lartingyou

OK, my password manager (Google) currently has 520+ entries (we're a family that use this computer). Got no time to write that stuff down! Plus, the software checks for passwords that have been reported in known leaks (haveibeenpwned) and complains if you use the same password for more than one account. I despise Google for lots of stuff these days (all the CDs I uploaded to YT Music aren't accessible with "hey google" unless I pay a monthly fee), but they got me hooked wrt a password manager that just works.

With AI the way it is (esp. chez Microsoft) Ima guess those reports are training some neural net or LLM. MS doesn't care to stop spammers as it's a cost center. Training a new "spam copilot" is surely worth some $ to them, however.

Thanks for the advice. Any recommendation of where to store the hundreds of passwords? I don't use the same one for each account - haveibeenpwned.com showed me the error of my ways 10+ years ago.

Yes, but a link such as t.co will redirect to some other web site that has the actual payload to be delivered to the user. Often Google's sites are used to perform redirection. e.g. https://www.spamcop.net/sc?id=z6884275349za95462586f2f5a6df2082f0a7bd906b6z has a bit.ly link that redirects the browser to some other web site, with a different IP. In the case of bit.ly, the link got invalidated (abuse), but t.co, linkedin.com and tons of others do nothing. If SpamCop followed the other links and also sent reports, perhaps they'd be shut down, too. The Chrome extension https://chromewebstore.google.com/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll will show you when you click on a spamvertised link how many redirects it goes through. I've seen as high as 10 redirects for some spam links that start with t.co, for example. Spamcop does some rudimentary attempts to "deobfuscate" links, but AFAIK it doesn't follow redirections. They are heavily used by prolific spammers, precisely because this shields the true spamvertised sites from SC reports.

I still think it could be vastly improved if it used a browser (e.g. Chrome) as part of a parsing engine for spamvertised links. Many spammers use redirect links via linkedin or t.co or (your favorite spamcop-ignoring service). There are browser plugins that follow the redirects (and log them) and all of that could be evidence for spamvertised links. But I fear I'm getting off the pavement/sidewalk/topic

I realize that -- my comment was that it's a way for MS to ignore the reports. I didn't realize trial in Australian English is written as trail? 😉 Ribbing aside, I did some Web searching. SEWR is some Microsoft component relating to spam. Check out slide 8 of this presentation: https://www.slideserve.com/yoshe/understanding-microsoft-forefront-online-protection-for-exchange (lower right corner). Also: https://todojosevaldez.files.wordpress.com/2013/08/08-o365-smb-js-exchangeonline-fope.pdf (dark gray box below NDR Pool). So, maybe the OP's assumption that these emails are being ignored is totally flawed?

Months ago, when I could no longer POP messages from a Microsoft server (because MFA was imposed, and that doesn't work over POP), I was only left with the option to forward to a Gmail account. Reporting spam doesn't work because the origin looks to Spamcop like the forwarding server. The solution is to set up Mailhosts properly in SpamCop. But with the complexity of the Office365 cloud, I couldn't get it to work (there are just too many servers and Spamcop couldn't grok the configuration). So, I suspect others have the same problem (if they even knew or tried to configure Mailhosts). Astonishingly, sometimes the Office365 server will send me failure emails that it refused to send a message because it was suspected to be spam. This happens when automatic forwarding kicks in for a spam that was RECEIVED by the server. Those are also technically spam. I don't understand why the filters that refuse to send (forward) spams are not the same as the ones that accept emails that are spam -- perhaps it happens when the filters are updated between the receiving and the sending? I'm not the admin of the server; these are hypotheses on my part. In any case, Spamcop doesn't seem to work well with emails forwarded outside of an Office365 domain, and so I suspect a lot of false reports are sent, which may explain why they are going to "sewr".

I guess my behavior is showing my age. Indeed I'm old school with SpamCop. My account here doesn't show it, but on the old forum I was pretty active in the early to mid-2000s, even exchanged a few times with Julian. After I got a death threat on my phone at work in 2006 or so (I had been careless with my email alias when I informed a web site owner that his/her site had been hacked in a bank phishing scam), I scaled back my anti-spam (zombie fighting) activities. Not worth it! Interestingly, after all the manual LARTs I sent recently, the spams I get every day haven't used tinyurl.com for about 3 days... I'm not holding my breath.

100% agree CPU is money, but I'm only asking a report go to a different address. I don't understand the argument about drug stores vs NY Times. Here's how Bit.ly is parsed (there is no following of links as far as I can see). I'm suggesting it work in a similar fashion for tinyurl.com: https://www.spamcop.net/sc?id=z6781795513z92e8821763db5d3a682e284b20ea47d3z#report Using the CPU is money reasoning, because reports for tinyurl.com go to abuse@cloudflare.com, there appear to be more steps in the handling (see the lines in red) compared to bit.ly (which just knows to use abuse@bit.ly). I hope you can reconsider. 🙏

Ok, I gather from your answer that I have to pay to fix the problem (myself). Fair enough. What about all the other people who report those spams using TinyURLs that don't know that tinyurl.com links won't be terminated unless they send reports to the correct address?

Hello - currently, when spamvertised links are on tinyurl.com, abuse reports go to the hosting ISP (I think) which is abuse@cloudflare.com (see this sample). Cloudflare is ineffective, as it is merely the hosting ISP and I believe it serves no purpose sending reports there. However, the email abuse@tinyurl.com is very responsive - they shut down the URLs within an hour sometimes. I have been manually larting them for months, but it's much work and would be nicer for me (and make SpamCop more effective) if they received the abuse reports directly I think. Thanks for listening!

My work email was moved in the past month to the cloud (outlook.office365.com) from a previous (local) office exchange server. My email address didn't change, but the server configuration did. So, obviously I needed to reset my mailhost config. However, when I tried to re-set (delete then add) the mailhost for my (existing) email, SpamCop only saw the former configuration (it doesn't see any office365 servers). Despite that, when I try to reconfigure SpamCop anyway for my work email address, after copying the "account configuration email" I correctly received, SC barfs the following message: "AAA" is not the real part of the host address (I'm trying to keep anonymity). I'm not sure if this is error is due to the "newness" of the configuration, or the fact that the office365 does use some internal servers that aren't visible outside? Anyway, I'm not able to report spams sent to my work email in the current situation. It's likely my employer's email system is not properly configured, but I am trying to understand why SpamCop doesn't "see" office365 in the new setup. How does (should) SpamCop know that the emails are now on Office365?

Here are the terms on their site: https://tinyurl.com/app/terms

TinyURL.com links get reports sent by SC to abuse@cloudflare.com, who do nothing saying they're not responsible for content that's not hosted on their site. However, my private LARTs sent to abuse@tinyurl.com result in quick shutdowns. Shouldn't SC use it? Does that address refuse SC emails? If not, I kindly request configuring SC to send there instead of cloudflare. Cheers!

I'm not sure why you cite the terms of Tiny.cc -- Tinyurl.com is not the same system. If abuse@tinyurl.com don't like reports, don't we usually see that in the spam processing report?