Jump to content
Sign in to follow this  
snaller

What about 'picture' spam?

Recommended Posts

Because he wanted feed back from people who care about this, instead of you who only give rude arrogant condescending self pitying comments. Therefore it will be posted there AGAIN - and if you remove it again i can only assume you are helping the spammers. Either offer something constructive or shut up.

Not sure what your problem is or where you get the facts to come up with your ideas, but ....

First it was moving your posts because you couldn't read/understand the Forum section descriptions ....

Now you want to play this kind of game ..... I really don't have time for this kind of lunacy .... it stops now.

Share this post


Link to post
Share on other sites
<snip>

Or does wazoo speak for them when he indicate he doesn't give a damn?

...Well, my, who died and made arrogant and ignorant you the god of this Forum?

...Wazoo, who does more to help SpamCop users in a day than any other five people I know about do in a year, speaks for himself. By coincidence, he also speaks for me. Especially when he writes:

Not sure what your problem is or where you get the facts to come up with your ideas, but ....

First it was moving your posts because you couldn't read/understand the Forum section descriptions ....

Now you want to play this kind of game ..... I really don't have time for this kind of lunacy .... it stops now.

Share this post


Link to post
Share on other sites
Btw picture spam i mean those emails where the normal body text of the mail is not advertisment, but ordinary text of some kind - could be a clip from a news story or a book, but where there is an attached picture of the add ("Buy viagra!" or whatever).

Since we can't include the picture in the report, they only get the "innocent" text.

Anybody know if spamcop is working on a way to store the pictures as well, so spam hunters can look up the text or something?

I'm having to go with the concept that you are somehow thinking that when you deal with a graphic in an e-mail, you are somehow thinking of an oil-covered piece of canvas. Yet, I have been trying to explain that e-mail doesn't offer this capability. As stated before, if one "reports correctly" then the forwarded e-mail will include the same data you received .. the "graphic" part would actually look something like;

------=_NextPart_000_0041_01C6A461.A3016B40
Content-Type: image/jpeg;
	name="Katie.jpg"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="Katie.jpg"

/9j/4R30RXhpZgAASUkqAAgAAAALAA4BAgALAAAAkgAAAA8BAgAGAAAAngAAABABAgAGAAAApAAA
ABIBAwABAAAAAQAAABoBBQABAAAAqgAAABsBBQABAAAAsgAAACgBAwABAAAAAgAAADEBAgAXA
AAAugAAADIBAgAUAAAA0
&lt;snipped&gt;

This is "the graphic" as actually 'seen' in the e-mail .. If your submittal doesn't include this, then there is an issue with your reporting process. As stated previously, if the recipient sees screen after screen of the 'text' depicted above or your 'pretty picture' depends on the (configuration of the) tools in use at their end.

Share this post


Link to post
Share on other sites

Umm, spamcop handles it EXACTLY the same as it handles any other email. It analyzes the headers, sends reports to the sending IP owners, and adds the IP address to the blocklist if necessary. The spamvertised website reporting is an after-though add-on to spamcop, and is not its primary focus. Spamcop is not concerned with the type or contents of the message, only the headers.

So if:

1. There is only a link to the website on the picture, that link will never get parsed - and that doesn't matter to you?

2. If the body text looks totally harmless, couldn't some admin think this wasn't a spam after all

The 'picture' spam is a way to get around those who block using spamvertized sites.

I'm afraid i don't know what you mean by "spamvertized" - the sites mentioned in the spam?

Official spamcop is focussed on providing a blocklist for IP addresses that are sending spam. If you are concerned about the spamvertizer aspect then you, the reporter, can find a way to decode it for the parser.

Takes too long - and surely it would again just be my word, how would an admin verify it.

(that's my interpretation of official spamcop comments over the years about spamvertized sites) Apparently there are applications that will do it for you without too much trouble. There is an interesting thread in the ng about this subject.

Some kind of optical character recognition. Oh, and what newsgroup is that?

Not sure what your problem is

I thought it was fairly clear you are the problem, in that you would rather annoy people and help them - nobody forces you to help, but then at least stop harassing.

First it was moving your posts because you couldn't read/understand the Forum section descriptions ....

Then it would behoove you to make those descriptions more clear.

Now you want to play this kind of game ..... I really don't have time for this kind of lunacy .... it stops now.

No, I don't want to play any kind of game - I want to be able to converse with other people without getting harassed, though i'm glad to hear you are stopping it.

...Well, my, who died and made arrogant and ignorant Wazoo the god of this Forum?

Fixed.

...Wazoo, who does more to help SpamCop users in a day than any other five people I know about do in a year, speaks for himself.

