kca Posted December 20, 2004 Share Posted December 20, 2004 Greetings, I'm trying to interpret the following spam summary report. Can anyone help? Also, how do i go about getting more detailed reports, assuming there are any to be had. Also, in the fact you mention an ISP account, i'm going to guess that would apply to me to since i'm the mail admin at this firm. How do i get one, or is that the same as the "For reporting-only account holders" link? Thanks! K -- spam SOURCE REPORT -- IP Address Start/Duration Trap User Mole Simp Additional comments 68.21.232.136 Dec 20 06h/0 1 0 0 0 Link to comment Share on other sites More sharing options...
Miss Betsy Posted December 20, 2004 Share Posted December 20, 2004 68.21.232.136 is no longer listed. I haven't looked at the blocklist listings for a long time, but I understand the information is meager to prevent spammers from using it to circumvent the blocklist. If you did not receive a report from a spamcop reporter, then either reports are going to your upstream or your spam is hitting spamcop spam traps. If it is spam trap hits, then it is likely there is a virus or automatic out of office reply or someone is sending 'bouncing' emails to forged spam From addresses. The ISP account, I believe, is for ISPs to /report/ spam. Did you read the Why Am I Blocked FAQ? It may list other reasons for spam trap hits. Miss Betsy Link to comment Share on other sites More sharing options...
dra007 Posted December 20, 2004 Share Posted December 20, 2004 However, there are some interesting comments on this IP in NANAE! Could that be related to your present problem? Link to comment Share on other sites More sharing options...
kca Posted December 20, 2004 Author Share Posted December 20, 2004 However, there are some interesting comments on this IP in NANAE! Could that be related to your present problem? 21615[/snapback] dra007: Yes i remember that, our first time getting BL'd. But i dont think its related. I'd love to be able to get more feedback on spam when its reported, at the very least, the headers in question so i can figure out if its some sort of autoreply, etc. Miss Betsy: There are options there for you to set up reporting to get reports on ip addresses. All i've received so far have been summary reports like what I first posted. I was hoping there would be a way to get more information in the reports. Thanks to you both, K Link to comment Share on other sites More sharing options...
Miss Betsy Posted December 20, 2004 Share Posted December 20, 2004 There are options there for you to set up reporting to get reports on ip addresses. All i've received so far have been summary reports like what I first posted. I was hoping there would be a way to get more information in the reports. Again, I think the spammers have been responsible for the meager amount of information. I would think there would be numbers or something with this report IP Address - obvious Start/Duration - when the first report came in and how long it will be until off list Trap - spam hit spam trap User - spamcop reporter sent reports to reporting addresses Mole - no reports sent (but I think their reports of spam are weighted differently than a user's reports for addition to the bl) Simp - ??? Additional comments - don't know what kind of comments are made The information you want to see is in the User reports which go to an abuse address. There are a number of different reasons why it may not come directly to you. Reporting addresses (for 68.21.232.136) : abuse[at]ameritech.net AFAICT, 68.21.232.136 has not been reported since Oct 9th by a 'user'. Sometimes, people will use the spamcop rejection template even when they are not using the spamcop bl. However, it didn't seem as though you were listed in any other lists (from the ones spamcop looks up). Have you tried moenstad? Miss Betsy Link to comment Share on other sites More sharing options...
Wazoo Posted December 20, 2004 Share Posted December 20, 2004 I'm trying to interpret the following spam summary report. Can anyone help? Also, how do i go about getting more detailed reports, assuming there are any to be had. Also, in the fact you mention an ISP account, i'm going to guess that would apply to me to since i'm the mail admin at this firm. How do i get one, or is that the same as the "For reporting-only account holders" link? At least partially answered in http://forum.spamcop.net/forums/index.php?...indpost&p=20650 The ISP account was for the ISP to "manage/handle" to complaints they'd received, offering up options on status of the situation .. leading to those complaints of seeing the "ISP has handled ..." as the spew continues .... Then there are the folks that logged-in to report spam, found out that they couldn't, and it turns out that some database bits had danced and their account had ben 'converted' to an ISP account. Abuse.net doesn't seem to list anything for that IP, so perhaps you'd like to register an abuse address there. Link to comment Share on other sites More sharing options...
Jeff G. Posted December 21, 2004 Share Posted December 21, 2004 abuse.net doesn't work on IP Addresses, only on Hostnames and Domainnames. However: 12/20/04 23:40:32 Abuse address lookup for smtp.ssd.com [sanitized for the web] whois -h whois.abuse.net smtp.ssd.com ... helpdesk at ssd.com (for ssd.com) abuse at ssd.com (for ssd.com) postmaster at ssd.com (for ssd.com) Also, please see How can I get SpamCop reports about my network?' Link to comment Share on other sites More sharing options...
kca Posted December 22, 2004 Author Share Posted December 22, 2004 abuse.net doesn't work on IP Addresses, only on Hostnames and Domainnames. However: Also, please see How can I get SpamCop reports about my network?' 21652[/snapback] Thanks to all that responded. K Link to comment Share on other sites More sharing options...
Jeff G. Posted December 26, 2004 Share Posted December 26, 2004 Thanks to all that responded.21690[/snapback] You're welcome. I hope we were able to help you resolve the situation. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.