Search the Community
Showing results for tags 'links'.
Found 4 results
Greetings all👋! I hope everyone's well and you've all been behaving!? Would anyone care to cast their 👀s over this bit of scum pleeze? Issue is, apparently "no links found", 'cept, I can find 8 - 4 are enclosed in brackets (), not sure about them, 4 are standard, from my objs, they're the ones that've confuzzed moi, why didn't SC "detect"? Yes Master, I know urls are secondary to source, but, but, but..... https://www.spamcop.net/sc?id=z6563176953zf21fc4b02078997bd0dcfb215b0fa333z VT tells me urls resolve to 220.127.116.11 = email@example.com, source = 18.104.22.168 = singlehop.net Anyone care to share their wisdom please? I remain, a grateful G🦗H🙏
mMerlin posted a topic in SpamCop Reporting HelpI have had a few spams recently (windward casino) that spamcop gave error message: at the end of "Finding links in message body" I did some exploration, and discovered that the problem seems to be the way the spam emails are constructed. They are multipart/alternative, and the alternative header blocks are ending with a line containing a single space. Deleting that space in the body of the content lets spamcop parse the body correctly. --Section.«guid» Content-Type: text/plain Winward Casino: US Players, … That *blank* line is really a space. Deleting the space character allows the "Finding links" to work again. Example: https://www.spamcop.net/sc?id=z6408256844z01c6f10262d93f7fd6bc56e589ea4e33z I understand that the original purpose of that message, was due to an error in the user handling the copy/paste/forward of the emails in such a way that email header was no longer accurate. However, in this case, the "couldn't parse head" is really the multipart header in the body of the message. That was not really clear from the context.
showker posted a topic in New Feature RequestTwo or three fields should be added to the form that would include the "Spamvertised" site links. Since Spamcop form is broken and no longer 'finds' links in the spam, the reporting is sort of useless. The sender of the email is not helping curb the spam. Follow the money trail to the actual cyber criminals involved. Serious spam reporters can follow redirects and get the actual sites responsible for the spam. THOSE are the links / URLs / hosts that need to go into the black hole. To avoid abuse of those fields, perhaps a second level of reporting volunteers who will utilize the "executive" form correctly. I know you're very paranoid about false positives, but in that effort, you're missing the real culprits.
Yesterday, Spamcop stopped including spamvertised web links in the reports. Generally it does no good what so ever to report the spam to the email provider of the sender. These are all throw-away email addresses which have no consequense on the spam sent or the cyber gang profiting from the spam. The entity advertised in the spam is the cyber criminal that should be reported. In many cases, the links are redirects or "single hop" links that get reported. These are of no consequence either because the spam uses them to bounce the victim to the actual spamvertised site. Most recently, these redirect links are at "No Master" hosts, and don't get reported anyway. This is the classic scenario of the porn, and pharma industries. We have been manually getting the target site link and manually reporting those to the admins responsible. We know this technique works because the sites are shut down and the spammer has to set up shop elsewhere. Which we then report. This is tedius and time consuming work. Spamcop should put a few fields in the REPORT form for the purpose of actually going after the creators of the spam. . . . two or three fields for "Spamvertised Web Links" . . . that way, the actual firm hosting the cyber criminals can be alerted. http://www.graphic-design.com/60-seconds/328_spam_we_can_do_without