Jump to content
Sign in to follow this  
leahjane10

[Resolved] Forwarding from the New/Updated YAHOO

Recommended Posts

Well, what I have been doing works, but it's a pain-in-the-you-know-what!

--Right click on the spam message, then "view full header"

--Copy the info in the pop-up, click OK

--Click the FORWARD button

--Paste the header info at the top of the message

--Send to SpamCop

Like I said, it's a pain!

Have a happy day!

Leah

This is what I do as well.

Unfortunately the links in these emails are often missed by SC whether fwd'ed or pasted.

There is no view source any more at least in my Yahoo.

Also w/o being able to 'view source' html spam is either invisible or the links are embedded in type.

Same here, with same frustrating results - no link reporting. :(

If I'm particularly perturbed with the spam, I have even copied and pasted the spam links into the body to be forwarded under the header info. (which I've also just copied and pasted in :) ), and... SpamCop still doesn't pick up the links. :(

When submitting yahoo spam, I get an error that calls the accuracy of the copy and paste headers into question:

http://www.spamcop.net/fom-serve/cache/368.html

Edited by ymprob

Share this post


Link to post
Share on other sites
Same here, with same frustrating results - no link reporting. :(

If I'm particularly perturbed with the spam, I have even copied and pasted the spam links into the body to be forwarded under the header info. (which I've also just copied and pasted in :) ), and... SpamCop still doesn't pick up the links. :(

When submitting yahoo spam, I get an error that calls the accuracy of the copy and paste headers into question:

http://www.spamcop.net/fom-serve/cache/368.html

Good heavens, you're right. I just tried and so far have been unable to forward an e-mail submission which doesn't generate the error

Finding links in message body

Parsing text part

error: couldn't parse head

That's what's stopping the body parse - the head parse is already done although the error implies it's not. The thing is, SC manages its primary function, reporting about the IP address of the message source.

The same spam, copied and pasted into the on-line submission form, works just fine (no errors, links parsed). Must be something to do with the way SC strips out the forwarding envelope before parsing. I tried forwarding both with and without the ----- Forwarded Message ----- line inserted by Yahoo, I tried RTF and plain text (well, the latter was never going to work, loses the required indents on line continuations).

We need a Tracking URL - the parses I have generated (and for which cancelled reports) I do not wish to make public because they're not spam and aren't necessarily showing what you're seeing. Can you produce one and post it here so others can have a look? Don is certainly welcome to look at the data in my old (not mailhost-configured) account if he wishes/is interested but YOUR tracking URL would confirm exactly the behaviour YOU are seeing.

Share this post


Link to post
Share on other sites

Good heavens, you're right. I just tried and so far have been unable to forward an e-mail submission which doesn't generate the error

Finding links in message body

Parsing text part

error: couldn't parse head

That's what's stopping the body parse - the head parse is already done although the error implies it's not. The thing is, SC manages its primary function, reporting about the IP address of the message source.

The same spam, copied and pasted into the on-line submission form, works just fine (no errors, links parsed). Must be something to do with the way SC strips out the forwarding envelope before parsing. I tried forwarding both with and without the ----- Forwarded Message ----- line inserted by Yahoo, I tried RTF and plain text (well, the latter was never going to work, loses the required indents on line continuations).

We need a Tracking URL - the parses I have generated (and for which cancelled reports) I do not wish to make public because they're not spam and aren't necessarily showing what you're seeing. Can you produce one and post it here so others can have a look? Don is certainly welcome to look at the data in my old (not mailhost-configured) account if he wishes/is interested but YOUR tracking URL would confirm exactly the behaviour YOU are seeing.

Here's a fresh tracking url, highlighting the consistent yahoo submission error:

http://www.spamcop.net/sc?id=z5173491310z6...0c4bb24f81f174z

Edited by ymprob

Share this post


Link to post
Share on other sites

Ok, thanks. I'm getting a couple of things from that. Essentially it is confirming you can't get the whole message for every message when you report through Yahoo. You CAN report about the source of the spam though. Some excruciating detail:

1) I can't get that data to parse through (in webform submission) without taking out the line

----- Forwarded Message -----

at the start. Leaving it in or taking it out didn't seem to make any difference when I tried forwarding but you might try leaving it out to see if that gets rid of the error message. The error message, as said before, is a bit of a red herring because the head IS parsed fine and report(s) about the source of the message can be sent. You can certainly report with confidence for that much and that is for what SC is primarily intended.

It happens, in this case, that the URL link in the body (unsubscribe link) that the parser would not pick up (if it were there) goes back to the self-same ISP so the report SC offers to send would be (more or less) sufficient for both purposes. Incidentally, if that is spam it is "straight-up" spam and the unsubscription process would likely be effective. OK, you shouldn't have to unsubscribe from anything to which you never subscribed (with confirmation), especially since "unsubscribe" is frequently misused in the wrong hands - but just saying ...

