the spammer reached me through, catches any false positives from this filtering. Which brings up another interesting evolution in spamming practice. A while back, the subject lines of spam used to be just about all noise. Now they have gone back to laying out in the subject what they are trying to sell. This makes it easier for us, so I don't know why they changed course in that direction.
  21. petzl, I wasn't arguing a point, just remarking about how typical it is for me to get spam that I would like to report automatically. Thank you for reporting how well greylisting works for you. I will turn greylisting on for more of my addresses.
  22. Message Filter activity: The message "Get an upgrade of Adobe Creative Suite right now for only $179,95." from ""[censored] |former Ameritrade|" <[censored]t[at]sneakemail.com>" has been moved to the folder "INBOX.Trash". Message Filter activity: The message "FW: Global job vacancy-apply now" from ""[censored]-at-sneakemail.com |former Ameritrade|" <[censored]t[at]sneakemail.com>" has been moved to the folder "INBOX.Held Mail". Message Filter activity: The message "FW: Global job vacancy-apply now" from ""[censored]-at-sneakemail.com |former Ameritrade|" <[censored]t[at]sneakemail.com>" has been moved to the folder "INBOX.Held Mail". The above greeted me immediately when I returned to my mailbox after having posted my message here of a couple of minutes ago. The message that went to my trash did so because it came from source that is already blacklisted, and that's how I set up my filters. The ones that went to my held mail are about to be reported as spam by me. They came on my former Ameritrade address, and from sources not currently on the Spamcop blacklist.
  23. OK, I eventually looked up "honeypot" and "spamtrap" on Wikipedia. I am a client of TD Ameritrade, a stock broker. The address I originally registered with them started to receive spam some time ago, all of which specifically had to do with investment scams. I think at least half the spam I receive today that is not filtered via the blacklist, comes on my original address for Ameritrade. I never published that address nor gave it to anyone else (this time I'm sure). I eventually registered a new address with Ameritrade. The new address has never received any spam. I received a notice (by paper mail!) that Ameritrade had been sued in class action, and lost, for having leaked many of their clients' addresses to the spam industry. So, now I know an address that cannot be used for any legitimate purpose. Anything that arrives on it is spam for sure. Evidently it is good to report spam, and the faster the better. However, I have to intervene manually for every case of receiving spam on that address, before the spam can be reported on my behalf via Spamcop. But I suppose the basic lesson of this thread is that if Spamcop offered an easy way for clients who have not studied these matters carefully to set up automatic reporting of any class of mail as spam, the fear is that in too many instances clients would accidentally cause the reporting of legitimate mail as spam. And of course that would run counter to our common purpose of defeating the purposes of the spammers. Let me take this opportunity to thank Spamcop and all the volunteers who help them for their dilligence in working to wipe out the social ill that spamming is.
  24. Thanks for that reference; it helps me understand under what conditions Spamcop's experts believe that automatic reporting is worthwhile.