Jump to content
Sign in to follow this  
Emerson Prado

more unstoppable spam query

Recommended Posts

Hi all,

This is my very first post here, so I apologize if I'm doing it the wrong way somehow.

I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers.

But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around.

This is my last report:

http://www.spamcop.net/mcgi?action=gettrac...rtid=4944509793

I guessed the offender also owns the domain the messages come from and the links point to - the domain is the same. This way, reporting to him is plainly useless. I still report but unchecking his own addresses.

I also wrote to the local (Brazilian) domain certifier (Cert), without answer (what doesn't mean without action).

Is there another way to fight this guy?

Best regards,

Emerson

Admin Edit: ectracted from http://forum.spamcop.net/forums/index.php?showtopic=11310 as it isn't actually carrying on 'that' Discussion. PM sent to advise of this action/move.

Edited by Wazoo

Share this post


Link to post
Share on other sites
Hi Emerson,

That's not a tracking URL - only you and SpamCop staff can see the report from that link. If you want it tp be available to the rest of us to look at you will need to open the report and pick up the Tracking URL that appears near the top of the "Parse" page (and is identified by that name).

Share this post


Link to post
Share on other sites

Hmmm ... I don't know if the situation is as you describe it but have to admit it certainly looks much that way. If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address:

WHOIS Source: LACNIC

IP Address: 189.1.164.212

Country: Brazil

Network Name: 006.943.198/0001-23

Owner Name: HOSTLOCATION LTDA

...

% Security and mail abuse issues should also be addressed to

% cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br

% and mail-abuse[at]cert.br

Share this post


Link to post
Share on other sites
I don't know if the situation is as you describe it but have to admit it certainly looks much that way.

Pls feel welcome to challenge anything. Maybe I missed something and can look for.

If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address:

...

% Security and mail abuse issues should also be addressed to

% cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br

% and mail-abuse[at]cert.br

In fact, I tried both addresses (cert and mail-abuse at cert dot br), in different time frames. I changed from mail-abuse to cert recently, just to see if something happened. I'll probably revert to mail-abuse, since this is a mail abuse issue (though the guy sells addresses). But, since I used that before, this doesn't seem to be the cause.

Many thanks and best regards,

Emerson

Share this post


Link to post
Share on other sites
I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers.

But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around.

Hi Emerson,

Welcome to these forums... The situation you describe is quite common and sometimes reflects a misunderstanding about SpamCop reports.

The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest.

To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists.

HTH

Andrew

Share this post


Link to post
Share on other sites
The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest.

To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists.

Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers?

They in fact claim to be anti-spam?

http://www.cert.br/

Google translation

Brazilian Honeypots Alliance - Distributed Honeypots Project

The CERT.br is part of the coordination of the Brazilian Honeypots Alliance - Distributed Honeypots Project , which aims to increase the capacity of incident detection, event correlation and determine trends in attacks on the Brazilian Internet space.

The data collected by honeypots are processed to generate daily statistics from malicious activity observed. These statistics are available from:

Statistics: Brazilian Honeypots Alliance - Distributed Honeypots Project

The CERT.br also uses the data collected by the project to identify malicious activities in the Brazilian Internet space and notifying those responsible for networks involved in these activities.

Share this post


Link to post
Share on other sites
Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers?

Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia.

http://www.cgi.br/english/index.htm

I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete)

If you need to contact a human, try here:

http://www.cert.br/contact.html

Share this post


Link to post
Share on other sites
Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia.

http://www.cgi.br/english/index.htm

I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete)

I still believe "cert Brazil" are very much aiding spammers

All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported"

Brazils incompetence in handling spammers also reflects badly on their whole country

Share this post


Link to post
Share on other sites
I still believe "cert Brazil" are very much aiding spammers

All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported"

Brazils incompetence in handling spammers also reflects badly on their whole country

Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time - so the whole process is quite disconnected and remote from the viewpoint of the reporter. The difference being the primary reporting for those US ISPs is direct to them, the same avenue is not open for Brazil reports.

Interestingly, the responsibility for Australian oversight is being increasingly shovelled onto to ISPs through 'voluntary' codes of conduct (if they know what's good for them). The UK is seeking to sheet home the blame for the misuse of their computers to the individual owners. An Englishman's home is his castle and he'd better jolly-well defend it (and all you Scots and Welsh and Northern Irish and Manx and sundry other islanders too, your Government is watching to be sure you do).

Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one.

Share this post


Link to post
Share on other sites
Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time -

Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one.

Not getting any spam through my Greylist from USA or Australia

Brazil I do

Reporting spam to US Australia does work in fact all countries except Brazil

Greylisting means my email only accepts mail from a email server

Share this post


Link to post
Share on other sites
...Reporting spam to US Australia does work in fact all countries except Brazil

Greylisting means my email only accepts mail from a email server

Okay, fair enough.

Share this post


Link to post
Share on other sites

Reading throughly the topic suggested by Snowbat

http://forum.spamcop.net/forums/index.php?showtopic=10380#

gave me a sad picture of how it really is about this domain and what we can do about it.

In fact, my issue is exactly the same discussed in that topic. Would it be better if I followed up there, so we have just one thread for this subject?

I'll write the deputies, as suggested in that thread. Let's see.

Best regards all,

Emerson

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×