2) Looks like you are forwarding the basic text of an HTML or mixed e-mail. It has a header line

Content-Type: multipart/alternative;boundary="Part.868562204.1894146032"

What you don't see, can't see (doesn't seem to be any way), is the line before the start of the text (varies with each message) is the line

--Part.868562204.1894146032

and that probably is followed by lines like

Content-type: text/plain; charset=iso-8859-1

Content-transfer-encoding: 8bit

or

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

and at the end of it all, for the message to be complete, there has to be (I think), again matching the specific "Content-Type: multipart/alternative;boundary=" declaration with added dashes, is

--Part.868562204.1894146032--

BUT you're not really allowed to add those under the "material changes" ("Changing your spam") rule - http://www.spamcop.net/fom-serve/cache/125.html (and elsewhere). "SpamCop members should not make any material changes to the spam which might cause SpamCop to find a link, address, or URL it normally would not find." Anyway, too much of a burden for too little result.

Best to just report what you can (it would be nice to get rid of that error message but not essential) OR POP or IMAP your mail to another client (changing mailhosts too) if you want to get at the links - as covered earlier in this topic.

Share this post


Link to post
Share on other sites

Thanks for every bit of the "excruciating detail" and your efforts in general.

Selfishly, I'm most intrigued by this comment:

Incidentally, if that is spam it is "straight-up" spam and the unsubscription process would likely be effective.

How did you deduce they were "straight-up" spam, where unsubscribing would be effective?

The reason I ask, is these guys are the folks that motivated me to start reporting again. They've been on two of my secondary emails for some time; I believe I've observed them switch domains a few times; and I never interacted with their domains in any way previously.

Share this post


Link to post
Share on other sites
...

How did you deduce they were "straight-up" spam, where unsubscribing would be effective?

The reason I ask, is these guys are the folks that motivated me to start reporting again. They've been on two of my secondary emails for some time; I believe I've observed them switch domains a few times; and I never interacted with their domains in any way previously.

They seem to be using their own addresses, not hiding or spoofing anything therefore they are exposed and "accountable" for compliance with internet advertising standards as might apply apply at state and federal levels - not to mention compliance with ISP terms of service. Not a lot of assurance but the best that can be had in relation to someone not actually/completely following "best practice" in mailing list maintenance. Sure there are many instances of such outfits being a right royal PITA and carrying on their unrepentant behaviour but those are surely a dying breed - the "business model" is quite different to that of the "bots" and compliance is cheaper than non-compliance. Domain switching could be an ominous sign these are an exception - or that they are feeling some consequences.

I admit I didn't look at them in any detail - let's see - http://www.robtex.com/dns/tshirtfantasyworld.com.html?tab=shared (keeping that from being a live link, not wanting robtex to be pounded). Ah, 219 (and counting) domains with the same address - not a promising start though evidently not all the same entity. That domain has a registrant in Perris, CA 92570. Looks like those (or most) of the sub-set of the 219 domains that are obviously similar - tshirtfantasyglobal.com, bestcontempapparel.com etc. might be discards, no current domain registration (haven't looked at their history). But the same internet address (and the same nameservers) means any bad spammer using that internet setup on a succession of domains to avoid attention is vulnerable to being cut off by the ISP (Global Crossing) or even by the domain registrar on evidence of that activity - someone would just need to join up the dots.

So, it would still be dumb to ignore unsubscribe requests (yes, the spamming profession selects for dumb) but what do you have to lose? They've got your address(es) already the only risk is that on the confirmation afforded by contact they might step up activity to them. Which makes them a clearer target for regulatory attention.

Share this post


Link to post
Share on other sites

Yahoo Mail finally forced the change of transition from Classic Yahoo Mail (when it was easy to press Ctrl to attach and forward spam) to the New Yahoo interface.

I checked the pinned solution which is Shift+Alt+F. Doesn't work for the type of Yahoo Mail interface; it opens "File" menu in the upper left of the browser. I use Mozilla Firefox browser.

Could someone help out on spam-full-header-and-body attachment forwarding rather than the tedious route of step by step cut & paste?

This is what Yahoo Mail interface looks like:

Image

Merged here by SteveT from original topic "New Yahoo interface won't attachment-forward spam to SC."

Further edit by Farelf to convert image to link - see the "Help" menu near top right of any page, in the first item there for explanation.

Share this post


Link to post
Share on other sites

...How about reply to the earlier topic to which you posted ([Resolved] Forwarding from the New/Updated YAHOO) from redtuna?

I find the new Yahoo Mail interface irritating after it forced the change without retaining the classic version.

I may have to spring-clean the Yahoo Mail account, move some emails, and ditch the account by closure request.

Yahoo has a horrible customer service.

Moderator may see to this that this thread is moved to add to that thread or deleted for redundancy.

Merged here by SteveT from original topic "New Yahoo interface won't attachment-forward spam to SC."

Share this post


Link to post
Share on other sites
<snip>

Moderator may see to this that this thread is moved to add to that thread or deleted for redundancy.

...Thanks for the suggestion -- done!

...Was the redtuna post any help to you or do you not want to bother going that route?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×