Jump to content

Nexttime

Members
  • Posts

    10
  • Joined

  • Last visited

Posts posted by Nexttime

  1. I've been getting a bunch of spam from here.  Why doesn't spamcop use the "abuse-mailbox" instead of the "e-mail" address?  All the spam complaints are being sent to the mandy address and I'm not sure that's where the ISP wants the complaints to go.

     

    % Abuse contact for '103.212.132.0 - 103.212.135.255' is 'vrvinfinity@gmail.com'
    
    inetnum:        103.212.132.0 - 103.212.135.255
    netname:        INFINITY
    descr:          VRV Infinity Broadband India Pvt. Ltd.
    admin-c:        AC1417-AP
    tech-c:         MA954-AP
    country:        IN
    mnt-irt:        IRT-INFINITY2-IN
    mnt-by:         MAINT-IN-IRINN
    mnt-routes:     MAINT-IN-INFINITY2
    status:         ASSIGNED PORTABLE
    last-modified:  2016-12-05T12:14:33Z
    source:         APNIC
    
    irt:            IRT-INFINITY2-IN
    address:        233, Silver Plaza, Kailash Nagar, Sodal Road,Jalandhar,Punjab-144004
    e-mail:         mandy.dun22@gmail.com
    abuse-mailbox:  vrvinfinity@gmail.com
    admin-c:        AC1417-AP
    tech-c:         MA954-AP
    auth:           # Filtered
    mnt-by:         MAINT-IN-INFINITY2
    last-modified:  2016-03-28T12:23:36Z
    source:         APNIC
  2. I'm pasting the whole email into the form.

    Here is that section.

    X-Received: by 10.107.201.213 with SMTP id z204mr22848215iof.160.1497038177759;
     Fri, 09 Jun 2017 12:56:17 -0700 (PDT)
    MIME-Version: 1.0
    Received: by 10.79.192.17 with HTTP; Fri, 9 Jun 2017 12:56:17 -0700 (PDT)
    Reply-To: ibrahimrahman022@yahoo.com.hk
    From: Mr Ibrahim Rahman <mr.davidutom102@gmail.com>
    Date: Fri, 9 Jun 2017 12:56:17 -0700
    Message-ID: <CAHF_xNd31Z39pqQ8G1jL6DGarfAepnvKRoSbiftTcUZUnMnfvA@mail.gmail.com>
    Subject: HELLO,
    To: undisclosed-recipients:;
    Content-Type: text/plain; charset="UTF-8"
    Bcc: x

    GOOD DAY,

    I am Mr Ibrahim Rahman ……

  3. Is it supposed to still point to gmail-abuse[at]google.com?

    I just submitted a spam report and it still picked gmail-abuse[at]google.com.

    Routing details for 189.211.173.148
    Cached whois for 189.211.173.148 : axtelipmaster[at]gmail.com
    Using abuse net on axtelipmaster[at]gmail.com
    abuse net gmail.com = gmail-abuse[at]google.com
    Using best contacts gmail-abuse[at]google.com
    Reports disabled for gmail-abuse[at]google.com

  4. So I just reported a spam that had a Twitter URL in it. So I "unshortened" the twitter URL, which became a LinkedIn URL, which in turn referred to a Yahoo redirect/shortener. Finally the last one after that went to a Chinese server.

    I've never seen anyone THAT determined to hide their REAL URL! SMH!

    I've been getting a lot of these.

    They always start with a twitter URL then go to a Linkedin URL and then either ht tp://bitly.com/, ht tp://stks.co.

    Linkedin doesn't care, I've reported the spammed URLs to them and they refuse to delete them. Twitter doesn't really seem to do much either. I've tried a reported twitter URL weeks later and it's still active and pointing to the spammers web site.

    Here's one that just came in a few minutes ago:

    ht tp://t.co/j6s3xrXYIq

    redirects to:

    ht tp://lnkd.in/bFBaMeM

    redirects to:

    ht tp://stks.co/hq8y?twitter.com

    redirects to:

    ht tp://www.ouyla.com/menstar

    Seems like twitter and linkedin are active spam support services.

    Edit by SteveT: broke links so that someone doesn't unintentionally navigate to spamvertized URLs. PM sent to member to explain this action.

  5. It's actually quite simple.

    All of the ones I am getting are hosted by singlehop.com and I think they are going to keep getting away with it.

    The spammers just includes this large block of text before the URL they are spamming. So when Spamcop processes the report the web hosting company doesn't get a complain because Spamcop quits before getting to the spammed URL. But the user still sees the spammed URL when they open up the email as the email client ignores the <style> tag.

    Here's one of the blocks of text they use:

    Admin Edit: I find the description above enough detail. The 'sample' has been removed from this Post.

  6. I've noticed this appearing quite often, here is an example.

    Tracking link: //[/i]discoverhiddenprofits.com/unsub.php?e=x"]http://discoverhiddenprofits.com/unsub.php?e=x

    No recent reports, no history available

    Cannot resolve //[/i]discoverhiddenprofits.com/unsub.php?e=x"]http://discoverhiddenprofits.com/unsub.php?e=x

    --------

    So, the report goes to the Administrator of network where email originates but not to the host of the spamvertised web site.

    But when I try to access the spammed web site, it does resolve.

    So, it seems pointless to report the spam if the web site is just going to stay up without any complaints.

    Have spammers figured out how Spamcop is checking websites and blocking them thus reducing the number of complaints the hosting provider receives?

×
×
  • Create New...