Jump to content
Sign in to follow this  
rdorsch

Don't generate abuse message against reporter

Recommended Posts

This topic was discussed already on 

and Lking proposed to open a feature request here.

 

The issue is:

  • I received spam and reported it to spamcop:
    Submitted: 14.5.2020, 17:40:25 +0200: 
    =?UTF-8?B?6L+Q6YCB5bu66K6uIDMwLzUvMjAyMA==?=
    7058512602 ( http://www.bokomoko.de/ ) To: abuse@netcup.de
    7058512598 ( 185.222.58.117 ) To: complain@rootlayer.net
  • Apparently, the (Chinese?) spam contained my own domain: www.bokomoko.de
    image.thumb.png.ab9ef14bc41c15c157167bb5a26c071b.png
  • Unfortunately, I did not notice this in the generated report and confirmed that.

Since I received in the past days multiple of these emails and I deselected my own domain (except on the first spam I received), I suggest that spamcop handles this situation better. As an immediate measure, my wife suggested to stop reporting spam to spamcop, if that has the risk that our email server gets shutdown in the middle of Corona home schooling.

Feature request is:

  • Spamcop should support per reporter whitelists for domains which should never be reported to spamcop
  • If the effort for this is too high: Never generate abuse reports for the domains referenced in the body of the spam mail, if the match the spam destination domain 
  • If the effort for this is too high: Make the default to not generate abuse reports for domains referenced in the body of the spam email to reduce false positives 

If there is further information I can provide, please let me know.

Share this post


Link to post
Share on other sites

Hello rdorsch,

I am certain you are not the first one to report his own domain, and probably won't be the last.

there is a reason why spamcop "kind-of" suggests not to report linked websites in the spam body, as spammers inject addresses of several "innocent" websites/domains, and you were the unfortunate recipient of such a spam.

also, links in spams are not "counted" as spam origins and thus not blocked (AFAICR) but that does not necessarily mean that if the domain's upstream IP listed abuse desk receives a "complaint"/report that they won't act upon it.

currently I see that the abuse desk is "/dev/nul"ed reports are disabled for contabo punkt DE which means that the link will not be sent to the abuse desk in case you forget to uncheck the box ;)

Ich hoffe dies hilft!

Gruss aus den Staaten nach Deutschland

Share this post


Link to post
Share on other sites

I've run into this as well, so I have a ScriptMonkey scri_pt that gives me an alert to scrutinise carefully if my email or hosting providers are one of the recipients

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×