Jump to content
Sign in to follow this  
Ilgaz

I hope this is tempeoary (Yahoo!)

Recommended Posts

Hi,

I got 3 spams at Yahoo in 2 days. They were actually very easy to catch, the old Nigerian story you know.

What makes it important? I paid (don't ask!) to Yahoo plus months ago. So I have my very own bayesian (spamguard plus) added to that huge yahoo database which non paid customers use.

Something goes on in Yahoo. Today I receieved another obvious spam and reported to spamcop.

Resulted in interesting way so I sent this via feedback form. As a user of them since '95, I really know the result I will get so, flaming before I get one of those stupid templates ;)

I have 2 points. First is, Yahoo rejects spamcop (for now I hope) and I am glad I purchased spamcop mail.

Anyone knows if there was a coup or something in Y! hq? :)

ps: Copying to abuse[at]yahoo.com (that custom thing) is rejected too!

____

Hi,

May I ask why this report gets REJECTED by Yahoo

abuse system? Did I pay you for this?

http://mailsc.spamcop.net/mcgi?

action=gettrack&reportid=1397587736

If you send me a template, you will live

consequences for it including awareness of my

internal high level yahoo contacts.

Share this post


Link to post
Share on other sites

The "report ID" limits the details to only those with access to that data .. and those folks don't spend a lot of time here. The Tracking URL is the needed item if you want more eyes to see what's going on. I've not heard of an outright block, so I'm going to have to ask what the real message was. I can't even guess what you mean by "the custom thing" .... maybe the internal address used by agreement between SpamCop and Yahoo abuse folks/staff?

Share this post


Link to post
Share on other sites
May I ask why this report gets REJECTED by Yahoo

abuse system? Did I pay you for this?

http://mailsc.spamcop.net/mcgi?

action=gettrack&reportid=1397587736

Your URL is specific to those of us with SC email accounts, however, it is malformed (you "wrapped" the line, breaking the URL), but even when I unwrap and fix it, I can't view the report it links to, because I get this error:

Sorry, you are not authorized to view this message.

What you should have done was to have grabbed the actual Tracking URL which appears at the top of the screen while you are in the process of reporting, but before you hit Submit.

DT

Share this post


Link to post
Share on other sites

ok, here is non breaking URL http://tinyurl.com/6wvmk ;)

Very amazed that:

1) Yahoo somehow, at some point REJECTED spamcop

2) The so called "customer service" does not even reply

3) That freak spammer actually used a Yahoo account. It has domain keys see!

I was calling spammer a moron until I figured yahoo somehow not interested their paid customers getting spammed by a paid (I assume) account.

No, he is clever

Edited by Ilgaz

Share this post


Link to post
Share on other sites

No idea what your link ends up leading to .... I'm not about to follow it ... Again, what is requested is the Tracking URL of the parsed spam submittal. If what you tried to provide is a repeated (but fixed) "report ID" link .... please read the previously provided responses. 99.999% of any help you receive here is from folks that don't have access to that part of the system.

Share this post


Link to post
Share on other sites
No idea what your link ends up leading to .... I'm not about to follow it ...  Again, what is requested is the Tracking URL of the parsed spam submittal.  If what you tried to provide is a repeated (but fixed) "report ID" link .... please read the previously provided responses.  99.999% of any help you receive here is from folks that don't have access to that part of the system.

26359[/snapback]

Here's the decoded tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

Share this post


Link to post
Share on other sites
No idea what your link ends up leading to .... I'm not about to follow it ... 

The URL is simply a "TinyURL" reduction of this Tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

Not sure why you couldn't follow the URL, Wazoo. The OP doesn't seem to know that he could have simply posted the long one here and that the forum software would take care of reducing and linking it.

In any case, it's clearly a garden-variety Nigerian scam, and although it appears to have been broadcast by a Yahoo.com user, the originating IP was in SAIX.net space, so the parsing system only offers to report there, rather than also send a copy to Yahoo. In a case like this, one can simply send a manual report (separately, outside of the system) to: mail-abuse <at> yahoo-inc.com

I think I can interpret the OP's confusion a bit...in the parsing shown at the Tracking URL above, you'll see this:

ISP does not wish to receive reports regarding http://info.mail.yahoo.com/mail_250 - no date available

I think that's what he means by "Yahoo rejects spamcop," but that's wrong. What's being "rejected" are reports about one of the auto sig URLs that appear at the bottom of emails sent by Yahoo users:

http://info.mail.yahoo.com/mail_250

with the link text: "Yahoo! Mail - Find what you need with new enhanced search."

That URL is not reportable because it's simply something that gets added to outgoing Yahoo email, and so of course Yahoo doesn't want reports about it.

So, I think the primary remaining question is why an additional report about the transmission of the Nigerian scam isn't being sent to Yahoo Abuse if the email seems to have been sent by a logged-in Yahoo user.

DT

Share this post


Link to post
Share on other sites
... snipped ...

So, I think the primary remaining question is why an additional report about the transmission of the Nigerian scam isn't being sent to Yahoo Abuse if the email seems to have been sent by a logged-in Yahoo user.

26363[/snapback]

SpamCop isn't set up to report an intermediate as well as a ultimate source except for special circumstances like relays and when specially set up at the require of an intermediate ISP.

I agree and have suggested from time to time that Webmail and other intermediates should be reported when recognised.

Share this post


Link to post
Share on other sites
The URL is simply a "TinyURL" reduction of this Tracking URL:

http://www.spamcop.net/sc?id=z749971192zba...be59f19ebcf5e0z

Not sure why you couldn't follow the URL, Wazoo.

That the "TinyURL" is a shortened 'link' is known, but what the target URL actually ends up being is not known until the browser is sent down that path. The system I was using at the time .... http://secunia.com/mozilla_products_arbitr..._exposure_test/

I'll analyze blind links on only one system around here ....

Share this post


Link to post
Share on other sites

Thanks for explanation. I was thinking about canceling my post until I figured mail actually have sent over legit yahoo account (domain keys).

FYI, I am one of the mad subscribers that actually did ALL domain checks. I mean, "mailhosts" tests. I had to paste 5 or more mails but its fine.

I got feedback over this from yahoo:

___

Hello,

Thank you for writing to Yahoo! Mail.

In this particular case, we have taken appropriate action against the

Yahoo! account in question that was reported for fraudulent activities,

as per our Terms of Service (TOS). Please know that Yahoo! is unable to

disclose the action taken on another user's account with a third party.

We are not able to make exceptions to this rule.

___

So, the only question left is, what was the circumstances involved that Spamcop didn't figure its coming from legit yahoo account. Its certain that Nigerian spammer isn't too bright :) So, not speaking about very advanced tricks here.

Edited by Ilgaz

Share this post


Link to post
Share on other sites

When replied, I saw the URL was broken so I thought URL's broken while posting, to save from more hassle , I clicked tinyurl button on my bookmarks.

I am not mad to abuse forum system with a paid spamcop mail linked forum account :) As I use Omniweb on OS X , I don't follow Mozilla scene too much, sorry for confusing.

That the "TinyURL" is a shortened 'link' is known, but what the target URL actually ends up being is not known until the browser is sent down that path.  The system I was using at the time .... http://secunia.com/mozilla_products_arbitr..._exposure_test/

I'll analyze blind links on only one system around here ....

26382[/snapback]

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×