ymprob Posted November 15, 2011 Share Posted November 15, 2011 Well, what I have been doing works, but it's a pain-in-the-you-know-what! --Right click on the spam message, then "view full header" --Copy the info in the pop-up, click OK --Click the FORWARD button --Paste the header info at the top of the message --Send to SpamCop Like I said, it's a pain! Have a happy day! Leah This is what I do as well. Unfortunately the links in these emails are often missed by SC whether fwd'ed or pasted. There is no view source any more at least in my Yahoo. Also w/o being able to 'view source' html spam is either invisible or the links are embedded in type. Same here, with same frustrating results - no link reporting. If I'm particularly perturbed with the spam, I have even copied and pasted the spam links into the body to be forwarded under the header info. (which I've also just copied and pasted in ), and... SpamCop still doesn't pick up the links. When submitting yahoo spam, I get an error that calls the accuracy of the copy and paste headers into question: http://www.spamcop.net/fom-serve/cache/368.html Link to comment Share on other sites More sharing options...
Farelf Posted November 15, 2011 Share Posted November 15, 2011 Same here, with same frustrating results - no link reporting. If I'm particularly perturbed with the spam, I have even copied and pasted the spam links into the body to be forwarded under the header info. (which I've also just copied and pasted in ), and... SpamCop still doesn't pick up the links. When submitting yahoo spam, I get an error that calls the accuracy of the copy and paste headers into question: http://www.spamcop.net/fom-serve/cache/368.html Good heavens, you're right. I just tried and so far have been unable to forward an e-mail submission which doesn't generate the error Finding links in message body Parsing text part error: couldn't parse head That's what's stopping the body parse - the head parse is already done although the error implies it's not. The thing is, SC manages its primary function, reporting about the IP address of the message source. The same spam, copied and pasted into the on-line submission form, works just fine (no errors, links parsed). Must be something to do with the way SC strips out the forwarding envelope before parsing. I tried forwarding both with and without the ----- Forwarded Message ----- line inserted by Yahoo, I tried RTF and plain text (well, the latter was never going to work, loses the required indents on line continuations). We need a Tracking URL - the parses I have generated (and for which cancelled reports) I do not wish to make public because they're not spam and aren't necessarily showing what you're seeing. Can you produce one and post it here so others can have a look? Don is certainly welcome to look at the data in my old (not mailhost-configured) account if he wishes/is interested but YOUR tracking URL would confirm exactly the behaviour YOU are seeing. Link to comment Share on other sites More sharing options...
ymprob Posted November 15, 2011 Share Posted November 15, 2011 Good heavens, you're right. I just tried and so far have been unable to forward an e-mail submission which doesn't generate the error Finding links in message body Parsing text part error: couldn't parse head That's what's stopping the body parse - the head parse is already done although the error implies it's not. The thing is, SC manages its primary function, reporting about the IP address of the message source. The same spam, copied and pasted into the on-line submission form, works just fine (no errors, links parsed). Must be something to do with the way SC strips out the forwarding envelope before parsing. I tried forwarding both with and without the ----- Forwarded Message ----- line inserted by Yahoo, I tried RTF and plain text (well, the latter was never going to work, loses the required indents on line continuations). We need a Tracking URL - the parses I have generated (and for which cancelled reports) I do not wish to make public because they're not spam and aren't necessarily showing what you're seeing. Can you produce one and post it here so others can have a look? Don is certainly welcome to look at the data in my old (not mailhost-configured) account if he wishes/is interested but YOUR tracking URL would confirm exactly the behaviour YOU are seeing. Here's a fresh tracking url, highlighting the consistent yahoo submission error: http://www.spamcop.net/sc?id=z5173491310z6...0c4bb24f81f174z Link to comment Share on other sites More sharing options...
Farelf Posted November 16, 2011 Share Posted November 16, 2011 Ok, thanks. I'm getting a couple of things from that. Essentially it is confirming you can't get the whole message for every message when you report through Yahoo. You CAN report about the source of the spam though. Some excruciating detail: 1) I can't get that data to parse through (in webform submission) without taking out the line ----- Forwarded Message ----- at the start. Leaving it in or taking it out didn't seem to make any difference when I tried forwarding but you might try leaving it out to see if that gets rid of the error message. The error message, as said before, is a bit of a red herring because the head IS parsed fine and report(s) about the source of the message can be sent. You can certainly report with confidence for that much and that is for what SC is primarily intended. It happens, in this case, that the URL link in the body (unsubscribe link) that the parser would not pick up (if it were there) goes back to the self-same ISP so the report SC offers to send would be (more or less) sufficient for both purposes. Incidentally, if that is spam it is "straight-up" spam and the unsubscription process would likely be effective. OK, you shouldn't have to unsubscribe from anything to which you never subscribed (with confirmation), especially since "unsubscribe" is frequently misused in the wrong hands - but just saying ... 2) Looks like you are forwarding the basic text of an HTML or mixed e-mail. It has a header line Content-Type: multipart/alternative;boundary="Part.868562204.1894146032" What you don't see, can't see (doesn't seem to be any way), is the line before the start of the text (varies with each message) is the line --Part.868562204.1894146032 and that probably is followed by lines like Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8bit or Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable and at the end of it all, for the message to be complete, there has to be (I think), again matching the specific "Content-Type: multipart/alternative;boundary=" declaration with added dashes, is --Part.868562204.1894146032-- BUT you're not really allowed to add those under the "material changes" ("Changing your spam") rule - http://www.spamcop.net/fom-serve/cache/125.html (and elsewhere). "SpamCop members should not make any material changes to the spam which might cause SpamCop to find a link, address, or URL it normally would not find." Anyway, too much of a burden for too little result. Best to just report what you can (it would be nice to get rid of that error message but not essential) OR POP or IMAP your mail to another client (changing mailhosts too) if you want to get at the links - as covered earlier in this topic. Link to comment Share on other sites More sharing options...
