whatthe Posted October 27, 2005 Share Posted October 27, 2005 Yesterday (Wednesday October 26) I started receiving spam which caused the Spamcop user interface to barf in one of three random ways: timeout, error code (which I saw yesterday but not today), and: ----- No data / Too much data You are most likely submitting a very large email. Please trim some of the unnecessary data (noting where this has been done) from this posting and try again. SpamCop will no longer accept email larger than 50.0K bytes. Other possibilities: You may have a firewall which prevents HTTP POST commands, you may have linked to the wrong URL or your browser does not handle binary submissions correctly (try a different browser) ----- But the problem is actually the copyright© character. When I replace the characters (there are 2 in these spams), the spam is accepted. Occurs with both Firefox and Explorer. Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 Not enough data, apparently .... I grabbed an e-mail, copied your line from this post with the copyright symbol displayed, added that to the e-mail body, parsed it with no probem ... twiddles with Cintext-Type: lines, added in an HTML section, wrote up HTML code to add in the copyright code, parsed again, no problem ... so, stuck with not being able to duplicate your issue ... Remarks about "other" errors ... attributable to the Parsing & Reporting systems being down a couple of times yesterday? Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 I just took a random email, copypasted the copyright character from the discussion board post into the middle of the body text, submitted it, and Spamcop barfed. It took the character out, resubmitted it, and it was accepted. I cannot imagine how this could fail for me and not anyone else. Unless...is it possible for a firewall to filter out only post data containing certain characters? Link to comment Share on other sites More sharing options...
StevenUnderwood Posted October 27, 2005 Share Posted October 27, 2005 I just took a random email, copypasted the copyright character from the discussion board post into the middle of the body text, submitted it, and Spamcop barfed. It took the character out, resubmitted it, and it was accepted. I cannot imagine how this could fail for me and not anyone else. 34953[/snapback] Please provive a tracking URL, or are you not getting that far? Can you submit via email which will generate the Tracking URL? I have also sent a test copying your © character into an appropriate place. Will return with results. http://www.spamcop.net/sc?id=z820388434z2d...7751fe035257f5z Actually, just noticed that their text actually includes the © character already at the bottom. The one toward the top I pasted in myself. (and those [iMAGE] tags are the way Lotus Notes extracts the message for submittal). Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 With the character, I never get to the tracking stage. ... I just tried the email submission. It said "error, couldn't parse head" but it seemed to accept it ok. http://www.spamcop.net/sc?id=z820416950z2e...115a9cf2706590z (other report IDs & URLs deleted) Link to comment Share on other sites More sharing options...
Jeff G. Posted October 27, 2005 Share Posted October 27, 2005 I just had no problem resubmitting StevenUnderwood's sample via both Firefox 1.0.7 and IE 6.0.2800.1106, Win200Pro, RoadRunner cablemodem, mailsc.spamcop.net, and either 205.188.221.39 or 205.188.221.40 (both in an AOL Time Warner netblock). Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 I don't see the need for sll the offered Report-IDs ..???? On the off-chance that someone with a paid-account type can do something with them, I'll delete this post, but if I'm correct, I'll request a bit of editing on that post to remove the non-usable data ....???? And noting that the items offered/identified as Tracking URLs are not .... only the "e-mail submission" turns out to be a 'real' Tracking URL .... That entry had issues trying to parse the "headers" due to word-wrap issues ... I see nothing there that would have anything to do with the copyright character .... Line/word-wrap issues with "your" sample "fixed" .... successful parse (with copyright symbol included) seen at http://www.spamcop.net/sc?id=z820412604z18...8d2e4e6421cbb9z Turns out I still had a window opened wih the only Tracking URL actually provided ... and due to the confusion seen in later posts here, I re-parsed what I still had here ... the "new" Tracking URL based on the sample spam-submittal can be seen at http://www.spamcop.net/sc?id=z820421593z70...8d2da46232114ez ... such that the "differences" can now be seen ... Before closing that window, the user provided "e-mail submittal" Tracking URL was http://www.spamcop.net/sc?id=z820393352z1d...10ecbc5c76480az Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 Ok, my report IDs and URLs are deleted. Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 Ok, my report IDs and URLs are deleted. 34972[/snapback] Well, thanks, but thanks the Gods I was already working with the data found in the only Tracking URL that you actually did provide .... else we'd still be totally lost ... see my previous/edited post. For the education and research of others involved, might you actually re-add in your "e-mail submission" Tracking URL, such that there is something to compare the before/after differences that had my "fixed" item fly ..???? Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 Ok, how's that? It's a different URL; I resubmitted it because the original still contained some personally identifying info. Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 That entry had issues trying to parse the "headers" due to word-wrap issues ... Are you refering to the two lines that wrapped an IP address to a new line? Those lines were not wrapped either in the forwarded submission or the online submission. The wrapping is happening after submission. Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 Edited my previous 'edited' post to include the re-parse of what was found during the analysis of your provided-then-deleted Tracking URL ..... you can see the differences by comparing both of my listed Tracking URLs ... Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 So, nobody can see the original message? I wasn't aware of that, that's why I made it safe to view and resubmitted it. I am confused about what is safe and what is not safe. Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 So, nobody can see the original message? I wasn't aware of that, that's why I made it safe to view and resubmitted it. I am confused about what is safe and what is not safe. 34983[/snapback] Killed a lot of time trying to figure out what you're saying/asking .... I've come to the realization that what you are saying is that I've been jacking around trying to work your issue, but the sample spam you provided has been edited (assumedly thus causing the line/word wrap issues that I had to "fix") .... not happy ... Once again, your original has yet to be demonstrated from "here" ... using my manufactured spam, using what you provided as a sample, .... a this point, don't have a clue what you are actually doing ... so let me go back to the beginning and point out the [How to] post a question thing and ask you to start over .. describe your process, tools, etc. Obviously, just IE / FireFox isn't descriptive enough. Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 Killed a lot of time trying to figure out what you're saying/asking .... I've come to the relaization that what you are saying is that I've been jacking around trying to work your issue, but the smaple spam you provided has been edited (assumedly thus causing the line/word wrap issues that I had to "fix") .... not happy ... Once again, your original hs yet to be demonstrated from "here" ... using my manfactured spam, using what you provided as a sample, .... a trhi spoint, don't have a clue what you are actually doing ... so let me go back to the beginning and point out the [How to] post a question thing and ask ou to start over .. describe your process, tools, etc. Obviously, just IE / FireFox isn't descriptive enough. 34986[/snapback] Please do not accuse me of creating the problem I am asking about. I may be stupid but I am not *that* stupid. Here is what I do. Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 on Windows 2000 5.00.2195 SP 4 on Pentium 4 2 GHz 1 GB RAM. I get a spam. I enter my email service provider's "raw" view mode. I copy all. I go to the SpamCop window. I paste. I delete certain header lines begining X- because SpamCop does not remove the personally identifiable information from them. I do not touch any other lines, and I do not make any mistakes accidentally affecting any other lines. And I hit Process spam. The vast majority of the time it works flawlessly. With the spam I started receiving two days ago with the copyright character, the submission behavior is as described. I posted some data and URLs here, but inadvertently forgot to delete one X-... header line with personal info. You commented that it was dangerous, and fearing someone could see it, I removed the links. You lamented the loss of the link, so I generated a new one without the dangerous X-... header line. If you still feel you have wasted your time, I apologize and give up. Link to comment Share on other sites More sharing options...
Jeff G. Posted October 27, 2005 Share Posted October 27, 2005 Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.634989[/snapback] You should really upgrade to Mozilla 1.7.12 or Firefox 1.0.7 due to security issues. Link to comment Share on other sites More sharing options...
turetzsr Posted October 27, 2005 Share Posted October 27, 2005 Please do not accuse me of creating the problem I am asking about. I may be stupid but I am not *that* stupid.34989[/snapback] ...Please do not accuse people who are trying to help you and based on an incomplete understanding of what you did (since you did not provide sufficient information; understandable in an initial post here but by this point in the dialog resulting in undertandable frustration) have to come back with additional questions.Here is what I do. <snip> I get a spam. I enter my email service provider's "raw" view mode. I copy all. I go to the SpamCop window. I paste. I delete certain header lines begining X- because SpamCop does not remove the personally identifiable information from them. 34989[/snapback] ...Warning!! This may cause you to be in violation of the SpamCop Rules (see Rules - everybody read! (recent changes made ... you may need to re-look) and cause you to be subject to cancellation of reporting privileges (although I hope not; seems to me this action is reasonable). Link to comment Share on other sites More sharing options...