Well I have no idea what he does apart from the way he has behaved towards me which is very rude and a**h*#e arrogant, so that is how i treat him back. I don't care how nice Mother Theresa was, if she kicked a kitten that kitten would still consider her a jerk. If he stops behaving that way, i wont need to slap him back.

I'm having to go with the concept that you are somehow thinking that when you deal with a graphic in an e-mail, you are somehow thinking of an oil-covered piece of canvas.

No, its a bitmap which spamcop (not the website certainly) does not parse.

Yet, I have been trying to explain that e-mail doesn't offer this capability.

Spare me your condescending crap.

As stated before, if one "reports correctly" then the forwarded e-mail will include the same data you received .. the "graphic" part would actually look something like;

No. Eudora (and others) strips the attachment when the text is incomming, because it would be totally stupid to store mail locally as MIME encoding, since it takes up so much more space. The MIME encoding is removed the moment the email leaves the server.

SO NO, it does not look like that. Therefore what i and others get is the body text, and thent he decoded binaries are seperate on the machine.

Therefore there is no way, unless you start reconstructing (and hence making a fake) email for submission.

This is "the graphic" as actually 'seen' in the e-mail ..

It may be what's "seen" in the email in transit, but its not seen when it arrives here.

If your submittal doesn't include this, then there is an issue with your reporting process.

The submittal can't include this since there is no facility to include this, unless i started to reencode everything and then we are clearly into faking emails.

No sensible system would store everything as the original MIME encoding since it takes up a ton of space - the real issue is that Spamcop seems to think all end users systems are stuck in the dark ages.

Edited by snaller

Share this post


Link to post
Share on other sites
SO NO, it does not look like that. Therefore what i and others get is the body text, and thent he decoded binaries are seperate on the machine.

Therefore there is no way, unless you start reconstructing (and hence making a fake) email for submission.

It may be what's "seen" in the email in transit, but its not seen when it arrives here.

The submittal can't include this since there is no facility to include this, unless i started to reencode everything and then we are clearly into faking emails.

No sensible system would store everything as the original MIME encoding since it takes up a ton of space - the real issue is that Spamcop seems to think all end users systems are stuck in the dark ages.

One starts with working with the RFC standards. You are admitting to using a tool that was actually not functional for a while ... then the Outlook/Eudora work-around webform was offered up for those left out in the cold. So, you are admitting to using a tool that is non-compliant, submitting in a way that does not include the data you're complaining about, and yet .... it's SpamCop that's "broken" ... nice way of working through things.

With your displayed and continued attitude, the unnecessary use of profanity, and in general, non-helpful atmosphere you are attempting to set stage with, you are tempting the fates of some Admin action.

Share this post


Link to post
Share on other sites
1. There is only a link to the website on the picture, that link will never get parsed - and that doesn't matter to you?
The primary task of SpamCop is the identification and listing of the IP addresses of spam sources. There is a URL blocking service which sort of hangs off SpamCop but that is secondary. There has been much discussion of the relative worth of going after the links but SpamCop is not intended to do that directly. Many others agree with you (IIUC) that the spammers put so much effort into "protecting" their links that those links *have* to be worth going after and shutting down. Others don't care - they just want the SCBL fed and the spam *and* its included links filtered out of their information stream.
2. If the body text looks totally harmless, couldn't some admin think this wasn't a spam after all
Certainly, the intention is (one imagines) to make automated processing of content difficult, including content filtering. Which is why the SCBL is a *Good Idea*. It doesn't care about content.
I'm afraid i don't know what you mean by "spamvertized" - the sites mentioned in the spam?
Yes - advertized in spam.
Takes too long - and surely it would again just be my word, how would an admin verify it.
I'm sure the suggestion is that you feed it into the parser to obtain the reporting data for a manual report. You *must* cancel the SpamCop reports once you start altering the contents.
Some kind of optical character recognition. Oh, and what newsgroup is that?
Don't know off-hand - and if you can't be bothered looking nor can I. But I'm sure you were simply hoping someone might know off the top of their head. So, anyone, do "we" know? Edited by Farelf

Share this post


Link to post
Share on other sites

Reading through whole of this thread.... again (I will start to piss You off, don't read)... Maybe the time has come to change that philosophy about "spamvertized sites being secondary target of spamcop". Maybe it is time? Maybe? :blush:

lately I receive mostly spam with no reporting/abuse adress which can be counted seriously (devnulls and [at]hotmail.com or parked domains) All the links are hidden, hiden, hidden throught the (You call them) DNS games, poor configs etc. All the headers in message are full of tracking info, all over the place.... (spamcop does not clean them up... why?)... So - they don't give a prick if they are being cought as spam source... They do still care to NOT being cought spamvertising... one day they send mail through cnc-noc spamvertising scn.com.cn sites, the other day, vice-versa.

