Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by newhorizon

  1. Well, you know better than I about how folks react to all this schtuff. But lemme nevertheless audaciously submit that it's reasonable for us run-of-the-mill spam victims to assume that the "reference URL" always shows what was shown at the time of the report. When those expectations are dashed, me-thinks it's a bit of an "ouch" for them, even if only a shrug for you. Not looking for a reply. Just throwing an opinion out there...
  2. I get that a lot. I guess I'm a slow reader - I couldn't come close to reading all 55 of those notes in under 1 or 2 mins. Maybe when I reach the rank of "Advanced Member" like most of the rest of you, I'll know how to carefully read more quickly. Well meanwhile, come the end of this year, I hope y'all be patient with me if I come back and check again about dbiel's suggestion to add the rest of the icons into the bottom of the page of the list of topics....
  3. Silly me for not providing a C&C warning. So I goes to the search page, I types in "Forum configuration changes" (incl double quotes), I selects "SpamCop Lounge" and clicks on "Perform the Search". The above note is the only match. Does anybody have an estimate for how much time a person - especially some newbie - needs to search, read, and/or otherwise root around this forum before feeling that s/he can "safely" post a suggestion? Not rhetorical.
  4. That doesn't explain it, imho. Going back to my tracking URL (shown in post #1), it now shows: >Resolving link obfuscation >http://888-luvu.com/z/ > host (getting name) no name >Tracking link: http://888-luvu.com/z/ >[report history] >Resolves to >Routing details for [... etc ...] Which is different than what you (Wazoo) and I saw earlier where this same URL resolved the same domain to So I guess something changed. And now I've learned that a given tracking URL can change what it shows us over time. Me-thinks that the dynamic content of a tracking URL makes it difficult for folks (like us) to have a discussion about what happened at the time the reports were sent...?
  5. I'm still lost, but for a different reason. At http://www.spamcop.net/sc?track=http%3A%2F...luvu.com%2Fz%2F we see: >Parsing input: http://888-luvu.com/z/ >host (getting name) no name > >Reporting addresses: >renbin[at]mail.he.cn >ct-abuse[at]abuse.sprint.net >anti-spam[at]chinanet.cn.net So it's looking like 888-luvu.com resolves to in one case but resolves to in another case? Maybe I'm missing something painfully obvious...?
  6. I see a report being sent to bad_tracking[at]devnull.spamcop.net ( http://www.spamcop.net/sc?id=z673954712zaa...2f08fdf877da99z ). A first for me. I shor am powerful curious to know what this "bad_tracking" business means....?
  7. Maybe you're right - but I gotta say that I can't buy into the notion that conserving screen space is worth leaving icons entirely unexplained. In any case, it seems from this thread we're in agreement that adding those icons is a good suggestion. Yet altho' Wazoo's educated speculation is perhaps informative, I hope y'all will understand when I say I'm left to wonder why folks would be inclined to post suggestions if they're apparently just /dev/null'd (ie, neither (a) implemented nor ( is the actual reason provided why the request is denied). BTW, is it just my screen, or are the "Poll (New)" and "Poll (No New)" icons exactly the same? And btw (again), how about "Not New" instead of "No New"?
  8. Ah, gotchya. Good reason. Historically, I've found SpamCop useful not only for sending abuse reports, but for simply determining an externally-valid abuse address (by typing ONLY the IP address or the domain name into SC's text box). With SC sometimes using non-public addresses only, this usefulness seems to be fading. I guess I'll stick to http://www.abuse.net/lookup.phtml (but it doesn't allow IP addresses). No need to reply - just kvetching.
  9. (Fast-forward roughly 15 weeks...) Any word? The icons have changed in design - we've got triangles instead of dots now. But they're still not explained in the legend.
  10. Maybe I'm not fully understanding, but let me ask: why conceal ISP abuse addresses behind these [at]routes.spamcop.net addresses?
  11. I wasn't sure if you're advocating 550's over bouncing, and I'm not really a mail server SysAdmin, but I think, if you'll permit me the audacity, that bouncing is the only way to go where the enterprise's SMPT server has little or no knowledge of which addresses are valid throughout the enterprise. Eg: maybe the SMTP server for almamater.edu has no knowledge of the Email addresses at chem.almamater.edu, math.almamater.edu, alum.almamater.edu. And so it's up to the sub-domains to do the (delayed) bouncing. If this makes no sense, you may resoundingly ignore me. Oh, and somebody once told me that 550's (as opposed to delayed bounces) can help a dictionary attack go much faster. (not good)
  12. Frustration, yes. But those who know me well know my skin is thinner than it oughtta be. So me-thinks you're BOTH right. I want to spend more time looking that over than I have today. Off hand, looks good. Later.
  13. I'm not seeing the sense of leaving off the blue envelopes with black dots. So count me as being very much in favor of the above.
  14. How much time would I have needed to spend to keep tabs on other topics to be able to discern that? (Yes, OK, don't tell me: if I had read them, I'd know *this* answer too!) :| So anyway, that's a "nay" to the suggestion box idea...? I understand what netiquette says about lurking. But it says nothing about faulting a newbie for not dismissing what's clearly stated.
  15. Done. Yeah, moving this thread about a proposed SpamCop feature into a forum where SpamCop discussions are *discouraged* seemed strange. But I got over it.
  16. (This is an offshoot of the earlier discussion ...) If the SpamCop powers that be are open to suggestions, then how about adding a discussion forum which accepts suggestions for improving SpamCop?
  17. Just an aside... This thread moved to the Lounge, I see. But the Lounge is for "pretty much anything except SpamCop and spam fighting." ( see full quote ) But this thread *is* about SpamCop and spam fighting. I feel dev/null'd....
