Jump to content
mrpHil

Getting a lot of 'nothing to do' when trying to report

Recommended Posts

Recently I have been getting a lot of UCE that when I cut-n-paste the original message into the reporting web UI just returns a 'nothing to do'

 

Example of recent original below. I bolded the part that looks like it should be sending a report.

 

https://www.spamcop.net/sc?id=z6572443596z451dd1d5510142e9b441eb428a9fcceez

 

Moderator~~ Sorry I missed this before.  I started to just mung the poster's email.  Then I started on all the other emails and links.  Spammers do crawl through this forum (who would have though?) an search engines do base ranking on number of links, among other things and we would not want to  help them out.

This is why a Tracking URL is the preferred way to reference received spam

Share this post


Link to post
Share on other sites
3 hours ago, mrpHil said:

Recently I have been getting a lot of UCE that when I cut-n-paste the original message into the reporting web UI just returns a 'nothing to do'

Works here. Please edit and replace your email address with a X spammer have BOT's that scrape for email addresses.
https://www.spamcop.net/sc?id=z6572443596z451dd1d5510142e9b441eb428a9fcceez

Share this post


Link to post
Share on other sites

So I am dropping these into the web UI not forwarding them via e-mail.  So not sure what you mean by 'replace your e-mail address'.

Thanks for the help

Share this post


Link to post
Share on other sites
2 hours ago, mrpHil said:

So not sure what you mean by 'replace your e-mail address'.

I think he is asking you to replace your email address' in your original forum post above with the letter X.  You have delyani [at] gmail [dot] com strewn all over in the source of the email that you copy an pasted in the post.  I counted at least 10 references to your email.  BOTS will scrape this forum looking for email addresses and you could end up receiving more spam .

Edited: It's also recommended or a good practice to not dump the source headers and body of the spam email in your post on the forums. Most of the helpful folks on here just want to see the "tracking url" where they can see the source email in its entirety. Use Petzl's reply post as an example. He posted the Tracking URL.

Edited by nhraj700

Share this post


Link to post
Share on other sites

Good point...thanks

 

But I don't get an edit button for that comment

Edited by mrpHil

Share this post


Link to post
Share on other sites
21 minutes ago, mrpHil said:

But I don't get an edit button for that comment

There might only be a two hour window to allow an edit to the post from what I found in another posted question on this website.  It now might require an admin to edit your post.

Share this post


Link to post
Share on other sites
2 hours ago, nhraj700 said:

There might only be a two hour window to allow an edit to the post from what I found in another posted question on this website.

That edit button could also be based on either time signed up or amount of posts.  I have the edit button for some posts of mine in this forum going back to before June 8th.  I suspect a forum admin might be able to do it if you no longer have edit access when you are logged in.

Share this post


Link to post
Share on other sites

Sorry I missed this before.  I started to just mung the poster's email.  Then I started on all the other emails and links.  Spammers do crawl through this forum (who would have though?) an search engines do base ranking on number of links, among other things and we would not want to  help them out.

This is why a Tracking URL is the preferred way to reference received spam

Share this post


Link to post
Share on other sites

Thank you for taking care of that

I'm still getting a lot of reported UCE with nothing to do returned when submitted in the webUI

Share this post


Link to post
Share on other sites
2 hours ago, mrpHil said:

'm still getting a lot of reported UCE with nothing to do returned when submitted in the webUI

a current Tracking URL would be informative.

Share this post


Link to post
Share on other sites
Quote
Report spam to:

Re: 3.17.226.54 (Bounce)
To: abuse#amazonaws.com@devnull.spamcop.net (Notes)

You might try again.  There is a "Nothing to do" at the bottom, but when I login and look at the Tracking URL,  I see the above. It does devnull because of other messages to abuse{AT} have bounced.

Share this post


Link to post
Share on other sites

I wonder if this has something to do with mailhosts.  It almost seems the parser might be dying on this line:

Received:  from singlehosti.com (singlehosti.com. 216.244.76.116)

Does it change if you remove only that one line?

Share this post


Link to post
Share on other sites
7 hours ago, mrpHil said:

works for me?
54.245.58.76 : abuseXamazonawsXcom
amazon "abuse" refuse to take SpamCop abuse reports and don't seem to act on reports sent to them
Gmail always have them sorted to their spam folder,
Easy from their web mail to "open original" they tell you the source
SPF:    NEUTRAL with IP  35.161.175.37
Just Select Forward to abuseXamazonawsXcom (have it in your Gmail address book)
copy & paste "IP  35.161.175.37" into body of forwarded message push enter
copy original to clipboard  then paste into body then click send

Report spam as phishing then delete

Edited by petzl

Share this post


Link to post
Share on other sites
1 hour ago, mrpHil said:

It has been almost a week and here's another one

https://www.spamcop.net/sc?id=z6576958476ze4833e750c6875584190cb7a3360f1baz

SpamCop is not recording IP source: 3.225.164.112: as spam source?
Works for me though?
https://www.spamcop.net/sc?id=z6576968740z4efc2f268a1201ccf6eea4e5b6be0785z

Use Gmail Webmail to log it as "phishing" spam
Gmail don't advertise but block domains if enough report them as "phishing"
Would be a Amazon problem when they cannot contact paying Amazon buyers.

Edited by petzl

Share this post


Link to post
Share on other sites
5 hours ago, mrpHil said:

SpamCop should be putting the IP in statistics is not sending reports to "Devnull"?
Reports disabled for abuseXamazonawsXcom
You need to consider in Gmail mark as Phishing Then forward headers and text body to 
stop-spoofingXamazon.com abuseXamazonaws.com, abuseXamazon.com, ec2-abuseXamazon.com, ipmanagementXamazon.com phishing-reportXus-cert.gov

 

Notes at top
Criminal phishing, bogus reply address, bogus unsubscribe, DDoS
IP address

Full headers text body

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×