Miss Betsy Posted April 21, 2004 Share Posted April 21, 2004 And even if the email were not tagged, if the bl is used properly, the sender is notified that the email was not delivered. That is infinitely better than having an email disappear in the spam folder and never be noticed. It also provides another person to notify the ISP that there is a compromised machine or incompetent user and real leverage (since that person is a customer) to do something so that there is no longer spam. And often, especially in the case of compromised machines, the spamcop bl is just the first bl for that IP address - if the problem is not fixed. Miss Betsy Link to comment Share on other sites More sharing options...
turetzsr Posted April 21, 2004 Share Posted April 21, 2004 Hi Steven ... There is no "bias" on my part, just facts as they are at the time. If ISP's used "tag only" that would be much better, but a lot do not (as you know). If SpamCop uses "tag only" for their accounts, then they follow their own advice. There are two conversations - "regular ISP email" and "SpamCop accounts". Hi, yourbuddy, ...But what I think is causing your problem with most of us here is your blaming SpamCop for the improper use by ISPs and e-mail providers of the BL. I think your point that SpamCop users who report spams have a responsibility for how the BL is used (what we call "bias") has some validity but will not find very much support among those of us who have decided it's not as important as fighting spam. ...Also, regarding another of your posts in this thread: IIUC, it is not possible for a single report by a single user to cause an IP address to be listed. Claims of this nature contribute to others' negative views of you, which is a shame because many of your posts, including your criticisms of SpamCop, contain very valuable content. [EDIT] In a private e-mail, yourbuddy correctly pointed out that he did not write that a single report by a single reporter could add an IP to the blocklist ... but that a single reporter could. I apologize for the oversight.[/EDIT] [EDIT 2] AUGHH! I'll get this right, yet. What yourbuddy wrote was (quoting to ensure I get it right, this time!): Just one spammer (using the ISP server or a compromised PC that has an account with that ISP) can get the whole ISP blacklisted.[/EDIT 2] Link to comment Share on other sites More sharing options...
StevenUnderwood Posted April 22, 2004 Share Posted April 22, 2004 EDIT] In a private e-mail, yourbuddy correctly pointed out that he did not write that a single report by a single reporter could add an IP to the blocklist ... but that a single reporter could. I apologize for the oversight.[/EDIT] I believe this is also incorrect. My understanding is that it requires at least 2 different reporters as well but I can not find proof. Deputies??? Link to comment Share on other sites More sharing options...
Miss Betsy Posted April 22, 2004 Share Posted April 22, 2004 IIRC, yes you are right It takes two reporters to list. The exception is spamtraps where it only takes one. However, I didn't even look for it. I think it is one of those FAQ that isn't asked frequently enough or in the same way to be able to find it in the answers. And that spamcop either doesn't want to be general knowledge or just puts way down on the priority list for adding to explanations. Miss Betsy Link to comment Share on other sites More sharing options...
turetzsr Posted April 22, 2004 Share Posted April 22, 2004 EDIT] In a private e-mail, yourbuddy correctly pointed out that he did not write that a single report by a single reporter could add an IP to the blocklist ... but that a single reporter could. I apologize for the oversight.[/EDIT] I believe this is also incorrect. My understanding is that it requires at least 2 different reporters as well but I can not find proof. Deputies??? ...Other than the fact I misquoted yourbuddy: wouldn't it only take one reporter if, say, I submitted a report from one e-mail address and submitted a report against the same IP address from another e-mail address? Wouldn't SpamCop then treat me as being two different reporters? Link to comment Share on other sites More sharing options...
StevenUnderwood Posted April 22, 2004 Share Posted April 22, 2004 If you had 2 accounts (not hard to get, I have 2 myself) and the host is not well known to spamcop (low volume) you could probably report enough to get a host listed. It should also depend that the host actually sent messages to multiple accounts which you own. However, if the reporter is submitting the same message (same message ID) I would hope that spamcop would not count them seperately. And even if the reporter did, it should be pretty obvious to the deputies what was going on. If the host has sent messages to 2 or more different addresses which are owned by you, I don't see the problem with reporting them under different accounts as they were probably sent to many different people or the host is directing an attack to you. I don't know how the deputies would view the situation, however. Link to comment Share on other sites More sharing options...
dra007 Posted April 22, 2004 Share Posted April 22, 2004 as it happens I have 5 accounts (on different servers) and I get practically the same spam at all of them, it even reaches there about the same time, coincidence? Link to comment Share on other sites More sharing options...
Miss Betsy Posted April 22, 2004 Share Posted April 22, 2004 If it is a spam run, then, of course, the email received on all five accounts will be 'about the same time' Miss Betsy Link to comment Share on other sites More sharing options...
StevenUnderwood Posted April 23, 2004 Share Posted April 23, 2004 as it happens I have 5 accounts (on different servers) and I get practically the same spam at all of them, it even reaches there about the same time, coincidence? I regularly get the same spam to all 5 of the work email address which are posted on the company web site. I also often get the same spam at my home and my work accounts. Different spamsu usually between the personal accounts (work and home) and the public work addresses however. It just means all those addresses are on the same lists. Are the 5 accounts all at the same domain? I know you are in a university setting. Have you asked others on those servers to see if they are getting the same spam as well? It could have been a dictionary attack. Link to comment Share on other sites More sharing options...
dra007 Posted April 23, 2004 Share Posted April 23, 2004 Two are on the same domain, one of them never used as it is an internal (University address)...that is the one that gets most spam...The others have filters and blocks setup, so I may not see everything that goes to them, unless I log on to a website and check junk/spam e-mail, and sometimes I report that spam manually.. But they seem to be often repeats of the same spam or virus attack, the domains/content coincide but the forgery of headers may differ. (I get a lot of viruses from a cn.edu domain, usually as soon as or soon after I get the spam reports).. I have been following the pattern, I could wait for hours before submitting, the virus arrives like a clock and only immediately or soon after... What is puzzling is that the 5 emails have different names and domains, and I never listed them publicly together, I don't think anyone I write to has knowledge of all of them, I use them for very different purposes... They are also combinations of leters and numbers which shouldn't be easy to generate... I also noticed some delivered spam mail with wrong addresses or only marginal resemblance of my actual e-mail address.. So it is a puzzle, and I cannot find a connection other than the attack started at the same time for all 5 and some I used for >10 years... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.