I hope this is tempeoary (Yahoo!)

[Ilgaz]

Hi,

I got 3 spams at Yahoo in 2 days. They were actually very easy to catch, the old Nigerian story you know.

What makes it important? I paid (don't ask!) to Yahoo plus months ago. So I have my very own bayesian (spamguard plus) added to that huge yahoo database which non paid customers use.

Something goes on in Yahoo. Today I receieved another obvious spam and reported to spamcop.

Resulted in interesting way so I sent this via feedback form. As a user of them since '95, I really know the result I will get so, flaming before I get one of those stupid templates

I have 2 points. First is, Yahoo rejects spamcop (for now I hope) and I am glad I purchased spamcop mail.

Anyone knows if there was a coup or something in Y! hq?

ps: Copying to abuse[at]yahoo.com (that custom thing) is rejected too!

____

Hi,

May I ask why this report gets REJECTED by Yahoo

abuse system? Did I pay you for this?

http://mailsc.spamcop.net/mcgi?

action=gettrack&reportid=1397587736

If you send me a template, you will live

consequences for it including awareness of my

internal high level yahoo contacts.

[Wazoo]

The "report ID" limits the details to only those with access to that data .. and those folks don't spend a lot of time here. The Tracking URL is the needed item if you want more eyes to see what's going on. I've not heard of an outright block, so I'm going to have to ask what the real message was. I can't even guess what you mean by "the custom thing" .... maybe the internal address used by agreement between SpamCop and Yahoo abuse folks/staff?

[DavidT]

May I ask why this report gets REJECTED by Yahoo

abuse system? Did I pay you for this?

http://mailsc.spamcop.net/mcgi?

action=gettrack&reportid=1397587736

Your URL is specific to those of us with SC email accounts, however, it is malformed (you "wrapped" the line, breaking the URL), but even when I unwrap and fix it, I can't view the report it links to, because I get this error:

Sorry, you are not authorized to view this message.

What you should have done was to have grabbed the actual Tracking URL which appears at the top of the screen while you are in the process of reporting, but before you hit Submit.

DT

[Ilgaz]

ok, here is non breaking URL http://tinyurl.com/6wvmk

Very amazed that:

1) Yahoo somehow, at some point REJECTED spamcop

2) The so called "customer service" does not even reply

3) That freak spammer actually used a Yahoo account. It has domain keys see!

I was calling spammer a moron until I figured yahoo somehow not interested their paid customers getting spammed by a paid (I assume) account.

No, he is clever

[Wazoo]

No idea what your link ends up leading to .... I'm not about to follow it ... Again, what is requested is the Tracking URL of the parsed spam submittal. If what you tried to provide is a repeated (but fixed) "report ID" link .... please read the previously provided responses. 99.999% of any help you receive here is from folks that don't have access to that part of the system.

[louisd]

No idea what your link ends up leading to .... I'm not about to follow it ...  Again, what is requested is the Tracking URL of the parsed spam submittal.  If what you tried to provide is a repeated (but fixed) "report ID" link .... please read the previously provided responses.  99.999% of any help you receive here is from folks that don't have access to that part of the system.

26359[/snapback]

Here's the decoded tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

[DavidT]

No idea what your link ends up leading to .... I'm not about to follow it ... 

The URL is simply a "TinyURL" reduction of this Tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

Not sure why you couldn't follow the URL, Wazoo. The OP doesn't seem to know that he could have simply posted the long one here and that the forum software would take care of reducing and linking it.

In any case, it's clearly a garden-variety Nigerian scam, and although it appears to have been broadcast by a Yahoo.com user, the originating IP was in SAIX.net space, so the parsing system only offers to report there, rather than also send a copy to Yahoo. In a case like this, one can simply send a manual report (separately, outside of the system) to: mail-abuse <at> yahoo-inc.com

I think I can interpret the OP's confusion a bit...in the parsing shown at the Tracking URL above, you'll see this:

ISP does not wish to receive reports regarding http://info.mail.yahoo.com/mail_250 - no date available

I think that's what he means by "Yahoo rejects spamcop," but that's wrong. What's being "rejected" are reports about one of the auto sig URLs that appear at the bottom of emails sent by Yahoo users:

http://info.mail.yahoo.com/mail_250

with the link text: "Yahoo! Mail - Find what you need with new enhanced search."

That URL is not reportable because it's simply something that gets added to outgoing Yahoo email, and so of course Yahoo doesn't want reports about it.

So, I think the primary remaining question is why an additional report about the transmission of the Nigerian scam isn't being sent to Yahoo Abuse if the email seems to have been sent by a logged-in Yahoo user.

DT

[michaelanglo]

... snipped ...

So, I think the primary remaining question is why an additional report about the transmission of the Nigerian scam isn't being sent to Yahoo Abuse if the email seems to have been sent by a logged-in Yahoo user.

26363[/snapback]

SpamCop isn't set up to report an intermediate as well as a ultimate source except for special circumstances like relays and when specially set up at the require of an intermediate ISP.

I agree and have suggested from time to time that Webmail and other intermediates should be reported when recognised.

[Wazoo]

The URL is simply a "TinyURL" reduction of this Tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

Not sure why you couldn't follow the URL, Wazoo.

That the "TinyURL" is a shortened 'link' is known, but what the target URL actually ends up being is not known until the browser is sent down that path. The system I was using at the time .... http://secunia.com/mozilla_products_arbitr..._exposure_test/

I'll analyze blind links on only one system around here ....

[Ilgaz]

Thanks for explanation. I was thinking about canceling my post until I figured mail actually have sent over legit yahoo account (domain keys).

FYI, I am one of the mad subscribers that actually did ALL domain checks. I mean, "mailhosts" tests. I had to paste 5 or more mails but its fine.

I got feedback over this from yahoo:

___

Hello,

Thank you for writing to Yahoo! Mail.

In this particular case, we have taken appropriate action against the

Yahoo! account in question that was reported for fraudulent activities,

as per our Terms of Service (TOS). Please know that Yahoo! is unable to

disclose the action taken on another user's account with a third party.

We are not able to make exceptions to this rule.

___

So, the only question left is, what was the circumstances involved that Spamcop didn't figure its coming from legit yahoo account. Its certain that Nigerian spammer isn't too bright So, not speaking about very advanced tricks here.

[Ilgaz]

When replied, I saw the URL was broken so I thought URL's broken while posting, to save from more hassle , I clicked tinyurl button on my bookmarks.

I am not mad to abuse forum system with a paid spamcop mail linked forum account As I use Omniweb on OS X , I don't follow Mozilla scene too much, sorry for confusing.

That the "TinyURL" is a shortened 'link' is known, but what the target URL actually ends up being is not known until the browser is sent down that path.  The system I was using at the time .... http://secunia.com/mozilla_products_arbitr..._exposure_test/

I'll analyze blind links on only one system around here ....

26382[/snapback]