Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Marty

  • Rank

Contact Methods

  • Website URL

Profile Information

  • Location
    London UK and Florida USA
  • Interests
    Delivering wanted email, blocking spam.
  1. Marty

    Grrr: bellnexxia.net SPF ignorant.

    Do I get a star for taking so long to reply to a topic I started? Sorry for the misplaced post Wazoo, and thanks for the guidance. Could we have a "Rants" sub-forum where we can just "let off steam"? Farelf: Thanks for the advice and your input. I'm not really paranoid. Well not enough to seriously believe that a spam-gang had targeted me I'm pretty sure they would be classified as joe-jobs, they were sent with one of my "private spam-trap" from: addresses to who knows how many domains, but only bellnexxia "returned" them to me, hundreds of the little blighters! Many of the sending IP's were already listed at spamcop and spamhaus BL's. Before SPF I used to sometimes get thousands, and from diverse ISP's. As you say, that email address was already being passed around, and it was probably just my turn to be the patsy. All noted about CA not USA, and CAN-spam. Much obliged. Anyhoo, it all passed within a couple of days. Love your sig. btw, highly appropriate to matters of spam, and life in general
  2. [soapbox][rant] Excuse me while I vent a little... GRRRRRRRRRRRRRRRRRRRRRRRRRRR!!!!!!!!!!!!!!!!!!!!!!! (thanks I feel a little better now). This morning I found myself being joe-jobbed http://en.wikipedia.org/wiki/Joe_job This happens from time to time, and it may be as a result of my SpamCop reporting for many years What was unique this time was that all the NDR's (bounces) came from just ONE ISP postmaster department BELLNEXXIA.NET I guess they never noticed that I have an SPF record on the domain indicating just one valid outgoing IP#. I have reported a small sample of the misdirected bounces via SpamCop, with a note, "YOUR spam did NOT originate here - why are YOU therefore spamming ME ?" and later adding, "Please learn about SPF http://www.openspf.org/". Can I sue them or ask the FBI to take action under the otherwise useless CAN-spam Act? Does anyone in the USA still not realise that the spammers scored a major coup with the naming of that act in that "CAN" means "toilet" there, but in most of the rest of the world "CAN" implies "allowed, or permitted"? Which of course CAN-spam does, allows them to spam at will (so long as they "allow" US to opt-OUT). Politics may be taboo here, but I gotta ask, "did anyone concerned with anti-spam actually vote for the moron that signed THAT one into law?". [/rant][/soapbox]
  3. Marty

    Spamcop bugs

    Not defending the Forum Owner/Admin here. (I know that he's thick skinned. I believe that he's seen it all before. He can take care of himself and doesn't need my help ) OP, Wazoo was in a GREAT mood yesterday, and then you showed up! My own view of the available evidence is that OP got busted big time and doesn't like it much. There is a link around here someplace that I can't find right now that deals with "apparent" lack of politeness in posts. I Hope someone can PM me how/where to find it. "just my two (worthless) spam bytes" --- Marty SpamCop user for many years
  4. rconner and wazoo, Yes very much so Wazoo, A Huge Thank You to Rick for an excellent and most informative reply. I believe I've been a reporting member of SpamCop since way before Rick's wiki article was added and must have missed it. I thoroughly recommend it as a "great read" to members new and old... http://forum.spamcop.net/scwik/ReportingSpamWebsites incidentally: they now seem to be using www.aaan.HEALTH-LIFE-CO.com (a=alpha n=numeric) I'm continuing to report, (no, Quixote is not my middle name) but I'm adding a custom note for the probably compromised hosts ISP about their customer's IP being included in a round-robin arrangement. This question/issue is indeed "Resolved" eta: tidy up and stuff
  5. Hi, this is a new one to me... http://www.spamcop.net/sc?id=z3960927722z2...55eef358046eaaz hxxp://www.wk0.tabl-online.com is odd... marty[at]homer-laptop:~$ host www.wk0.tabl-online.com www.wk0.tabl-online.com has address (c-98-219-14-60.hsd1.ga.comcast.net) www.wk0.tabl-online.com has address (c-71-60-91-124.hsd1.pa.comcast.net) www.wk0.tabl-online.com has address (none) www.wk0.tabl-online.com has address (c-68-48-86-68.hsd1.md.comcast.net) www.wk0.tabl-online.com has address (cpe-24-209-24-242.cinci.res.rr.com) Those IP#'s appear to be compromised home addresses. Then Mr(s) spammie tries to regale us with their technical prowess Some of the time those IP#'s serve up a Micro$oft ad for visual studio 2010. But hit VIA the URL ONLY and we end up on his/her male organ enhancement page! Cor, what a palava! My question is, who / how many ISP's do I report to? (The vicar at our local church wants her organ enlarged, perhaps I should send it to her )
  6. I do hope that Don and Steve have been able to amicably resolve this issue. Noting the topic in general and Btech's post in particular. My company is and has been a happy user of FortressITX (FITX) services for many years. Their business structure is typical for a datacenter server provider in that they use resellers ('ISP's) to resell their services on to companies such as ours. We run a double opt-in confirmed list, and like btech we keep the 'evidence' on file. We have never been asked for it, but it is kept. AFAIK there have never been any spamcop reports regarding our operations. By adhering to spamcop best practices, and taking the time to set up feedback loops we have achieved a senderscore.org reputation score of 100 for our dedicated server IP#. I believe that Steve's problem here is that FITX is quite rightly the 'responsible' party for reports to go to, but what should they then do with them? Their 'legal' contract is with their ISP/resellers who 'should' then take appropriate action against the 'end-user' who is renting the server attached to the IP #. Let's not even consider the added complication of resellers who may sell packages on to downstream resellers Btech, it may be that the spammer is using tracking links (which the reporting parser is unable to munge), or simply that the offender is "spam-awareness-challenged" and has yet to learn that what they are doing is a "bad thing". Maybe FITX should simply tell their reseller that reports have been received, without revealing the actual report. Just include enough info for the reseller to identify and investigate / take action against *their* customer? "Just thinking aloud here" HTH
  7. Would that also account for me receiving the following reporting account suspension email about 20 minutes ago (23:41 UTC) or have I done somthing wrong in submitting more than (blank) reports?
  8. Thank You. "fragile" indeed. Kinda sums up a certain North American software vendor's product quality quite succinctly As you noticed (or were already aware), they refuse to accept munged reports, so one must tick the box and accept the warning about sending un-munged. Other than that I can think of no other difference between these and other reports that I submit.
  9. I'm not sure whether to start a new topic, or revive this old one. Here goes... For the past month or more, I am getting the same response to hotmail spamcop reports. The only difference is that they have corrected their from address, it now says microsoft and not micorsoft http://www.spamcop.net/sc?id=z3650488888z1...5d213ede8ddee5z We're using an out of the box spamassassin setup. Any ideas on how to resolve this, other than manual larting, would be appreciated
  10. Marty

    WWI relics

    Hi, I have no connection with things, military other than a Dad who was a tech in the RAF and a brother who was a Lance Corporal in the Army Catering Corps. I do have an interest in things, military though. That mention of Hobart's Funnies brought back memories of some illustrations of same in a book I read many moons ago. Crazy or Inspired Genius? You decide: http://en.wikipedia.org/wiki/Hobart%27s_Funnies