Jump to content

HillsCap

Members
  • Posts

    90
  • Joined

  • Last visited

Posts posted by HillsCap

  1. OK, well, I guess I was wrong... I programmagically put the 'Received:' blurb in several different spots in several different spam mails, and SpamCop didn't complain, so I guess it's just an issue if the body of the spam report email has the blurb in it.

    Are there any other text blurbs we should avoid putting in the body of the spam submission email?

  2. Got it!

    I figured it out!

    Basically, SpamCop's running a dumb bot, it's obviously just looking for the text blurb 'Received:'.

    So, when I put that in (even if it was part of a string), it caught it and assumed that it was looking at a header, thus triggering SpamCop to think it was a spam submission, even when it was just the spam submission email with the spam as an attachment.

    So, I've reformatted my body text as follows:

    --------------------

    UBE/UCE SUBMISSION

    Please see the .txt format attachment.

    Contact Info:

    Name: Hills Capital Management

    Email Address: xxxxxxxxxxxxx[at]xxxxxxxxxxxx.xxx (munged for this post)

    Recipient's State Of Residence - CA

    Source Info:

    Subject: Fwd: Re: Hiya! :)

    Number Of Messages: 1

    Size of Archive: 10676 bytes

    Receival Date/Time: 2/8/2004 6:22:36 AM (GMT -8:00)

    --------------------

    I think it'd be best if I did this:

    --------------------

    UBE/UCE SUBMISSION

    Please see the .txt format attachment.

    Contact Info -

    Name - Hills Capital Management

    Email Address - xxxxxxxxxxxxx[at]xxxxxxxxxxxx.xxx (munged for this post)

    Recipient's State Of Residence - CA

    Source Info -

    Subject - Fwd: Re: Hiya! :)

    Number Of Messages - 1

    Size of Archive - 10676 bytes

    Receival Date/Time - 2/8/2004 6:22:36 AM (GMT -8:00)

    --------------------

    That'd avoid the issue altogether.

    BUT, if a spammer puts 'RECEIVED:' in the subject line, it'll cause the error again.

  3. If you're using Outlook, I've got some VBA code that I'm using that not only addresses that issue, but also has many other features:

    1) The ability to select several spam messages at once for submission.

    2) 3-click start-to-finish spam submission (click 'Submit As spam' button, wait for AutoResponder email, click link in AutoResponder email, click 'Submit' button on SpamCop web page).

    3) Whitelist - checks the address of the spam sender against your Contacts folder (if someone you know sends you an email, and it accidentally ends up in your spam folder, and you accidentally select it for spam submission, it'll prompt you and give you the chance to cancel submitting that message as spam).

    4) Automatically marks reported spams as Read.

    5) Checks Read status while submitting... if the email is already marked as Read, it'll prompt you. The assumption is that since the emails are marked as Read after submission, if it's marked as Read it's probably already been submitted.)

    6) Error checking so you can't try to submit non-mail items (i.e.: Contacts, Calendar items, etc.)

    7) Gives you the option of deleting the spam and the spam reports after submitting the spam to SpamCop.

    8) If you decide to keep the spam reports, it gives you the option of moving them to a sub-folder of your Sent Items folder.

    9) 'spam Count' button... gives you the number of spams you've received so far today, along with a projection based on that number of how many you'd receive per hour / per day / per week / per month / per year. Includes interface to the Office Assistant, so if your Office Assistant is showing, the prompts will show via the Outlook Assistant, otherwise, you'll get a dialog box.

    10) The ability to submit to other spam-fighting entities (I submit my spam to 8 spam-fighting entities). I'm not afraid of submitting non-munged spam reports via SpamCop... when the spammers see that I'm submitting to not only the Federal Trade Commission, but to several Block Lists, they tend to want to leave me alone.

    11) An Excel spreadsheet that will automatically fetch the spam messages Received Time, Sender Address, and Subject (for building dynamic Block Lists), with a spam Receival Rate chart and a scatter plot of the daily spam receival rate divergence.

    12) A 'Safe Preview' button that will show you both the .HTMLBody and the .Body of the message (this prevents web-bugs in the email from working, while letting you see what the email says).

    13) It uses the Redemption DLL (NO OUTLOOK SECURITY DIALOGS!).

    14) Fixes a developing problem with extra tricky spammers. (They create Multipart email messages, manually insert the <!-- Converted from text/" blurb into the message, putting nonsense text in the .Body, and putting the actual message in .HTMLBody. They then format the email message as plain text. Before the code fix, this effectively hid .HTMLBody from our code, but Outlook still shows .HTMLBody. Thus, the end user saw the actual message, while our VBA code only saw the nonsense text in .Body.) This is a trick that more and more spammers are using to thwart automated spam reporting tools. Some spammers have set themselves up as 'Interested Third Parties' on SpamCop, and after sending the first test message with this format, and looking over the resulting spam report, and figuring out that it indeed worked, I got flooded with emails of this format. As soon as I changed the code to take this trick into account, the flood abruptly stopped.

