Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by lisati

  1. lisati

    spam Count by Leak Path of Address

    Lately a lot of the spam I have been receiving has been directed to an email address I used to create a mailing list on Yahoo Groups. One or two that weren't blocked by my server and that I've taken the time to look at (duly reported)have been sent to a yahoo email address, with a Reply-to for a bogus address at my server.
  2. I saw a very similar report, possibly about the same organizations, a few months back. All I can say is this: D'oh!
  3. lisati

    spam Count by Leak Path of Address

    I once deliberately poisoned one of my web pages with several thousand bogus email addresses. Big mistake: every now and again I see evidence that the list was harvested. It's a nuisance because my server and its connection aren't particularly well endowed with horsepower. Thankfully setting up the means to detect and block spam runs using this list wasn't too difficult, and the server which tries to deliver the spam has its mail queue clogged for quite some time.
  4. lisati

    I can't seem to report half of my spam !

    What I usually do when reporting mail I've received via hotmail is to move my junk folder to my inbox, download them to my laptop using my regular email client, then forward the rubbish as attachments.
  5. I got fed up with "free" email accounts a year or two back and in the interests of regaining control of my inbox I ended up setting up my own email server at home. I still have some way to go to get the settings right for blocking and filtering purposes, but it is immensely satisfying to have the amount of spam I report drop down to near zero. Consulting the SCBL and digesting the wisdom embodied in this forum have been a useful part of the process of checking incoming mail.
  6. For me, the value of reporting has two parts: 1. It helps me with the sending of complaints to the right people. 2. Although on its own, one report might not have much impact on a SCBL listing, it can provide information pertinent to a potential listing: let's get the <insert epithet>!
  7. That's a new one on me. It reminds me of a practical joke I played on someone via snailmail many years ago: it was a fake "Permit to be Ill" application, made to look like an official government form. Had him fooled for a while.
  8. lisati

    It must be spring again

    I've received (and reported) a handful of similar emails: the "surprise" has long worn off.
  9. lisati

    How Do I Auto-Delete Viagra Spam?

    A loud "AGREED", which goes for similar "features" on other software that use alleged address of the sender stored in the headers. Until someone comes up with a way of reliably assessing the trustworthiness of said headers without potentially causing problems for innocent bystanders, it's safer to assume that it's a clue that's never suitable for firing off bounces, nastygrams and other such responses.
  10. lisati

    Yahoo DNS abuse

    That's exactly the sort of thing that prompted me to set up my own email server in preference to using the free Yahoo accounts I used to use. I am one of the many who have had cause to be grumpy with the way Yahoo deals with reports of problems, and could do a rant at this point but will skip it in the interests of not hijacking this thread any more than I have. Good luck.
  11. lisati

    Hat Check

    I'm not a lawyer, but AFAIK, this is bordering on illegal under privacy laws where I live.
  12. Death to the hackers?????? I'm not sure about that: I frequent forums where the word "hackers" sometimes refers to the good guys, and where those that the media refers to "hackers" are sometimes referred to "crackers" in preference to some colourful name that probably shouldn't be repeated here.
  13. True! I recently had a response from Yahoo in connection with an incident that didn't involve discarded attachments but still left me scratching my head and wondering how what I'm assuming was their autoresponder could come up with the particular reply I received. A politely worded response from me to the effect that it didn't make sense elicited the standard Yahoo response about "we have taken appropriate action."
  14. I've had replies like that, followed some time later by responses from confused Yahoo support people. I'm sure many of us could wax lyrical about what seems to be incompetence [at] Yahoo's abuse desk.
  15. lisati

    My Joke for today

    I notice that there are multiple "Reply-to:" headers in the offending email as well. I have no idea what good that would do, if any.
  16. I've even had an incoming spam with a forged "Reply-to:" addresses using my own domain. I suspect that it could be a variant of the spam technique that utilizes backscatter to get the spam through, but I only recall noticing one such email.
  17. I'd also be wary of using the "bounce" feature found in MW and some other software: it's too easy to be labelled as a backscatterer.
  18. lisati

    Yahoo spam

    Which is why I noted that using the envelope sender information isn't infallible. As far as I know, no one item that's available in the message headers and commonly used for detecting spam is completely trustworthy, not even the Received: lines. We are left having to make choices about what weight to place on each clue available that potentially helps us identify the true origin of an unwanted email and where (if anywhere) to send our reports and nastygrams. There are many opportunities for mistakes and differences of opinion.
  19. lisati

    Yahoo spam

    Short answer: email forwarding, which can be set through a webmail option. Someone sends their rubbish to my yahoo email address, and Yahoo duly forwards it to an address at my own server. It's a waste of Yahoo's bandwidth (and mine) even if it arrives at Yahoo's servers from somewhere other than Yahoo. As far as my server is concerned, it's arriving from Yahoo. As an aside, I've had my moments when I've wanted spamcop to report based on the "From" and "Reply to" address, but have since learned that the "envelope sender" that's seen by servers is usually a more reliable but not completely infallible guide to the true sender. Figuring out what use (if any) to make of "From:" and "Reply-to:" headers is hindered by the fact that these can be easily forged: from a perspective of designing spam filters, it's often easier to leave them well alone.
  20. lisati

    Apparently I'm spamming myself

    Agreed that the information is plain wrong. I checked with a number of dnsbl lookup tools and couldn't find any listings.
  21. lisati

    Yahoo spam

    My experience has been that in spite of Yahoo's stated spam policy - http://docs.yahoo.com/info/guidelines/spam.html - they don't seem to care about spam that passes through their servers. I've even had replies to abuse reports stating something to the effect that because it didn't originate with their servers, they won't do anything. This is largely why I set up my own email server, rejecting what I can during the SMTP dialog, then reporting via Spamcop whatever manages to slip through. The filtering I have in place is a work in progress...... I find it mildly strange, because spam is a waste of everybody's bandwidth.
  22. lisati

    BL philosophy

    Ah, the on-going balancing act between zapping the bad guys with a fancy weapon and protecting the innocent bystanders.
  23. The first link took me to an article which stated that the person making the report was mistaken.
  24. Hmmmmmm..I stumbled on this thread while contemplating some issues with Yahoo and how best to deal with them. The auto response cited earlier in this thread is just one example of what I've received trying to bring stuff to Yahoo's attention, as well as the "It didn't originate in our servers" and similar excuses, together with the listings [at] rfc-ignorant. Frustrating as it can be at times, it's a relief to know that I'm not alone.
  25. Agreed. I was having trouble with emails from some of my contacts being blocked due to DNSBL listings that had no obvious connection with the sender, and ended up whitelisting those specific senders.