Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About GreenLady

  • Rank

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Location
    London, United Kingdom
  1. GreenLady

    Thoughts on lawsuits against ISPs & Hosts

    Sorry to pour cold water, but what World Court? Nice if it existed though! What does work is consumer boycotts (think South Africa). It may take time, but if every fed up internet user stopped buying products originating in China (and wrote the supplier telling them why) then you would soon see the Chinese businesses complaining to their government. It would also help support local economies too! For more information on boycotts see ethicalconsumer.org
  2. GreenLady

    Someone using my address: how to report?

    Be aware that the bounce may also be due to a virus picking up your address from a friend's (or spammer's!) address book and using it in the "from" field. As such, any attachment MAY contain a copy of the virus. This is especially if the message was bounced as it contained a .pif or .exe file or similar. (I have had at least 3 bounces of this type over the last 2 weeks). If you know what you are doing, you may want to copy (carefully!) the message header of the original message and use a tool such as spamid.net to find the originating ISP. If it is an ISP unique to a single known contact, you may want to check with your friend if their PC is infected. Otherwise, I would not bother, unless you get multiple infected messages from the same IP address over a number of days.
  3. I can clearly see the web page link, but spamcop does not seem to pick these up (I have had three in the last 2 days). Is it because of the 7 bit coding (or are the spammers thinking people will copy the text into the address bar) ? The message appears as text in OE (when off-line). Part of the text of the spam message is: ____________________________________ We deliver to you very fast - and that is a promise. Buy online in the comfort of your home. http://www.charterdrugs.biz. And among the dreams of the days that were, The skipper he stood beside the helm, "Some ship in distress, that cannot live And, departing, leave behind us ----385387799532064-- [ This spam was encoded 7Bit. Normal text is below. ] ____________________________ Spamcop says: Finding links in message body Recurse multipart: Parsing HTML part no links found ____________________________
  4. I hope this is the right place to post this (it is more for interest than needing to know an answer). I have had a couple of these recently. Given that the listing was last updated 2003-11, should the IP address have been de-assigned by ARIN or some other organisation? I thought it was mandatory to have accurate details listed... "whois[at]whois.arin.net" (Getting contact from whois.arin.net ) nothing found host (getting name) no name Falling back on IP addressing:postmaster[at][] Please make sure this email IS spam: From: "Shawn K. Jacobson" <shawn.k_jacobson_lk[at]aol.com> (Change your life starting today!) Search results for: OrgName: Zacson Corporation OrgID: ZACSO Address: 3825 Hopyard Road Address: Suite 220 City: Pleasanton StateProv: CA PostalCode: 94588 Country: US NetRange: - CIDR: NetName: ZACSON NetHandle: NET-192-160-34-0-1 Parent: NET-192-0-0-0-0 NetType: Direct Assignment Comment: The information for this network has been reported to Comment: be invalid. ARIN has attempted to obtain updated data, but has Comment: been unsuccessful. To provide current contact information, Comment: please e-mail hostmaster[at]arin.net. RegDate: 1992-04-27 Updated: 2003-11-25
  5. GreenLady

    @%$*&!£ Freeserve!!!! Please help!

    Sarah, To test it, I signed up for a free freeserve account (it gave me a [at]fsmail.net address tho') and I have both been able to send and receive eMails with .eml attachments - though not submitting to spamcop. I am baffled. This may restriction may only apply to the paid-for accounts. The only other thing I can think of is that you may actually have a virus on your system that is being detected by SpamCop or something in your message or signature that is being erroneously identified as one. Sorry I could not help.
  6. GreenLady

    @%$*&!£ Freeserve!!!! Please help!

    To eliminate the obvious: " not listed in bl.spamcop.net Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 60.1 days. In the past 762.1 days, it has been listed once for a total of 9 hours In the past week, this system has: Been witnessed sending mail about 230 times A sample sent sometime during the 24 hours beginning Mon, 8 Dec 2003 00:00:00 UTC: Received: from -.-.-.-.- (-.-.-.-.- [])- by -.-.com (-.-.-.-.-) with - id - for <-[at]-.com>- Mon, - Dec 2003 19- - Subject: monthly newsletter on building property portfolios From: th.. at ..n.com " and at SORBS: " found in Database of servers sending to spamtrap addresses Address or Block / 32 Description [ Submitted by: matthew ] Entry Created Sun Oct 12 21:55:15 2003 GMT Entry Last Seen Sun Oct 12 21:55:15 2003 GMT spam Seen From Currently active and flagged to be published in DNS." However, the ability, or inability to send attachments of type .eml seems to firmly lie in the hands of the sending ISP! (Nothing about it in Freeserve's help files though...).
  7. GreenLady

    Forums, Newsgroups, Netiquette, Rules, Etc.