    I'm looking for expert VBA/VB coders who want to help me and Leon Mayne (the code's originator) in creating a free, self-installing Outlook add-in, so that even newbies can use it without having to know VBA.

    If you want to help out, or if you want the latest VBA code, email me.

  4. OK, I did a little more digging / coding...

    This text blurb in the body of the email sent to SpamCop triggers SpamCop to count it as a spam being reported:

    --------------------

    UBE/UCE Submission, Recipient's State Of Residence - CA

    Please see the .txt format attachment.

    Contact Info:

    Name: Hills Capital Management

    Email Address: xxxxxxxxx[at]xxxxxxx(munged for this post)

    Source Info:

    Subject: Discounted OEM Microsoft, Adobe, Autodesk, Corel software! z nuqtmdgz

    Number Of Messages: 1

    Size of Archive: 14338 bytes

    Received: 2/8/2004 1:34:22 AM (GMT -8:00)

    --------------------

    And this text blurb doesn't:

    --------------------

    spam SUBMISSION

    Please see the .txt format attachment.

    Contact Info:

    Name: Hills Capital Management

    Email Address: xxxxxxxxx[at]xxxxxxx(munged for this post)

    Source Info:

    Subject: Hello! t

    Number Of Messages: 1

    Size of Archive: 3644 bytes

    --------------------

    Any ideas why?

  5. OK, I found out that SpamCop is parsing the body of the email message I'm sending to them (the one with the spam attachment), and counting that as a spam.

    It's doing this because of the text I've put in the body (.HTMLBody) of the email, to meet requirements of other spam reporting entities (SpamAbuse and FTC).

    Is there any way to get SpamCop to ignore the text in the body of the mail message I send, so it only parses the attachment? Is there, say, a key word or something that I could put as the very first thing in the body to tell SpamCop not to parse the body of the email message, just parse the attachment?

    Strangely, I've been doing this (adding text to the body of the email) for a number of days before I started getting the 'SpamCop has accepted 2 emails for processing' blurb in the Subject of the AutoResponder email. So, something must have changed at SpamCop.

  6. That's just the problem...

    I'm only submitting one spam per email, as an attachment, in plain text format (I'm using a derivation of Leon Mayne's Outlook SpamCop Reporting tool).

    Although there's only one attachment per email sent, SpamCop says that it's accepted two spams for processing.

    The only changes I've made recently are to put some text into the body of the email message sent to SpamCop (other spam-reporting entities require this text).

    Could this be triggering SpamCop into thinking there's two spams being submitted? Does SpamCop look at the body of the email sent (not the attachment, the actual email that's acting as a carrier for that attachment). Does SpamCop require a blank email with the spam attachment? If so, it's incompatible with other spam-reporting entities, and I'll have to reconfigure things.

    Are there some guidelines somewhere that show what SpamCop is looking for in the emails sent to it?

  7. Hi, all.

    Got a quick question.

    Here's a recent blurb from a SpamCop AutoResponder email I got:

    -----------------------------------------------------------------------------------------------

    PLEASE HELP SUPPORT THIS SERVICE!

    SpamCop is free. However, if you like the service please pay for it:

    http://www.spamcop.net/upgradeaccount.shtml?elided

    SpamCop is now ready to process your spam.

    Use links to finish spam reporting:

    http://www.spamcop.net/sc?id=z287208723zf3...e5fe1f31dcd951z

    http://www.spamcop.net/sc?id=z287208724ze6...32a43682247379z

    The email which triggered this auto-response had the following headers:

    -----------------------------------------------------------------------------------------------

    The first URL under 'Use links to finish spam reporting:' leads to a web page that says there's an error in reporting.

    Is this a SpamCop bug, or are they setting up a new feature?

  8. If you're running Outlook, I've got some code that does automated reporting to SpamCop, the FTC, Brightmail, SpamAbuse.org, etc. (right now I'm reporting to 8 different spam-fighting entities).

    It's got a fix for what you describe (what SpamCop calls the 'Would Send' error).

    It's a bit complicated to set up, since it's got so many features, but once it's set up, it's basically three clicks from start to finish to report spams.

    It started out as Leon Mayne's SpamCop Outlook Reporting VBA code, but I've done extensive rework on it.

    Let me know if you want the code, it's got very detailed installation instructions, so pretty much anybody could set it up, as long as you can follow step-by-step directions.

  9. Well, I was wondering... if one C/R system sent out a C/R email in response to the spam, and the receivng C/R system got that C/R email, and sent a C/R response to be sure it was a legitimate email sender, then would the first C/R system then send a C/R email in response to the second C/R system's C/R email, which was in response to the first C/R system's C/R email... Ok, now I'm confused!