  18. Sounds like that "add reporting address" business is a hot issue. But I humbly/kindly submit that it's non-sequitor here. I'm just suggesting that a 'mailto' link would be a handier alternative to clicking on the Email client's icon on the desktop. That's all. I'm not always clueful, but I'm thinkin' the 'mailto' link wouldn't get around any restrictions nor opens new doors to abusive practices? Instead, me-thinks such a 'mailto' link would help encourage the reporting of spam --- which is a good thing --- even if not via SpamCop. Does Julian read these here notes, or should I go and bother some other forum? Or I'm tempted to start a poll, but I'm too new here to know how they're received.
  19. > First thought is that by clicking and "sending the report yourself" .... I think by "sending the report yourself" you mean sending a *SpamCop* report yourself. But that's not really what I meant. Stepping back a bit: once SpamCop says that so-and-so refuses SpamCop reports, I find myself with 2 options: send an Email to the abuse address myself, or do nothing. If I wanted to do nothing, I wouldn't be here! Sending an Email to the abuse address myself isn't the same as manually sending a *SpamCop* report, imho; I'm just sending my OWN complaint (which wouldn't make SpamCop a liar) and a 'mailto' link on the SpamCop page struck me as being 1) easy to do and 2) handy for the user.
  20. Lemme throw this thought out there and see if it sticks... If when reporting spam via the web interface and SpamCop says something like "abuse[at]auna.es is not accepting SpamCop reports", howz about making that abuse address a clickable mailto link to make it just a tad easier for the user to send a report him/herself?
  21. Sorry, let me back up: the incident in my original post is a month old. I'm afraid I need to ask you to disregard much of it. Sorry again. But... I find I can now register mailhosts from my job (via my employer's ISP) - no more "...traverse more than one domain." error messages. So I do that and I try to report this spam: > From - Thu Apr 22 10:12:14 2004 > X-UIDL: 1082642966.13992.qmail.fcc.net,S=3472 > X-Mozilla-Status: 0001 > X-Mozilla-Status2: 00000000 > Return-Path: x > Delivered-To: x > Received: (qmail 13979 invoked by uid 89); 22 Apr 2004 14:09:26 -0000 > Received: from unknown (HELO psmtp.com) ( > by 0 with SMTP; 22 Apr 2004 14:09:26 -0000 > Received: from source ([]) by exprod6mx90.postini.com ([]) with SMTP; > Thu, 22 Apr 2004 10:09:18 EDT > Received: from by; Thu, 22 Apr 2004 07:32:26 -0700 > Message-ID: <OAAD____________FOYR[at]yahoo.com> > From: "Charlene Nguyen" <txajs[at]yahoo.com> > Reply-To: "Charlene Nguyen" x > To: x > Subject: Italian-crafted Rolex - only $65 - $140!! Free SHIPPING!! > Date: Thu, 22 Apr 2004 11:28:26 -0300 > X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="--679170753373396366" > X-Priority: 3 > X-MSMail-Priority: Normal and I get: > Parsing header: > 0: Received: from unknown (HELO psmtp.com) ( by 0 with SMTP; 22 Apr 2004 14:09:26 -0000 > Possible forgery. Supposed receiving system not associated with any of your mailhosts > Will not trust anything beyond this header > No source IP address found, cannot proceed. > Add/edit your mailhost configuration > Finding full email headers > Submitting spam via email (may work better) > Example: What spam headers should look like > Nothing to do. So I delete my mailhost info and try reporting it again. SpamCop duly does: > Tracking message source: (yay!) fcc.net is the ISP I use from home. Meanwhile, my outbound SMTP server at work is smtp.covadmail.net. (I don't understand this schtuff enuf to know why my Email appears to come from exprod6mx16.postini.com instead, but I gather that's a moot point?) On SpamCop, after I configure mailhosts (using my fcc.net Email address) from work, the items in the "Hosts/Domains" drop-down list are: > ncn.net.ncn.mail1.psmtp.com > dls.net.mail5.psmtp.com > mtaonline.net > david.mtaonline.net > exprod6mx87.postini.com > exprod6mx12.postini.com > postini.com > exprod6mx55.postini.com > exprod6mx56.postini.com > exprod7mx5.postini.co > exprod5mx98.postini.com > exprod6mx25.postini.com > psmtp.com > exprod6mx83.postini.com > exprod5mx48.postini.com > exprod5mx73.postini.com > exprod5mx52.postini.com > exprod6mx50.postini.com > When you POP from work, are you doing it from a client machine .... Yep, from a run-of-the-mill Netscape mail client. IHO(*) > Did you setup the mailhost configuration for both the ISP and your work hosts? Not understanding that question. The only mailhosts SpamCop allows me to set up are the ones indicated above. I'm not seeing how to configure more mailhosts than what SpamCop finds...? I'm missing something obvious, perhaps? (*) IHO = I Hate Outlook
  22. I suspect I'm just clueless, but let me ask... I report spam by cutting/pasting into the SpamCop web page. I tried this new mailhost thing and got: "Sorry, the email sample you submitted for x appears to traverse more than one domain." The Email account I have is provided to me by the ISP I use for my dail-up service from home. And the domain name in my Email address is the domain name of this ISP. Straight-forward stuff. But I also POP3 this same mailbox from my job which uses a different ISP for connectivity. And trying to setup my mailhosts schtuff from my job gave me the above message. So it's kinda looking like with this mailhosts thingy in place, I can not report spam sent to the above-mentioned Email box when connecting via an ISP which doesn't own my mailbox's domain. Is that right, or am I totally in the dark?
  • Create New...