Jump to content
Sign in to follow this  
Wazoo

Older than 2-day-old spam no longer accepted

Recommended Posts

As found this morning on the www.spamcop.net page (logged in mode)

2-day-old spam no longer accepted

SpamCop and the ISPs who receive reports from it need fresh spam. Previously, SpamCop would accept spam up to 72 hours old. However, this old spam was essentially useless. SpamCop now requires that spam being reported be less than 48 hours old.

Furthermore, we recommend that users not bother reporting spam that is more than 24 hours old. Usually, sources of spam over 24 hours old have already been dealt with one way or another. As always, the fresher your spam, the better.

Source: http://news.spamcop.net/pipermail/spamcop-...read.html#93499

Share this post


Link to post
Share on other sites

FAQs have been updated, the on-screen note for logged-in folks has the news, and the code change should be right around the corner, if it hasn't happened yet.

Share this post


Link to post
Share on other sites

Per Ellen's request, this recent "change" added to this Topic.

There has been a small change in the way that the parser determines the age of a spam:

"The parser takes the date from the earliest trusted received line.

Rather than what it used to do, which was take the date from the

top-most received line."

This should be a non-event for most people and for most of the spam that is parsed altho it may, from time to time, result in a different freshness date than you would have expected.

Ellen

SpamCop

<please propogate to the forums, etc as necessary, tia>

The only "problem" I have is that there were a number of "us" support folks that tended to explain that the time was "taken from the topmost 'valid' header line .. usually this is from your ISP" .... so the "actual" change I see is the word "valid" is now "trusted" .... at which point I'm not sure if this is actually something to do with a MailHost configuration or is there just something in the way this "change" has been passed along ...???

Ellen's response (again, brought over from the newsgroups);

Trusted or valid are reasonably synonymous, I think, when looked at from the point of view of the parser -- if you have MH then it will be taken from the oldest trusted/mailhosted header and if you don't have MH then it is the oldest header that the system thinks is associated with the reporter which is usually the ISP header. While there were not a huge number of cases of big lags in timestamps between adjacent headers (i.e. the spam languished on a server for a while for some unknown reason) there were enough cases so that this made sense to do.

So basically this is a refinement in the process of trying to figure out when the spam first arrived at the user server where user server is the server that handles the mail that the spam was addressed to, which may or may not be the server which finally delivers the mail into the user's end mailbox.

Ellen

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×