vindicator

Reporting Risks

3 posts in this topic

Through manual reporting, I've come to the conclusion that I should never report via forwarding to the SC-supplied email address.

I felt sketchy about reporting (not yet) this one spam when I previewed the report.

I noticed that even though it contained the SC alias I set, the headers were still peppered with parts of my email, like in "Return-Path", "Errors-To", and "Received-SPF".

I think this is EXACTLY what a spammer would hope would happen in a report sent to them. It would be just as bad as replying to the email.

The SC-parsed/resolved reporting email addresses seemed sketchy as well. The ip network abuse domain is romanian and whois provides hardly anything, while the admin email for the linked site also seemed strange with the registrar's own site redirecting to another.

I have no desire to submit a report to either address if there's any chance they are (unwittingly?) in cahoots.

Share this post


Link to post
Share on other sites

If you do a search for "Munging" using the search tool in the upper right corner of this screen, you will get 16 pages of threads on this subject.

Many agree with your concerns, others do not.  It is only anecdotal, but in the last ~25 yr (god I'm getting old) I have seen no evidence that reporting "Leave spam copies intact" has had an impact on my level of spam.

That said it would be hard to tell. I have turned off all spam filtering by my ISP and on my PC so I can report everyone sending me spam.  In that environment,  in the beginning I got 1-2 replies a year from spammers. They responded to SC and SC forwarded to me, clamming total innocence of course (see Sharp's Corollary to Rule #1).  I can remember one case where a legitimate community email list was sabotaged with my email plus others.That communications I responded too.

have you looked at/adjusted you reporting preferences to meet your concerns?

Share this post


Link to post
Share on other sites

Posted (edited)

Got it. The term "munging" is just what I needed.

I think I'll just pay more attention to the spam itself and sanitize anything that looks to be a direct identifier of me when I paste.

God, I hope that link of corollaries is meant to be humorous, but really it seems to align with words that actually come out of peoples' mouths.

The preferences look good, but I think I may want to make use of "Public standard report recipients". Would this be a good place to stick the spam';k,;lo [at] g9k/'0uce.gov (how's that for munging :D) address, or do they seek the plain/clean/untouched header/email only?

 

EDIT (SC Forum Safelist): I also meant to ask what domain whitelist I should use for SC forum replies. The one you sent went to junk and the domain associated wasn't "spamcop.net".

Edited by vindicator
SC Forum Safelist

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now