Jump to content

more unstoppable spam query

Emerson Prado

Recommended Posts

Emerson Prado Member

Emerson Prado

Posted
Posted

Hi all,

This is my very first post here, so I apologize if I'm doing it the wrong way somehow.

I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers.

But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around.

This is my last report:

http://www.spamcop.net/mcgi?action=gettrac...rtid=4944509793

I guessed the offender also owns the domain the messages come from and the links point to - the domain is the same. This way, reporting to him is plainly useless. I still report but unchecking his own addresses.

I also wrote to the local (Brazilian) domain certifier (Cert), without answer (what doesn't mean without action).

Is there another way to fight this guy?

Best regards,

Emerson

Admin Edit: ectracted from http://forum.spamcop.net/forums/index.php?showtopic=11310 as it isn't actually carrying on 'that' Discussion. PM sent to advise of this action/move.

Link to comment
Share on other sites
Farelf What Life?

Farelf

Posted
Posted
Hi Emerson,

That's not a tracking URL - only you and SpamCop staff can see the report from that link. If you want it tp be available to the rest of us to look at you will need to open the report and pick up the Tracking URL that appears near the top of the "Parse" page (and is identified by that name).

Link to comment
Share on other sites
Farelf What Life?

Farelf

Posted
Posted

Hmmm ... I don't know if the situation is as you describe it but have to admit it certainly looks much that way. If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address:

WHOIS Source: LACNIC

IP Address: 189.1.164.212

Country: Brazil

Network Name: 006.943.198/0001-23

Owner Name: HOSTLOCATION LTDA

...

% Security and mail abuse issues should also be addressed to

% cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br

% and mail-abuse[at]cert.br

Link to comment
Share on other sites
Emerson Prado Member

Emerson Prado

Posted
  • Author
Posted
I don't know if the situation is as you describe it but have to admit it certainly looks much that way.

Pls feel welcome to challenge anything. Maybe I missed something and can look for.

If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address:

...

% Security and mail abuse issues should also be addressed to

% cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br

% and mail-abuse[at]cert.br

In fact, I tried both addresses (cert and mail-abuse at cert dot br), in different time frames. I changed from mail-abuse to cert recently, just to see if something happened. I'll probably revert to mail-abuse, since this is a mail abuse issue (though the guy sells addresses). But, since I used that before, this doesn't seem to be the cause.

Many thanks and best regards,

Emerson

Link to comment
Share on other sites
agsteele Been There

agsteele

Posted
Posted
I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers.

But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around.

Hi Emerson,

Welcome to these forums... The situation you describe is quite common and sometimes reflects a misunderstanding about SpamCop reports.

The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest.

To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists.

HTH

Andrew

Link to comment
Share on other sites
petzl Been There

petzl

Posted
Posted
The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest.

To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists.

Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers?

They in fact claim to be anti-spam?

http://www.cert.br/

Google translation

Brazilian Honeypots Alliance - Distributed Honeypots Project

The CERT.br is part of the coordination of the Brazilian Honeypots Alliance - Distributed Honeypots Project , which aims to increase the capacity of incident detection, event correlation and determine trends in attacks on the Brazilian Internet space.

The data collected by honeypots are processed to generate daily statistics from malicious activity observed. These statistics are available from:

Statistics: Brazilian Honeypots Alliance - Distributed Honeypots Project

The CERT.br also uses the data collected by the project to identify malicious activities in the Brazilian Internet space and notifying those responsible for networks involved in these activities.

Link to comment
Share on other sites
  • 2 weeks later...
Snowbat Advanced Member

Snowbat

Posted
Posted
Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers?

Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia.

http://www.cgi.br/english/index.htm

I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete)

If you need to contact a human, try here:

http://www.cert.br/contact.html

Link to comment
Share on other sites
petzl Been There

petzl

Posted
Posted
Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia.

http://www.cgi.br/english/index.htm

I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete)

I still believe "cert Brazil" are very much aiding spammers

All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported"

Brazils incompetence in handling spammers also reflects badly on their whole country

Link to comment
Share on other sites
Farelf What Life?

Farelf

Posted
Posted
I still believe "cert Brazil" are very much aiding spammers

All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported"

Brazils incompetence in handling spammers also reflects badly on their whole country

Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time - so the whole process is quite disconnected and remote from the viewpoint of the reporter. The difference being the primary reporting for those US ISPs is direct to them, the same avenue is not open for Brazil reports.

Interestingly, the responsibility for Australian oversight is being increasingly shovelled onto to ISPs through 'voluntary' codes of conduct (if they know what's good for them). The UK is seeking to sheet home the blame for the misuse of their computers to the individual owners. An Englishman's home is his castle and he'd better jolly-well defend it (and all you Scots and Welsh and Northern Irish and Manx and sundry other islanders too, your Government is watching to be sure you do).

Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one.

Link to comment
Share on other sites
petzl Been There

petzl

Posted
Posted
Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time -

Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one.

Not getting any spam through my Greylist from USA or Australia

Brazil I do

Reporting spam to US Australia does work in fact all countries except Brazil

Greylisting means my email only accepts mail from a email server

Link to comment
Share on other sites
Emerson Prado Member

Emerson Prado

Posted
  • Author
Posted

Reading throughly the topic suggested by Snowbat

http://forum.spamcop.net/forums/index.php?showtopic=10380#

gave me a sad picture of how it really is about this domain and what we can do about it.

In fact, my issue is exactly the same discussed in that topic. Would it be better if I followed up there, so we have just one thread for this subject?

I'll write the deputies, as suggested in that thread. Let's see.

Best regards all,

Emerson

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...