ymprob Posted November 16, 2011 Share Posted November 16, 2011 Thanks for every bit of the "excruciating detail" and your efforts in general. Selfishly, I'm most intrigued by this comment: Incidentally, if that is spam it is "straight-up" spam and the unsubscription process would likely be effective. How did you deduce they were "straight-up" spam, where unsubscribing would be effective? The reason I ask, is these guys are the folks that motivated me to start reporting again. They've been on two of my secondary emails for some time; I believe I've observed them switch domains a few times; and I never interacted with their domains in any way previously. Link to comment Share on other sites More sharing options...
Farelf Posted November 17, 2011 Share Posted November 17, 2011 ... How did you deduce they were "straight-up" spam, where unsubscribing would be effective? The reason I ask, is these guys are the folks that motivated me to start reporting again. They've been on two of my secondary emails for some time; I believe I've observed them switch domains a few times; and I never interacted with their domains in any way previously. They seem to be using their own addresses, not hiding or spoofing anything therefore they are exposed and "accountable" for compliance with internet advertising standards as might apply apply at state and federal levels - not to mention compliance with ISP terms of service. Not a lot of assurance but the best that can be had in relation to someone not actually/completely following "best practice" in mailing list maintenance. Sure there are many instances of such outfits being a right royal PITA and carrying on their unrepentant behaviour but those are surely a dying breed - the "business model" is quite different to that of the "bots" and compliance is cheaper than non-compliance. Domain switching could be an ominous sign these are an exception - or that they are feeling some consequences. I admit I didn't look at them in any detail - let's see - http://www.robtex.com/dns/tshirtfantasyworld.com.html?tab=shared (keeping that from being a live link, not wanting robtex to be pounded). Ah, 219 (and counting) domains with the same address - not a promising start though evidently not all the same entity. That domain has a registrant in Perris, CA 92570. Looks like those (or most) of the sub-set of the 219 domains that are obviously similar - tshirtfantasyglobal.com, bestcontempapparel.com etc. might be discards, no current domain registration (haven't looked at their history). But the same internet address (and the same nameservers) means any bad spammer using that internet setup on a succession of domains to avoid attention is vulnerable to being cut off by the ISP (Global Crossing) or even by the domain registrar on evidence of that activity - someone would just need to join up the dots. So, it would still be dumb to ignore unsubscribe requests (yes, the spamming profession selects for dumb) but what do you have to lose? They've got your address(es) already the only risk is that on the confirmation afforded by contact they might step up activity to them. Which makes them a clearer target for regulatory attention. Link to comment Share on other sites More sharing options...
Farelf Posted August 23, 2012 Share Posted August 23, 2012 Member fragile has found the magic key combination to forward as attachment with full headers from the New Yahoo (Shift-Alt-F) - see http://forum.spamcop.net/forums/index.php?...ost&p=82630 Only one at a time though ... Link to comment Share on other sites More sharing options...
cyberdogg Posted July 24, 2013 Share Posted July 24, 2013 Yahoo Mail finally forced the change of transition from Classic Yahoo Mail (when it was easy to press Ctrl to attach and forward spam) to the New Yahoo interface. I checked the pinned solution which is Shift+Alt+F. Doesn't work for the type of Yahoo Mail interface; it opens "File" menu in the upper left of the browser. I use Mozilla Firefox browser. Could someone help out on spam-full-header-and-body attachment forwarding rather than the tedious route of step by step cut & paste? This is what Yahoo Mail interface looks like: Image Merged here by SteveT from original topic "New Yahoo interface won't attachment-forward spam to SC." Further edit by Farelf to convert image to link - see the "Help" menu near top right of any page, in the first item there for explanation. Link to comment Share on other sites More sharing options...
turetzsr Posted July 24, 2013 Share Posted July 24, 2013 ...How about reply to the earlier topic to which you posted ([Resolved] Forwarding from the New/Updated YAHOO) from redtuna? Merged here by SteveT from original topic "New Yahoo interface won't attachment-forward spam to SC." Link to comment Share on other sites More sharing options...
cyberdogg Posted July 24, 2013 Share Posted July 24, 2013 ...How about reply to the earlier topic to which you posted ([Resolved] Forwarding from the New/Updated YAHOO) from redtuna? I find the new Yahoo Mail interface irritating after it forced the change without retaining the classic version. I may have to spring-clean the Yahoo Mail account, move some emails, and ditch the account by closure request. Yahoo has a horrible customer service. Moderator may see to this that this thread is moved to add to that thread or deleted for redundancy. Merged here by SteveT from original topic "New Yahoo interface won't attachment-forward spam to SC." Link to comment Share on other sites More sharing options...
turetzsr Posted July 24, 2013 Share Posted July 24, 2013 <snip> Moderator may see to this that this thread is moved to add to that thread or deleted for redundancy. ...Thanks for the suggestion -- done! ...Was the redtuna post any help to you or do you not want to bother going that route? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.