Jump to content


  • Posts

  • Joined

  • Last visited

ryandesign's Achievements


Newbie (1/6)



  1. I have started receiving phishing spam directing me to URLs on very long hostnames, so long that SpamCop cuts them off before the entire hostname is printed. For example, the real URL in the phishing mail begins with: http://moneymanagergps-id4945901.citizensb...m.gkkj45.xz.cn/ But SpamCop's confirmation screen only shows: Report spam to: Re: http://moneymanagergps-id4945901.citizensbank.c... (Administrator of network hosting website referenced in spam) So it's hard to see if the URL is genuine or not. I'd like to request that the confirmation screen always print at least the complete hostname followed by a slash, even if that would otherwise exceed the length where SpamCop would usually truncate the URL. [moderator note - link does not point to active page, domain page similarly inactive (thank goodness)]
  2. And thanks to active forum members like yourself for passing it on to the right people!
  3. Thanks for the quick response and the pointers to those links. Here's the tracking URL: http://www.spamcop.net/sc?id=z970608035zaa...c818f6beeda6e0z
  4. I have seen this problem several times now: I report spam which contains URLs that go to non-standard ports, like port 81, which are written in the email source as one would expect: http://host:81/something. But when SpamCop shows me the URLs it pulled out of the source, it displays the URL as http://host/:81/something which is not the same thing. (It put a slash between the <host> and the :<port> part which shouldn't be there.) Here's one such situation: http://www.spamcop.net/mcgi?slice=reportid...ion=showhistory I couldn't determine if this was a known problem or not so I thought I'd better report it here.
  5. Hi Wazoo. Thank you for your response. Here is the most recent spam I have reported where pdlweb[at]yahoo.com asked to receive a copy. Is this what you're looking for? http://www.spamcop.net/mcgi?action=gettrac...rtid=1308552384 http://www.spamcop.net/sc?id=z700092683z21...50280853a9f70bz I'm not sure exactly what you would have me look at in the post you referred me to. Are you pointing me to the FAQ entry on how people can sign up for third-party report mailings? It seems to say that there's no checking at all, that anybody can sign up for these reports. Or are you pointing out that these reports aren't "full" versions? (What's missing?)
  6. I'm concerned that the spam reports I write on SpamCop.net are being immediately sent to the individuals responsible for creating the spam I receive. On the assumption that SpamCop.net knows better than I do who should be receiving spam reports (that being, after all, the reason SpamCop.net was created), I generally let SpamCop.net report my spam as it sees fit. Recently SpamCop.net has wanted to send reports to "pdlweb[at]yahoo.com", apparently a "Third party interested in spamvertized web site" (sic). Being suspicious of the Yahoo address and the peculiar wording of the description, I decided to find out who this is, so I did yahoo.com&ie=UTF-8&oe=UTF-8]a Google search on that email address. I turned up the Google cache of a whois record listing this email address. The current version of this whois record lists the same physical address and phone number, but a different email address and company: GoldToe International Inc. A Google search for this company led me to this page which seems to indicate that this company is involved with spam activities (its IP addresses are listed as blocked / unwelcome). Also found this whois record for the domain simia6activity.info which lists GoldToe as the responsible party. (The current version of this whois record lists somebody else.) The vast majority of the spam I've received over the past 3 months at least comes from one very annoying and persistent spammer who had been using a slew of domains of the form <digit><digit><digit><letter><letter><letter>.<com|info|...> and has recently switched to domains of the form <word><digit><word>.<com|info|...>. So there would seem to be a link between domains of this form and the email address to which SpamCop.net suggests I send my spam reports. How does a third party interested in receiving spam reports get into SpamCop.net's system? How are such interested individuals screened for being spammers themselves? Have I missed something in my analysis above? Does anybody have any info on who this pdlweb[at]yahoo.com really is or why they're interested in my spam, if not to retaliate against those who report their spams?
  • Create New...