    I'm with you on that one, Miss Betsy. I have used the 'net for nearly 12 years now, but I still have to learn a lot about some things (and I've been learning an awful lot about spam over the last month or so). One of the things I have yet to learn is how to reply to a newsgroup posting in a way that does not include your eMail address for spammers to pick up and read. (On Outlook Express I also have to read one message at a time and have not yet worked out how, if?, I can download them!). So, I very much appreciate having a web forum. In terms of personalities, I had a week long lesson with two abrasive personalities on a 4 day training course recently. One I knew from long back, and just accepted that was the way they were, the other I ended up not speaking to, unless absolutely necessary! I learnt the hard way that any sentence that contains the word "you" can be seen as inflamatory, just as their talking too much about "me" seems selfish and overbearing. It's all in the perception - and everyone wears different glasses! Sheesh, people are complex, give me a computer anytime! I can only hope to aspire to Miss Betsy's level of conciseness and "politesse" (as the French say).
  8. GreenLady

    "Why is my email blocked?" FAQ

    Can I make some suggestions? Firstly, not all the visitors speak English as a first language (viz the post from Very Angry, an Italian). So a word such as "recipient" or jargon such as IP or SMTP may be confusing. Perhaps a glossary would also help? A really, really, newbie FAQ would be something like this (apologies for (A) the length and ( if I have misunderstood anything about the way spamcop works - I've only been using it for about a month myself!): 1. SpamCop itself is not blocking your email. The Internet Service Provider (ISP) of the person, or business, you are sending email "To" is blocking email from one, or more, of your ISP's computers (servers), using a list provided by SpamCop. 2. This list is comes from reports of "spam" (email which was not requested or subscribed too by the person receiving it), sent in by hundreds (thousands?) of people each day, submitted to SpamCop. 3. SpamCop looks at the email header and works out where the email actually came from. This is not usually the same as the "From" address that appears in your eMail reading program because "spammers" (companies that send spam, or people who do it on their behalf) forge the From line in the eMail (this is also known as "spoofing"). Other lists are generated from the IP address (Internet Protocol address - for example, - the identity of a computer attached to a network, assigned by Internet organisations for each continent) of links in the eMail that the reporter suggests are the target of the advert. A listing is automatically added if a spammer sends eMail to a "spam trap" (an eMail address that is not used, nor published anywhere, so only gets eMail if someone is sending spam!). 4. Extracts from these reports are sent to the Internet Service Provider of the spammer. If more than 10 reports are made, or mail is sent to a spam-trap, then the server is added to the SpamCop list and other Internet Service Providers may start refusing to accept any eMail that originated from that server. This will include your emails, as well as the spammers. 5. When an ISP receives a report, then they can investigate, take any action needed - such as closing the spammers email account, or fixing the hole in their system - and then tell the spamcop deputies (people who run the spamcop service) what action they have taken. The server can then be de-listed. 6. If the ISP ignores spamcop reports, then the server will remain listed for a number of days. If the spam ceases, then the server will be automatically delisted 48 hours after the last report (?). If the ISP has an "open relay" (a "hole" in their security system that allows spammers to insert their eMails into the internet traffic and appear to come from your ISP), then your ISP will keep getting reports until the hole is fixed (they may not know they have a problem, or, how to fix it). If the ISP is known to be "spammer friendly" (for example, their email abuse address listed with the continental IP allocation organisation is never read or the emails bounce back because it does not exist or is full), then it may not be delisted for months. 7. What can you do? Firstly, if your eMail was urgent, and must be delivered within 48 hours, consider using an alternative ISP for that email, such as Yahoo or Mail.com or Hotmail. Secondly, contact your ISP - their helpdesk should know who to call - and ask them what action they are taking. Thirdly, if you get an unacceptable response, consider changing your ISP. 8. If you think a mistake has been made, after you have taken the actions in (6), then raise it in this forum. It is mainly used by people who submit reports to SpamCop, but also by the SpamCop deputies. You will need to include the IP number in the "delivery failure" report and check if your ISP's server is still listed. To do this, go to http://www.spamcop.net/bl.shtml. Make a note of the reason for the listing. For example "Been reported as a source of spam about 30 times" "Been detected sending mail to spam traps" as this is important. 9. SpamCop Deputies have access to all the emails submitted to SpamCop. If there has been an error, then they can delist your ISP's server. They may also fine, or ban, the person who made a wrong report, for wasting peoples time. 10. Please remember that this block is not aimed at you personally. Because there is no central address book for the internet - there is a limited number of IP addresses, so you, and the spammer, may get a different one each time you log-on - it has to be your Internet Service Provider who carries out the investigation and takes the action to address it. In the meantime, like post received without a stamp, the "post office" at the other end is at liberty to return the eMail in order to keep potential spam out of their eMail system and out of their customers' in-boxes.
  9. GreenLady

    How does a spammer know I reported him?

