Jump to content

Sven Golly

  • Content Count

  • Joined

  • Last visited

Everything posted by Sven Golly

  1. It seems I have been seeing more SpamCop reports going to devnull lately. For example, I am getting spam via salesforce.com and those ALL go to devnull. Is this because salesforce.com is not acting? Do they have a behind the scenes deal with CISCO (SpamCop)? Salesforce does have a working abuse@salesforce.com address so it can't be lack of that. Any thoughts?
  2. Sven Golly

    More and more DEVNULL reports

    I have a friend who's fairly well respected within Salesforce.com. I shot him a sample of the emails (consistently from The Economist who refuses to honor opt-out requests). I can block them easily but When I have extra time, I prefer to work on the root of the problem.
  3. Sven Golly

    Eonix.net helping spammers?

    Eonix, Layerhost and it's related businesses have been the third biggest sources of spam on my hosted domains. #1 with a bullet is Google. #2 is AWS. Reporting to AWS is next to useless. I noted from another post that Google has stopped accepting SpamCop reports. I'll have to see if that's the case on my end.
  4. Agreed. Egregious and embarrassing failure.
  5. I am getting this error message when the message being reported is in fact dated today 12/4 and first appeared on my server today. See: SpamCop.net for report.
  6. Sven Golly

    "Hotmail" spam reporting stopped?

    Wouldn't you be better off just using the Hotmail spam flagging feature? It reports, blocks and is probably a more direct and successful route than going through SpamCop.
  7. Sven Golly


    WARNING: NECRO POST REVIVAL Just when you thought it was safe to go in the water, the ServerHub spam support machine has cranked back up again. I continue to report them via SpamCop (some are such bad spam that the reports get flagged as outgoing spam by my mail provider). They continue to auto-reply with BS that makes it sound like they are doing something. But they aren't. Example: SpamCop.net
  8. Sven Golly


    Not sure why SpamCop doesn't just DevNull everything going to [at]serverhub.com. Nothing over the last month has even remotely slowed down the amount of spam I get through them. http://www.spamcop.net/sc?id=z5885335158z1...b926158ec7d300z
  9. Somehow, this particular type of spam seems to confound Spamcop. I get a mailhost configuration problem when reporting via email. Reconfiguring my mailhosts does nothing to improve this. This spam seems pretty sophisticated in that it shows up with full pictures on my phone yet looks like weird text in Outlook preview (images disabled). The source IP appears to be: which goes back to a Russian provider. https://www.spamcop.net/sc?id=z6640595520za6b456852b82bb903ea1937266b051bbz
  10. Sven Golly

    Russian spam can't be reported

    For some reason, I could not change my mailhosts to accommodate my provider. A SpamCop admin gave me an exemption which worked for a bit but now I'm faced with a new problem. Again, I think it's probably due to the number of different servers our webhost uses. "Mailhost configuration problem, identified internal IP as source" yet reading the headers, it seems to come from outlook.com (aka Microsoft / hotmail /365)/) I noticed that they frogged my domain (geldner.com). https://www.spamcop.net/sc?id=z6643253727zd5ae1bdabed33c527117d9381682d770z
  11. I use three mail services. Gmail, Roadrunner and my self-hosted accounts for our domain, geldner.com, at Stablehost. Effectively now, none of them are allowing email submissions to my submit @ spamcop address. They either get dumped without response (Roadrunner) or not sent due to spam content at Gmail and Stablehost. Gmail was getting through but now they've tightened things up. Stablehost says they have no good way of whitelisting spamcop for outbound mail. This will effectively end my Spamcop reporting unless I can find a solution. No I am NOT going to cut & paste spam emails. I MIGHT be able to host a mail exchanger on my home computer (Spectrum cable internet) with Dynamic DNS but I'm not sure how that would work. Any suggestions before I pull the plug on reporting?
  12. You'll note I've already tried reporting via Gmail and they are blocking perceived spam content (which is what a SpamCop report often looks like). My problem is not that my email accounts don't work for regular mail, they're fine. It's just that I can't use any of them now for reporting spam to SpamCop.
  13. SpamCop can't seem to deal with this. I never get a submit button. https://www.spamcop.net/sc?id=z6420840587ze41077f5166b70661ec211ec6da5db51z
  14. Sven Golly