Wazoo Posted October 27, 2005 Share Posted October 27, 2005 Please do not accuse me of creating the problem I am asking about. I may be stupid but I am not *that* stupid. I don't think I'll ever understand the problem with the concept .. if you make me make assumptions, then we are both wrong. Where the he&* one sees any accusations made is beyond me. I already went with assuming that I was working with something that was not "manually modified, edited, changed, screwed with" prio to the parser submittal time .. of course, that also left me wondering where the line-wrap issues came into being, byt went with the remarks about editing on the copyright character, but that didn't make sense, because the copyright character was in this submittal,, but ..... heck with all that, just do the analysis on the alleged "won't parse" complaint ... again, tried a number of things with no duplicatinon of an error (once the spam was "fixed") Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6 on Windows 2000 5.00.2195 SP 4 on Pentium 4 2 GHz 1 GB RAM. As it turns out, the "critical" data is still missing. I get a spam. I enter my email service provider's "raw" view mode. I copy all. I go to the SpamCop window. I paste. Please see http://forum.spamcop.net/forums/index.php?showtopic=5087 for the last time this exercise was gone through, with the issue being the "un-named web-mail application" .... Please also note how long it took to "get there" .... I delete certain header lines begining X- because SpamCop does not remove the personally identifiable information from them. I do not touch any other lines, and I do not make any mistakes accidentally affecting any other lines. And I hit Process spam. The vast majority of the time it works flawlessly. With the spam I started receiving two days ago with the copyright character, the submission behavior is as described. I posted some data and URLs here, but inadvertently forgot to delete one X-... header line with personal info. Did I accuse you of making mistakes? I asked that you define the process you are using .. which led to the comments and connections pointed out in the above. I can't even say it's the same issue, once again, missing data ... but the results (bad word/line wraps are indcitve of something probably in common) You commented that it was dangerous, and fearing someone could see it, I removed the links. You lamented the loss of the link, so I generated a new one without the dangerous X-... "Dangerous? In this discussion? I'm missing something ... I asked/commented on the extensive list of Report-ID's you posted. As noted in Getting a Tracking URL from a Report ID ... Please note that the Report ID numbers are keyed to your reporting account, such that someone else's Report ID numbers are pretty much useless to you for discussing the actions of the SpamCop Parsing and Reporting Service. Then I went on to state that the items you identified as "Tracking URLs" were not .... Tracking URL .. on and on ... but I don't see "dangerous" in there ... If you still feel you have wasted your time, I apologize and give up. 34989[/snapback] Time wasted thus far is my fault, again, I made assumptions to fill in the missing data in your query ... I screwed up. To make amends, I will allow you to submit one of these "copyright" spams without any editing done on your part .. and I will patiently wait for your verification that your complaint is actually valid ... then of course, I'll want to see that Tracking URL, because that's the only way that I'm going to be able to see what's really going on ... Link to comment Share on other sites More sharing options...
whatthe Posted October 27, 2005 Author Share Posted October 27, 2005 Please see http://forum.spamcop.net/forums/index.php?showtopic=5087 for the last time this exercise was gone through, with the issue being the "un-named web-mail application" .... Please also note how long it took to "get there" .... Thanks for the info. Apparently I did waste your time with email submission header parsing. Sorry. My ESP wraps text sent from the Web interface. No way to turn it off, no way to attach unencoded plaintext, no POP or IMAP access allowed at work. (I argued for each long ago, to no avail.) That's why the Web interface copyright symbol problem (which nobody else seems to have and which is the only one that doesn't get to the tracking URL phase) was important enough to me to post. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted October 28, 2005 Share Posted October 28, 2005 I delete certain header lines begining X- because SpamCop does not remove the personally identifiable information from them. I do not touch any other lines, and I do not make any mistakes accidentally affecting any other lines.34989[/snapback] As stated above, this is not "legal" per my reading of the rules. It would be better to replace the "identifiers" with something else (like the x spamcop does). Also, do NOT submit these to any ISP that "refuses munged reports" as you will only be hurting spamcop's reputation with those ISP's. Link to comment Share on other sites More sharing options...
turetzsr Posted October 28, 2005 Share Posted October 28, 2005 I delete certain header lines begining X- because SpamCop does not remove the personally identifiable information from them. I do not touch any other lines, and I do not make any mistakes accidentally affecting any other lines.As stated above, this is not "legal" per my reading of the rules. <snip> 35015[/snapback] ...My reading of the rules is different: since whatthe's change should not "cause SpamCop to find a link, address or URL it normally would not, by design, find," I myself would not consider this to be a prohibited change (note, though, that my opinion doesn't count for much -- only SpamCop deputies' and admins' opinions do). Nevertheless, any such modification that can be avoided, should be. I would therefore suggest that rather than delete the X- headers, users modify the data to munge only the sensitive information. Link to comment Share on other sites More sharing options...
Jeff G. Posted October 28, 2005 Share Posted October 28, 2005 The OP could also re-think the whole munging issue. When I stopped munging, that didn't appreciably increase my spam load, but it did appreciably reduce the amount of time I spent on Reporting. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.