    I have had my Yahoo (UK) account for over 3 years, but her account was a new one set up from scratch. If you are using UK Yahoo, (and either you are US based or you keep worse hours online than me!) I cannot explain the differences in the Help text displayed... From web mail inbox, click on help. Get the following displayed: Using My Account Address Book Sending Mail Receiving Mail External Mail Configuration Managing Messages POP Access and Forwarding Click on POP Access and Forwarding and get: POP Configurations Microsoft Outlook 98, 2000, and 2002 Outlook Express (IE 5) Netscape Messenger 4 and higher Eudora 5.1 or higher Other Email Client HTML Compatibility How can I use Spamguard if I use a POP3 client? POP Problems Errors Sending Mail (SMTP) Errors Receiving Mail (POP) Click on Outlook Express and follow the instructions, then go back and click on Errors Receiving Mail (POP) containing: Subscription to Yahoo! Delivers You must subscribe to the Yahoo! Delivers service for POP access through your email client. POP Access Option Have you selected the option for POP access on the Mail Delivery Status page? To find out if you have, click on "Options" on the left-hand navigation bar in Yahoo! Mail, and then on POP Access & Forwarding. Make sure to click "Submit" when you're done. Please note, you won't receive POP access if you've selected the "Forwarding" option. These are separate features that can't be used at the same time. Yahoo! Delivers shortcut is http://subscribe.yahoo.com/deliver?.src=ym and Pop Access and Forwarding is http://edit.europe.yahoo.com/config/set_popfwd {Previews Post} Urgh, lots of typos to correct - my system is running like jelly as I have just had to update my antivirus and do a full system scan thanks to a spammer in the Cayman islands - the only reason I can think of someone there having my mailing address - sending me not one, but two copies of mydoom.f
  10. GreenLady

    How does a spammer know I reported him?

    There's me thinking I only just set it up a couple of months ago and for a friend last Monday... Look under Help -> "POP Access and Forwarding" -> {email system of your PC} for parts 1 & 2 (Add & Authentication). Then back a page and "Errors Receiving Mail (POP) " -> "subscription to Yahoo Delivers" and "POP access option" to accept a small weekly mail (I've yet to receive one!) on the topic of your choice and configure your Yahoo account to auto-forward. Of course I could pay for it, & skip the email, but I'm a bit skint this year!
  11. GreenLady

    Tracking Codes used by Spammers

    Ok ... now I am going to ask a dumb-newbie question. What is a Bayesian filter? (Yes, I know I could do a web search on it, but if I don't know then I suspect that a lot of newbies reading this forum also do not know what it means either, so a short post or link may help them too!) Secondly, is it specifically for people who use spamcop mail?
  12. GreenLady

    How does a spammer know I reported him?

    I was shocked to be told a couple of months ago that simply opening a piece of spam was enough to let the spammer know your account is active. (It works by including a unique ID picture which is helpfully downloaded by your mail service provider, or in the preview pane, when you open your html format mail). The answer to this one is to use a POP 3 email system BUT to read your email off-line. Yahoo will let you forward to POP3 in return for allowing a weekly eMail (check the Help as it is a three part process, including changing your Yahoo Account settings to switch to POP3). In terms of reporting these via SpamCop, I assume you would need to carefully copy the source text of the eMail (again, off-line) and munge out the tracking IDs. The bounces you are getting may be due to the Novarg virus doing the rounds that may have infected the machine of one of your contacts. It picks up their address book and uses a name from that address book as the forged From and Reply to addresses. See mm.html]http://securityresponse.symantec.com/avcen...ovarg.a[at]mm.html For example, on 27 Jan I was puzzled to receive a bounce from Yale university with my name as the source. However, using the email header reader at http://www.spamid.net/ I found it originated at another institution for whom I only have one contact. I reported this immediately to them and their postmaster and, yes, she did have an infected machine.
  13. GreenLady

    Tracking Codes used by Spammers

    Thanks Wazoo! That's made my day!
  14. GreenLady

    Tracking Codes used by Spammers

    I am no expert, but I have received mail that references my e-mail ID in the body or partially in the "from" username. My first response was to stop reporting, when every-other mail was like this (I don't have much spare time in the evenings). Then I decided that the maxim "don't get mad, get even" applied, so the last one I received I carefully munged the forwarded message to remove references to my name. To avoid the identifiable-picture-downloaded-in-preview, (for active eMail account, rather than spamcop reporter, identification) I now download my eMails using POP3. I then go off-line before checking the filtering has worked (with OE it is hard to maintain the rules and I am getting a large number of legit mails diverted to PornSpam folder, for no obvious reason). In respect of the other methods of identifying reporters to spamcop, I had to ask myself "is it worth the risk?". Even if I knew what they were using, it would take too long to check and munge each eMail reported. Perhaps it is the bit of British spirit in me, (that dates from before Agincourt, where the English archers raised two fingers to show they could still nock an arrow), but I'll be blowed if I'll let spammers ruin eMail for everyone - even if I have to take a small risk myself.
  15. GreenLady

    Does spammer's ISP take spamcop seriously ?

    Personally, I would be quite happy if my ISPs would ban all eMails coming from, or with links to, chinanet (or Russian sites or Czechoslovakian sites) without me ever seeing them! It would cut out about 90% of my spam! (Any chance of this being an opt-in feature if the mail service provider admins are reading this?)