    Report doesn't complete - can't submit

    Parser still not working. Alibaba originated spam doesn't parse. https://www.spamcop.net/sc?id=z6436471089z9ccd10bfd074e56c63131211326597ccz
  15. Sven Golly

    Report doesn't complete - can't submit

    Is it because the spammers have figured out a way to foul up the Spamcop parser deliberately? Since about 1 in 5 of my reports are hitting this parsing failure, I am increasingly disinclined to report spam. It would be good to know if Cisco / Spamcop intend to fix it or if this is whole project is simply on life support.
  16. SPAMCOP report results I have tried both manually processing this email AND as an emailed submission via my account. SpamCop chokes on both.
  17. I just switched hosting providers which means that all the mail configs need to be updated. However, the test message from SpamCop is not being received. I've checked the logs and don't see any record of an incoming from Spamcop. Maybe this feature is borked?
  18. Done. I'll report back if they say anything.
  19. All it would take is the first. My guess is that Spamcop reconfigs don't happen very often since Spamcop itself seems to be fading away. I mean look at the forum traffic here. The last message prior to mine was maybe 2 months ago? (Not that Spamcop makes it easy to find the forums.) I just tried again and still no email from the mailhost setup. I get spam report reply mails from Spamcop (which of course complain that my mailhost is not properly configured, duh).
  20. Sven Golly


    Interesting logic I guess. But they still never make it onto the SCBL. They are good at the snowshoe tapdance.
  21. Sven Golly


    Has it accomplished anything other than make it "look like" an ISP might be doing something?
  22. Sven Golly


    And here's a relatively rare serverhub.com spam that links to a site HOSTED by serverhub. Usually the links go elsewhere. http://www.spamcop.net/sc?id=z5888647343zf...2e24c8e93d1b92z
  23. Sven Golly


    Thanks for the info on getting the tracking link. I had never noticed the "Parse" link at the top. The FAQ is kind of arcane in many ways. I have dealt with whoever is behind the serverhub spam in the past since I recognize the writing / subject line style and what they usually promote. The spammer is active for anywhere from 1 month to as long as a year, eventually gets shut down, then starts all over again from a new spam-friendly ISP. Serverhub is going on 3 months now I think.
  24. Sven Golly


    Yeah I didn't save the tracking URLs for those -- so I just went to Recent Reports to snag what I could. Would be nice if SC presented the tracking URL in Recent Reports. Anyway here are two of today's serverhub.com spams by tracking URL. http://www.spamcop.net/sc?id=z5888418267z5...1b97b6d3fc9bbbz http://www.spamcop.net/sc?id=z5888418191z6...11bde60310273bz These spams are just goofy with weird keywords. I don't know if they are to get past spam filters or if they are a form of reverse tracking. Report the spam and they know you did because they see what was reported and can track it back to the reporter / recipient. All serverhub.com spam gets copied to spam[at]uce.gov and knujon.
  25. Sven Golly


    Well it would seem to me that because serverhub has setup a special abuse address just for Spamcop (spamcop[at]serverhub.com) and since they allow this spammer to continue (we get about 10 - 20 per day on one address alone), the special spamcop address is simply being ignored. So assuming there's a special arrangement for between SC and Serverhub to support that address, why does SC continue to do so? All it looks like to me is a way for them to monitor how much spam they can crank out before running afoul of the SCBL. Am I missing something? These are all sample Serverhub spams reported to SC. I don't report every single one I get. http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851586 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851514 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851673 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851511 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851508 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129851507 http://www.spamcop.net/mcgi?action=gettrac...rtid=6129632531 <- Black Lotus + Serverhub http://www.spamcop.net/mcgi?action=gettrac...rtid=6129632544 <- Black Lotus + Serverhub