rconner Posted August 12, 2008 Share Posted August 12, 2008 I wonder how many paying users add such addresses.For my part, I DO run whois lookups and use admin addresses that I find, but only in the case of websites, and only when SC won't or can't find these links themselves. I also don't bother to do this for botnet-hosted websites (there are too many to report, and the legal grounds seem a bit ambiguous). Generally, I punt the latter cases to Knujon to see what they will do with them. -- rick Link to comment Share on other sites More sharing options...
btech Posted August 12, 2008 Share Posted August 12, 2008 Good, so I'm not alone. Prime example: http://www.spamcop.net/sc?id=z2146084171za...348cce6ff5d6c9z Tracking message source: 81.9.55.218: Routing details for 81.9.55.218 Cached whois for 81.9.55.218 : sde[at]cwn.ru ip-noc[at]cwn.ru Using abuse net on ip-noc[at]cwn.ru No abuse net record for cwn.ru Using default postmaster contacts postmaster[at]cwn.ru Message is 4 hours old 81.9.55.218 not listed in dnsbl.njabl.org 81.9.55.218 not listed in dnsbl.njabl.org 81.9.55.218 listed in cbl.abuseat.org ( 127.0.0.2 ) 81.9.55.218 is an open proxy 81.9.55.218 not listed in accredit.habeas.com 81.9.55.218 not listed in plus.bondedsender.org 81.9.55.218 not listed in iadb.isipp.com Defaults to the postmaster, but the IP-NOC is a recipient. I added them to the 'user-defined' and I really think it's best to do so, unless I hear otherwise from the Admins. If Ellen or Richard have any light to shed on the topic, I'd love to hear it; I'd rather not piss off the powers above if my adding these addresses is against a TOS or something. Link to comment Share on other sites More sharing options...
Farelf Posted August 13, 2008 Share Posted August 13, 2008 ... IP-NOC is a recipient. I added them to the 'user-defined' and I really think it's best to do so, unless I hear otherwise from the Admins. If Ellen or Richard have any light to shed on the topic, I'd love to hear it; I'd rather not piss off the powers above if my adding these addresses is against a TOS or something.You'd be more likely to draw some comment from Ellen in the NGs but there's little danger of uspetting anyone in this circumstance IMO - the address is revealed during the parser's retrieval of data (along with sde[at] being the owner's personal address). Added reporting is for "experts", implying no TOS implications for adding actual, verified routing and that is, AFAICT, the situation. It might not be a good idea to add reports if the ISP is a known blackhat - some reporters would be checking SpamHaus to be sure they're not wasting their time or even verging on the counterproductive with added reports. I think a quick Google would serve the purpose as well (or better unless you're familiar with SpamHaus). Link to comment Share on other sites More sharing options...
Wazoo Posted August 15, 2008 Share Posted August 15, 2008 Re: the hyphenated Domain name issue .... Don has made a post into another Topic that states that this issue has been 'fixed' .. but waiting for code to actually be installed on the servers involved. Please see http://forum.spamcop.net/forums/index.php?...ost&p=66178 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.