Some Characters Not Showing Up

[DCSmooth]

Several days ago, almost all of my spam stopped to my Hotmail account. The reason, I don't know, maybe all my SpamCop reports finally had an effect, but regardless I'm very happy! It appears that only one spammer has gotten messages to me since that time.

This lone spammer is sending me one nearly identical Cialis ad each day, which I've been reporting to SpamCop. However, this spammer always spells everything using non-conventional letters. For example, in place of the "C" in cialis the spammer will use the copyright symbol, and in place of the "a" he/she will use a letter a with two dots over it. (I believe the latter is called an "umlaut", but I could be wrong.)

When I run a spam with these non-conventional letters through Spamcop, only the very few conventional letters that the spammer used will appear on my parsed report, and all the rest appear - at least on my screen - as question marks within a black diamond.

http://www.spamcop.net/sc?id=z640572719z43...eab74513ca7927z

My questions:

(1) Does this mean the recipients of my SpamCop report can take no action on the spammer, since from the few remaining letters it is difficult or impossible to discern the intention of the message? In other words, are reports composed mostly of the question-mark-black-diamonds useless?

(2) If #1 is true, then has SpamCop addressed the unconventional letter issue?

Thanks in advance,

DC

[flagginator]

The hurrier I go, the behinder I get. The more I report, the more that are right behind it. You are one lucky bucky!

[Wazoo]

http://www.spamcop.net/sc?id=z640572719z43...eab74513ca7927z

My questions:

(1) Does this mean the recipients of my SpamCop report can take no action on the spammer, since from the few remaining letters it is difficult or impossible to discern the intention of the message?  In other words, are reports composed mostly of the question-mark-black-diamonds useless?

My look at your sample shows reports went out for both the source and the spamvertised sites. The SpamCop parser wasn't "confused" about what you submitted.

(2) If #1 is true, then has SpamCop addressed the unconventional letter issue?

Your perception of #1 was in error. What actually is more likely is that you don't have all the "needed" fonts installed to display the character set used within that spam. On the other hand, this may also be feeding into why the submittal also looks a bit screwy. I don't recall if you discussed your set-up or software in your previous Topic, but this is one of those situations where accessing the HotMail account via OutLook Express would work around some of this issue.

[turetzsr]

<snip>

When I run a spam with these non-conventional letters through Spamcop, only the very few conventional letters that the spammer used will appear on my parsed report, and all the rest appear - at least on my screen - as question marks within a black diamond.

<snip tracking URL>

My questions:

(1) Does this mean the recipients of my SpamCop report can take no action on the spammer, since from the few remaining letters it is difficult or impossible to discern the intention of the message?  In other words, are reports composed mostly of the question-mark-black-diamonds useless?

16319[/snapback]

...My guess would be that savvy recipients of the SpamCop reports really don't much care about the content of the message, since spam is about consent, not content. At least, I hope it's true that they don't care.

(2) If #1 is true, then has SpamCop addressed the unconventional letter issue?

16319[/snapback]

...AFAIK, there's nothing to address: the content isn't relevant to SpamCop. It may also be that SpamCop doesn't care about content in characters sets other than plain text and therefore converts everything to plain text.

[DCSmooth]

Thanks to you both. I never thought of the spam's content not being important for the SpamCop recipients' purposes.

I actually frequently receive a completely blank spam with absolutely no content (I'm guessing mistakes by the spammer) and with these I never send a report. I feel the content has to absolutely define it as spam and not some other potential scenario before I can be sure it's spam according to SpamCop's definition in the FAQ. But maybe I'm just being too anal.

As for my fonts, I really don't think that's it. It really looks like it's just Courier New (which I do have), only it uses the other characters beyond the regular keyboard charcters. It shows up fine in my Hotmail or when I copy/paste it either into SpamCop's first screen or into MS Word, so that's why I'm thinking it's SpamCop that can't handle the funky characters.

flagginator: Yeah, the spam drought was pretty sweet while it lasted. I just now received an offer for pirated software, so I guess the dream of spammers forgetting about me entirely is over. I hope the spam count at least stays low now though. I used to receive 50 a day at one point.

[flagginator]

I believe the blank spams are test spams. You assume they are mistakes and so you react differently.

The spammers are going to figure out a way that spam or viruses look blank and we'll accept them and then their real payload will unpack itself and rape our daughters.

[DCSmooth]

FLAGGINATOR: LOL - Let's hope spammers never acquire THAT technology!

WAZOO: I was trying to figure out what you meant by my "previous topic" since I hadn't posted here in several months before this thread, and then I saw that there's a new member who's posted recently named "docsmooth" with whom you're probably (understabably) confusing me.

[Wazoo]

WAZOO:  I was trying to figure out what you meant by my "previous topic" since I hadn't posted here in several months before this thread, and then I saw that there's a new member who's posted recently named "docsmooth" with whom you're probably (understabably) confusing me.

Dang, you got me there ... I was thinking that it was quite a shift from server admin with issues to a display issue, but didn't look any closer. Apologies.

The blank spam issue, trust me, lots of discussion over the years. Even within here, a search on "blank email" should come back with something. Usual suggestion is to add "no body in spam" to fill in the "body" section in order to let the parser see something.

What's really odd is that I usually get a half-dozen of these a day ... so naturally when I go to ull one of those up to take a closer look, I haven't actually had one arrive since I last cleared the tables .. like a week or so ... be advised, that as almost all of these have come in via open proxy, all I normally do is CC: a copy to a couple of U.S. Government addresses and mke a decision as to whether I make any contact with the "source" ISP involved .. maybe again pointing out that I haven't actually parsed one of my own spams in quite some time, again making one wonder why I'm here in the first place <g>

[Wazoo]

OK, timing is all wrong again .. got one of them just now, for giggles, I ran it though the parser, and now finding the "sigalarm" issue is back ... so not sure what status this report is in (or if it will actually exist due to the abort) .. but, is it the "same" spam (am guessing it is) ... http://www.spamcop.net/sc?id=z641303267z04...fef3b3d92488bfz

As far as character set goes, I'm guessing that MS Sans Serif via the Windows Character Map utility was used to generate the text in this spam.

[StevenUnderwood]

and now finding the "sigalarm" issue is back

And right now I am having the reporting page showing only blank pages (from several computers).

Seems to be some problem right now.

[Wazoo]

Thinking kindly, perhaps another database rebuild in progress <g> Note was kicked up a bit ago for notifies, but of course, it's that long week-end thing.. Hard to say where anyone might be at this point in time.

[DavidT]

The parser and "reporting history" system is very, very slow at the moment. I think it might be under some sort of attack.

DT

[StevenUnderwood]

Thinking kindly, perhaps another database rebuild in progress <g>  Note was kicked up a bit ago for notifies, but of course, it's that long week-end thing.. Hard to say where anyone might be at this point in time.

16361[/snapback]

Why does it always seem to be long weekends that these things happen???

Rhetorical queston

[dra007]

Rethorical may be, they reason the human resources are down and their attack will be most effective... duh.. I just hope enough geeks out there can figure out where the attack is coming from! There are too many coincidences ..just looked at the statistics and last help/complains and my detective (and paranoid) mind is cranking up! But I don't have access to the actual data of the attack itself!