(secondary tought: what is up with tucows.com? half of spamvertized links (those that are picked up) are with them?)

Edited by karlisma

Share this post


Link to post
Share on other sites
Oh, and what newsgroup is that?

Don't know off-hand - and if you can't be bothered looking nor can I. But I'm sure you were simply hoping someone might know off the top of their head. So, anyone, do "we" know?

the spamcop newsgroup. dbiel has posted links somewhere. they are on the Help page on the spamcop website if you scroll far enough down.

Maybe the time has come to change that philosophy about "spamvertized sites being secondary target of spamcop". Maybe it is time? Maybe?

I doubt it. If there is an interest in making a list of spamvertized sites, then maybe it is time that someone else provide a simple way of finding them in 'picture' spam.

spamcop has a purpose - to provide server admins with a way to identify spam as it is spewing to either block or tag it. A secondary purpose is to notify the sending admin so that the spam can be stopped as soon as possible. spamcop does not have an interest in identifying spammers the way spamhaus does. If anything, now spamcop views spam as something that comes from incompetent or irresponsible admins' IP addresses (such as the server admin who doesn't mind that the computer housing his firewall spews spam since no legitimate email goes through it).

In the beginning, it was useful to identify the spamvertized site because the admin of the email server was often hosting the web sites (I hope I have the terminology right) and would inform the spamvertized site owner that spam was not a good idea. And, in that way, both hosting companies and site owners became educated so that almost all legitimate bulk emailers use best practices now. Now, however, spammers use all kinds of tricks to avoid being identified. There is little point in sending reports to them. And admins have become so savvy that the spammers have to use trojans and evade real email servers.

It is true that people do find that filtering on spamvertized sites works. However, that is not spamcop's main purpose to supply those lists. It is sort of like asking a bakery to carry a whole line of bags and boxes because they have them there to box the baked goods. Yes, they have bags and boxes, but they sell baked goods not bags and boxes. Or maybe it is like asking a salvage yard to do a better inventory on used parts. You can go to a salvage yard and they can point you to where the model car you want is and you can go out there and hunt around for a door handle or whatever and often get exactly what you want, but their main business is selling the scrap metal.

Miss Betsy

Share this post


Link to post
Share on other sites
the spamcop newsgroup. dbiel has posted links somewhere. they are on the Help page on the spamcop website if you scroll far enough down.

In addition to the Newsgroups link at the top of this page, the Newsgroups links in the Start Here - before you make your first Post linked page, the SpamCop FAQ here, the Portal page has links, on and on .....

Share this post


Link to post
Share on other sites
So, you are admitting to using a tool that is non-compliant,

No i am not - as explained modern email programs decode MIME attachment since:

1. a MIME encoded file takes up alot more disk space than the decoded result.

2. MIME is a measure for transmitting info, not for storing it on endusr systems.

Share this post


Link to post
Share on other sites
Don't know off-hand - and if you can't be bothered looking nor can I. But I'm sure you were simply hoping someone might know off the top of their head.

I was asking the person who knew - I was hoping other people would stay out and not launch personal attacks when they didn't know.

Share this post


Link to post
Share on other sites
<snip>

Well I have no idea what he does apart from the way he has behaved towards me which is very rude and a**h*#e arrogant,

<snip>

...Congratulations, you have made yourself the sixth of the thousands of participants who have made it to my "ignored users" list!

Share this post


Link to post
Share on other sites
Reading through whole of this thread.... again (I will start to piss You off, don't read)...

For a moment there i thought you were warning me, but i see you weren't - since i quite agree with you. You expressed my worry in a way that perhaps is sufficiently subservient manner ;)

Share this post


Link to post
Share on other sites
In addition to the Newsgroups link at the top of this page, the Newsgroups links in the Start Here - before you make your first Post linked page, the SpamCop FAQ here, the Portal page has links, on and on .....

In one has nothing else to to do but read this, I'm sure there are fascinating insights.

Share this post


Link to post
Share on other sites
...Congratulations, you have made yourself the sixth of the thousands of participants who have made it to my "ignored users" list!

So first you insult people and then you put them on ignore. Very mature.