    What's to stop the various C/R systems from just bouncing C/R emails off each other, ad infinitum? And what happens to the C/R emails that should be sent in response to the original spam with forged headers?

  10. I'm using the Outlook SpamCop Reporting VBA code by Leon Mayne, in Outlook 2000. Leon and I are actively working on bettering the code, and will eventually create an Outlook add-in, so even newbies can use it without having to know VBA.

    I've modified it so I'm sending spam reports to:

    uce[at]ftc.gov

    spamrecycle[at]chooseyourmail.com

    junk[at]brightmail.com

    spam[at]sendusspam.com

    abusereport[at]spamabuse.org

    and I've put my SpamCop reporting address in the .BCC, so it's hidden from other recipients. It's working great... basically three clicks to report spam, from beginning to end. I've also added code that prevents reporting the SpamCop AutoResponder emails as spam (I was tired, and not paying attention to which folder I was in, and accidentally reported one), and I'm working on adding a whitelist that checks the sender of the spam against your Contacts, so you don't accidentally report someone you know, who's email happened to accidentally end up in you spam folder.

    In addition, I've added a text blurb at the end of the spam report attachment. Right now, it reads, ""This spam email has additionally been reported to the Federal Trade Commission."

    This accomplishes two things... it fixes the 'Would Send' issue with SpamCop, and if the reports go to the actual spammers (or to an ISP that is knowingly supporting the spammers), it serves as notice that they should think twice before sending us spam.

    It appears to be working... I've reduced our monthly spam receival rate by over 300 spam messages per month, so far, still trending down.

    You can see a .gif image of our rolling monthly spam receival rate here:

    http://www.hillscapital.com/images/spamrate.gif

    Interestingly, you can see a large uptick in the spam receival rate at the beginning of January, immediately after I began reporting to SpamCop. Apparently, the spammers tried to fight back by sending me more spam... not a very effective technique. That would be somewhat akin to giving enemy combatants more ammunition because they were firing at you.

    Anyway, if anyone is interested in helping Leon and me to make OutlookSpamCopReporting the best Outlook spam Reporting utility there is, let me know. I'd love to have every person running Outlook also running OSCR.

    Personally, I'm sick to death of the perverted junk these scumbags send me, and can't for the life of me figure out why they would want to continue sending me this stuff, knowing that not only will I NOT buy their junk, but that I'm reporting them, as well. They've got to have brain damage, or something.

    Oh, and I love the new forum... that old method of help was kind of clunky to use. This forum should help to attract a lot more people to SpamCop.

  11. My question is (and I really do want an answer to this question... it's been bugging me for a while now...):

    If everyone had C/R, and some spammers created forged headers and sent out 1,000,000 emails with those forged headers to addresses that were supposedly protected by a C/R system, would 1,000,000 people receive a false C/R email? If not, what does happen?

    If so, C/R is flawed, because it allows the spammers to monkey with the system.

    spam is considered unsolicited email... if the flaws in the C/R system allows forged headers in emails to cause unsolicited C/R emails to go out, then that C/R system is, indeed, spamming people.

    Now, don't get me wrong... I absolutely love the idea of C/R. It's like a guard at your front door, calling out, "Halt, who goes there!", and keeping the riff-raff out of your home.

    But, if it's flawed, it's flawed. Which is too bad, because I think the combination of C/R and SpamCop would be something that would knock spammers off the map.

    If we had some way to report obvious spams from the server (so you wouldn't even have to download them to your mail client), and the C/R system (so only legitimate emaillers (and unusually persistent spammers) would get through, that'd be some awesome combination. And the unusually persistent spammers would then get reported!

    Perhaps, instead of fighting, you should find a way to get the systems working together... then form a collaborative effort to offer both SpamCop and C/R as one bullet-proof spam abatement system.

  12. Hi, all.

    I'm using the free SpamCop reporting service. I'm running the Outlook SpamCop Reporting VBA scri_pt in Outlook 2000 (I've modified the scri_pt somewhat to make it easier to use and more automatic).

    So far, I've got it set up so all I have to do on my end to submit the spam email to SpamCop is just select the spams, and click the 'Report As spam' button.

    Then, I get the SpamCop AutoResponder email, and have to click the link in that email, which takes me to a SpamCop web page, where I click the Submit button to submit the spam reports to the responsible parties.

    I was wondering if there were a paid service from SpamCop that would do away with the last two steps? Basically, I'd like to just click the 'Report As spam' button, and be done with it. No AutoResponder email, no clicking the Submit button on the web page. I think I'd prefer to receive a weekly summary email from SpamCop listing how many spams were reported, etc.

    Is this possible?

    Thanks for any help you can provide.

×
×
  • Create New...