Jump to content


  • Content Count

  • Joined

  • Last visited

Posts posted by lisati

  1. What I'm seeing with th

    On 1/15/2019 at 5:20 PM, ANGEL said:


    • And, anyone who's game:P may be able to answer:

    if the answer's "yes"; why parsing the entire source data would result in different [Reports sent to] distributions?


    as opposed to parsing modified source data  [Reports sent to] distributions


    Thanks in advance!

    What I'm seeing is that the modification(s) still seem to be necessary.

  2. 22 hours ago, Art101 said:

    Good news today: The mail host for my "real" address lets me block entire domains. Google does not. I blocked all incoming mail with anything that includes @hetzner.co.za ... clearly an evil or compromised rogue domain. That won't completely stop the Gmail garbage, but it's a start.

    My ISP/primary email provider has a similar option available, which can be useful. One thing to watch, however, is that sometimes there are limits to how many domains that are blocked.

  3. On 12/26/2018 at 8:10 PM, petzl said:

    Well they have the password and name is correct but last millennium one and were on adsl always used vrus scanner

    Thr information seem to of been scammed from SpamCop early days probably from junked computers

    One or two of the dodgy emails I've had seem to have their origins the days before my provider moved away from Yahoo, who had had a couple of data breaches. The password was correct but an old one. I'd already seen evidence that something was a bit "off"  and had changed my password as a precaution, prior to receiving claims that my account had been hacked. More recent efforts I've seen in my inbox have been of a slightly different character, and would probably warrant a separate thread.

    I'd suggest, at the very minimum, a change of password a.s.a.p. for people who get one of these "your account has been hacked" emails, or any other evidence that something's not quite right.

  4. I've had some similar emails, all of which have been reported. The flow to my email account(s) seems to have dried up for now. As Lking has observed, the visible "From:" address is easily forged, it is a notoriously unreliable clue to the true source of the unwanted email. All the unwanted emails of this type that I have received trace back to somewhere other than my provider. One thing of note, from my perspective, is that the email address for which I have received the most doesn't actually have an associated mailbox to be hacked, the email address exists as a simple redirect in a server.

  5. On 12/8/2018 at 11:56 PM, CaLy said:

    Today i received a new one (telling about webcam, wich i dont have) ... so :P

    Tracking URL : https://www.spamcop.net/sc?id=z6505315873z0b3bb21ccb863cdadb680fb4f1c7c68az

    That's a fairly typical example of some I've received, mostly for one particular email address which, because it's little more than a redirect on a server, doesn't actually have an associated mailbox.

  6. On 11/30/2018 at 11:29 PM, klappa said:

    Editing it how? Changing it Receive line to X-Received? For Gmail i just delete the Receive line and Spamcop can parse it otherwise it can't.

    Instead of forwarding the spam as an attachment to "my" reporting adddres, I use the "view source" option of whichever email client, copy it to the submission form on the reporting page, and change the "Received" to "X-Received" before  clicking "submit"

  7. Most of the spam I receive at my hotmail/outlook accounts gets flagged for reporting to report_spam@..... as well.

    There are a couple of options. If you've done the "add fuel to your account" thing you might want to consider looking for the abuse address for the apparent sending server/device, and adding that as a user defined report.

  8. Jumping in relatively late into this discussion, I've had Google block my attempts to submit reports from time to time too. My ISP does it as well. One  workaround I use is to send the reports and submissions from an email account that I'm paying a little extra money for that lets me whitelist recipients. It's not perfect, but I have seen a significant improvement.

  9. Short answer: you do the best you can with the information at your disposal.

    It is possible to develop a sense of which  parts of the information in any given email will be the most useful in figuring out where to send your complaints. Sadly, it's sometimes necessary to stop short of using what would seem intuitive, e.g. doing a deep scan of ALL the received header, flicking off a grumpy response to the alleged sender, etc.

  10. Apologies for the delay in replying.

    As helpful as the "X-Originating-IP" address can be in gathering clues to an email's apparent source, they can be forged.

    What some providers do is an analysis of the content of the email, sometimes the headers only, sometimes the complete email.  Depending on the results of the analysis, the options open to the provider  include (1) rejecting the email outright (works best when done BEFORE the complete email has been accepted for delivery), (2) flag the email as spam (possibly by altering the subject), (3) flicking the mail into a spam or Junk folder, or  (4) accept the email unchallenged.

    Be extremely wary of solutions based on some kind of challenge-response system. Because the sender address can easily be forged, it's very easy to annoy innocent third parties

  11. @Bernhard:

    I'm not sure why your server is blocking based on the mailspike "rep" (reputation) list. I had a look at their web page, and get the impression that it's not a general purpose list suitable for blocking everything from a listed IP address.

    Mailspike's "bl" and "z" lists seem better suited to blocking/rejecting unwanted incoming emails.

  12. What? Did I blink and miss something by not visiting this forum for a few days?

    Anyway, it must be time to consider a hot cuppa in anticipation of a speedy recovery......