Share this post


Link to post
Share on other sites

No. Eudora (and others) strips the attachment when the text is incomming

Most systems I have used do NOT strip the attachments. Eudora is the only one I have used that does. Most, that I have used, keep the message in tact and simply present them the best way possible, as expected by the RFC's. Even my Outlook/Exchange system at work gives the following:

------_=_NextPart_003_01C6B4E8.15B3E9A0

Content-Type: image/gif;

name="image001.gif"

Content-Transfer-Encoding: base64

Content-ID: <image001.gif[at]01C6B4F8.DB3CECD0>

Content-Description: image001.gif

Content-Location: image001.gif

R0lGODdhrQFOAocAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwMDcwKbK8EAgAGAgAIAgAKAgAMAg

AOAgAABAACBAAEBAAGBAAIBAAKBAAMBAAOBAAABgACBgAEBgAGBgAIBgAKBgAMBgAOBgAACAACCA

...

I just got a fresh one of these so I thought I would share the TrackingURL. This was submitted via email (forward as attachment) from Outlook 2003.

http://www.spamcop.net/sc?id=z1017497978zd...3ef37a057ccf57z The picture contains URL's, but they are not links. If you click on them, nothing happens because you are clicking on a picture.

The size is one of the largest complaints against graphical emails, it does take up much more space than is necessary, which is why I tend to set my default sending mode to Plain Text only unless I need to additional functionality. Another advantage is that it will generally look the same on the other ond of the connection.

Share this post


Link to post
Share on other sites

1. There is only a link to the website on the picture, that link will never get parsed - and that doesn't matter to you?

2. If the body text looks totally harmless, couldn't some admin think this wasn't a spam after all

There are simply too many existing references, definitions, descriptions of "Manual Reporting" within this Forum structure to take this as much beyond the rant mode in continuation.

I'm afraid i don't know what you mean by "spamvertized" - the sites mentioned in the spam?

The Glossary here has an entry available SpamvertizedURL .. jump on in and "make this entry understandable" ....

Oh, and what newsgroup is that?

Unbelievable .. you ask a question, Miss Betsy offers a Reply, I expand on her Reply, and you choose to make remarks about non-helpful replies, responses, alleged personal attacks ....????

No. Eudora (and others) strips the attachment when the text is incomming, because it would be totally stupid to store mail locally as MIME encoding, since it takes up so much more space. The MIME encoding is removed the moment the email leaves the server.

Yes, it is known how (various versions of) Eudora works. As previously stated, there is a "work-around" offered up via the web-based submittal page to try to work-around those issues. You're happy with the way your tool works, but that tool is not the best tool available to use with the SpamCop.net Parsing and Reporting toolset .... how you interpret this "fact" as being part of a "personal attack" is beyond me.

SO NO, it does not look like that. Therefore what i and others get is the body text, and thent he decoded binaries are seperate on the machine.

Therefore there is no way, unless you start reconstructing (and hence making a fake) email for submission.

It may be what's "seen" in the email in transit, but its not seen when it arrives here.

The submittal can't include this since there is no facility to include this, unless i started to reencode everything and then we are clearly into faking emails.

See previous dialog about the 'need' for a 'work-around' process to deal with the inadequacies of using this tool in your reporting process.

No i am not - as explained modern email programs decode MIME attachment since:

1. a MIME encoded file takes up alot more disk space than the decoded result.

2. MIME is a measure for transmitting info, not for storing it on endusr systems.

Again, you are hyping a "feature" of the tool you've chosen to use. Thus far discussed has been why this 'feature' screws up the parsing and reporting process, crap embedded in a graphic just a specific point of the larger issue.

I was asking the person who knew - I was hoping other people would stay out and not launch personal attacks when they didn't know.

The fact that you're not getting the answers you desire doesn't mean that others "don't know" .... and again, discussing facts, providing data os a far cry from "personal attacks" ...

In one has nothing else to to do but read this, I'm sure there are fascinating insights.

As stated above .. you are the one that asked "what newsgroup?" ..... That links to "the newsgroups" have been provided in multiple places long before you asked the questions seems to be a strange thing to hang your "personal attack" and "non-helpful" accusations yet again ....

It is noted that the Moderation of your posts has yet to slow you down or get your attention ... adding to the workload of the Moderators was not the point of that action ..... the next step will be a suspension of your account. Please change your rhetoric before an outright ban is 'required' ....

Share this post


Link to post
Share on other sites
Most systems I have used do NOT strip the attachments.

Interesting - if i find the time prehaps i should check what the current state is.

Eudora is the only one I have used that does. Most, that I have used, keep the message in tact and simply present them the best way possible, as expected by the RFC's.

Are you saying there are some RFC (Request For Comments) which dictates how a mail program must store its datafiles on the endusers harddrive???? I thought they only convered the format of mail being transmitted to other computers...

Which RFCs would that be?

