Mysterion Posted November 24, 2017 Share Posted November 24, 2017 Hello, This is my first post here and english is not my native language, so please be indulgent I regularly receive spams for counterfeit products, and when reporting them through SpamCop, URL aren't decoded. Here is an example : https://www.spamcop.net/sc?id=z6425311915ze251a0e2726444c378eaefb479563d9dz It seems that there is a bug where Spamcop parser gets flooded... Report is only sent to originating network abuse address, and I have to add a user notification to (try to) send the report to the web host. What do you reckon ? Link to comment Share on other sites More sharing options...
Lking Posted November 24, 2017 Share Posted November 24, 2017 Looking at your example, you are correct. I would suggest deleting the HTML portion of the message. Starting with <html><head> <title>UGG</title> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> <style type=3D""> through with end of the email. That will leave the plan text portion which has several links but none of the graphics links Link to comment Share on other sites More sharing options...
Mysterion Posted November 24, 2017 Author Share Posted November 24, 2017 Thank you for your help Lking ! Now I understand a thing : I hadn't checked the "Show technical details" checkbox, so the error message "Too many links" wouldn't display. Only a huge list of links appeared, without explanation. Is it really the desired behaviour ? Link to comment Share on other sites More sharing options...
Lking Posted November 24, 2017 Share Posted November 24, 2017 Of course the "Too many links" is the exception. Unfortunately when how errors/excepting are handled are prioritized with issues of handling spam along the main path of the parser, niceties of error handling may stay far down the list. I agree that in situations you have found, it would more productive to stop looking for links in the body when some max number is reached, and then process those. This would effectively be equivalent to what I suggested (delete part of the body). Keep in mind that processing links in the body of spam is the lowest priority for the parser and under high traffic conditions the body is skipped entirely. Link to comment Share on other sites More sharing options...
Mysterion Posted November 25, 2017 Author Share Posted November 25, 2017 Indeed, the parser could ask to truncate when too many links are found (like when the mail is too long), or at least an error message should notify the user, even when technical details are not showed. For me that would be an appreciated improvement. When similar spams repeat, I think it is important to shoot on both sides, sending network and web hosts. I am receiving those for counterfeit brands for more than one year now ! And I would like to thank Spamcop admins for their hard work. I have been using the reporting service for more about 10 or 15 years, and having no problems to report in the forums until now proves this is a very accomplished tool ! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.