Jump to content

lisati

Memberp
  • Content Count

    475
  • Joined

  • Last visited

Posts posted by lisati


  1. What constitutes a "bounce" in this context isn't always apparent to a volunteer such as myself. It could be anything, such as  a dead email address, a full inbox or auto replies that have, for some reason, been counted as a bounce.

    As for why the reporting address didn't update, it's likely that whoever is responsible for updating reporting addresses in the database(s) Spamcop consults hasn't made any changes for a while.


  2. On 8/10/2019 at 5:34 PM, petzl said:

    https://www.spamcop.net/sc?id=z6564775200zb0e68f15592a9b6948787f714e4ec177z
    The SpamCop tracking URL shows the Gmail abuse address is probably bogus (Bitbin)
    the IP of URL is a botnet
    https://www.abuseat.org/lookup.cgi?ip=92.63.192.124
    Front for child porn phishing spam operator.
    Send report to response[AT]cert-gib[DOT]ru no working abuse address.

    
    Child porn spammer 
    pictures under 18 or made to look under 18
    NO PROOF OF AGE available! 
    SENT TO MINORS
    
    
    
    >

     

    What I'm seeing at the tracking link is typical of mail I receive at an Outlook email account, where the top-most (most recent) Received header trips things up so that reports go to report_spam[at]hotmail.com - I usually delete or comment out the header in such situations, which is normally sufficient to get the report(s) sent to a more appropriate address.


  3. Sounds a bit like  "backscatter" where a provider has the "wrong" email address to use when sending out a bounce or other form of non-delivery report. Some see it as spam, some don't. Unfortunately there's often no easy  and reliable way for a provider to determine from the email headers if the return address is legit without the risk of annoying and/or inconveniencing innocent bystanders.


  4. Thanks for that. I haven't sent reports to the spam[at]uce.gov address for a couple of years, after my provider seemed to be having trouble delivering to them. Their explanation was that it was a DNS issue, and persisted with that explanation even when confronted with evidence that it wasn't.


  5. For some reason, I saw a "report spam now" button when looking at the report linked to by tracking link. Be that as it may......

    There are a variety of reasons that Spamcop will not send reports directly to a provider. Perhaps the admins want to keep an eye on spam reports for that particular provider, or perhaps it needs some kind of special handling. I've noticed with reporting emails that appear to arrive via Yahoo, for example, sometimes the reports go to "internal spamcop processing" (or similar) and sometimes they go to an abuse address.

     


  6. I recall being mildly surprised recently to see some reference to Oath when reporting a spam, I was half expecting it to go to the usual Yahoo reporting address. o

    I don't have a link to hand but think I saw something a few months back  about Yahoo now being part of Oath.


  7. 26 minutes ago, MIG said:

    Which one is correct (iyo), can't be both?

     

     

    I can confirm #2: Whenever I report stuff that appears to have originated in my provider's system, usually webmail, I often get a "nothing to do" or "no IP address" type of message. (I haven't had one for a while, I don't get them that often.)

    As for #1, I can't remember.

    It's always a good idea to make sure that you have mailhosts set up for ALL the email addresses that receive spam that you are likely to report, AND keep them update them if something in the way your provider processes email changes.


  8. i

    21 hours ago, MIG said:

    Hey db17

    All good, sorry nothing so far has helped, I think Robibue & Petzl have nailed it... That's why they're MASTERS & I'm a lowly grasshopper

    I have 2 SC accounts, 1 paid, 1 unpaid,  just parsed a spam / tested again, [User Notification] appears with the paid account, not the unpaid. 

    What's that saying? "we get what we pay for"....

    CieLeVie!

    Please do keep posting Tracking URLs (when available) for us to pitch in.

    Cheers!

     

    That was my thought when checking new replies to this thread.

    I, too, see the "user notification" option when I've added fuel, and it disappears when my "fuel" runs out.


  9. As I understand it, Spamcop's primary focus is to maintain a blocking/blacklist of sources of spam. Any reports that get sent out and are actually actioned by provider are a bonus. Even if the reports get dev-null'ed, Spamcop can still.  use the spam you report to help provide data for its blocking list.

    There are other ways of tracking down a suitable reporting address. I rarely bother manually sending reports to providers,  but occasionally visit sites such as multirbl.valli.org and mxtoolbox that can assist in provide information that is of some help. Other volunteers at this forum might be able to jump in and suggest approaches that more directly address what you are asking.


  10. 3 hours ago, MisterBill said:

    and the second line is a link to http://131. 107.193.85joanny.info.boyman.space/205/3-2-2019-clickersin (space added after the first dot to  break the link)

     

    It might not mean much but even if there wasn't the added space, my minimal parsing skills want to add a forward slash after what looks like an IPv4 address.

    Time for me to wander off and enjoy my freshly made coffee.

×