Share this post


Link to post
Share on other sites
Unbelievable .. you ask a question, Miss Betsy offers a Reply, I expand on her Reply, and you choose to make remarks about non-helpful replies, responses, alleged personal attacks ....????

You attacked me and I refuse to be talked to hin that matter. And sorry, I wasn't aware that one has to comment everything - thanks Miss Betsy, and indeed thanks for being friendly and not unplesant.

Yes, it is known how (various versions of) Eudora works. As previously stated, there is a "work-around" offered up via the web-based submittal page to try to work-around those issues. You're happy with the way your tool works, but that tool is not the best tool available to use with the SpamCop.net Parsing and Reporting toolset ....

Last time i checked, which is admittedly several years, there were many other programs which did the same.

how you interpret this "fact" as being part of a "personal attack" is beyond me.

That's because you are not honest in your evaulation of what you did, statements of facts a are fine - a condescending tone is provocative.

For instance:

Again, you are hyping a "feature" of the tool you've chosen to use.

Putting quotes around feature is arrogance on your part, you put yourself us as God and you only know what is right and everybody else in the world is wrong.

As stated above .. you are the one that asked "what newsgroup?" ..... That links to "the newsgroups" have been provided in multiple places long before you asked the questions seems to be a strange thing to hang your "personal attack" and "non-helpful" accusations yet again ....

Any subject can be an attack, or it can be neutral, it depends on what people say and indeed as you write below the "rhetoric" they choose.

It is noted that the Moderation of your posts has yet to slow you down or get your attention

I noticed it, but I wasn't aware it was supposed to slow me down, I thought it was simply a censorship function.

... the next step will be a suspension of your account. Please change your rhetoric before an outright ban is 'required' ....

Well, I guess that is comming then if others persist in sniping and then pretending they have done nothing wrong. Its sweets for the sweet, but also measure for measure from me.

Share this post


Link to post
Share on other sites
I was asking the person who knew - I was hoping other people would stay out and not launch personal attacks when they didn't know.
Wow - you really do have an attitude problem, don't you? Selective quotation (the bit that followed where you chose to snip), ignoring all the preceding attempts to assist. And we are on the same "side" - can only imagine the carnage you wreak in the ranks of spamdom. :D

Share this post


Link to post
Share on other sites
Wow - you really do have an attitude problem, don't you?

No, you have a problem with my stating of the facts:

"I was asking the person who knew - I was hoping other people would stay out and not launch personal attacks when they didn't know."

Selective quotation (the bit that followed where you chose to snip), ignoring all the preceding attempts to assist.

No. Its not selecting quoting, its relevant quoting, i asked "..and what newsgroup is that?" and you replied "Don't know off-hand - and if you can't be bothered looking nor can I."

That's hardly helping or assisting - and where you might have chosen not to write anything. That you may have answered other things is not relevant for this question.

And we are on the same "side" - can only imagine the carnage you wreak in the ranks of spamdom. :D

If only, but they are hard to find...

Share this post


Link to post
Share on other sites

I 'approved' your last three posts, but I'm done with playing your game. You want to ask a question, take the replies as they come. Other than that, you are going to be 'out of here' ... Please take your sorry attitude elsewhere .. this Forum is based on folks wanting help .. this pi$$ing and moaning about your strangely perceived attacks are done now. Make another posting of this type, you're gone.

Share this post


Link to post
Share on other sites

On the other hand it probably was a little mean-spirited of me to deal so archly with a person who needed very badly to be informed.

Share this post


Link to post
Share on other sites
I 'approved' your last three posts, but I'm done with playing your game.

That's your problem right there, calling it a "game"

You want to ask a question, take the replies as they come.

Ditto.

Other than that, you are going to be 'out of here' ... Please take your sorry attitude elsewhere .. this Forum is based on folks wanting help .. this pi$$ing and moaning about your strangely perceived attacks are done now.

Are you really so badly brought up you don't realise you were just extremely rude just you?

Make another posting of this type, you're gone.

In that case let me say that even though you are apparently old, you should still grow the fu** up and stop being rude to people - especially if you can't handle it comeing right back at you.

Idiot.

Share this post


Link to post
Share on other sites

Whenever I copy and paste the content of one of these "buy this great stock..." spams to the spamcop reporting screen I only get the gibberish text that is at the bottom of the graphic/stock ad. Is there a way to report the text in the image promoting the stock also? In the past I've tried forwarding the e-mail as an attachment to the abuse address of the offending ISP, to maintain the entire content of the spam, but attachments usually aren't accepted.

P.S. I already looked through past posts for an answer with no luck.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×