Jump to content


  • Posts

  • Joined

  • Last visited

dzaidle's Achievements


Member (2/6)



  1. Here is another: http://www.spamcop.net/sc?id=z5428972933z5...a2bf5261758ee3z
  2. http://www.spamcop.net/sc?id=z5428962489zd...836ef4401e334ez
  3. If I correctly understand what's happening, might it be helpful to install a CAPTCHA on the reporting pages?
  4. Could this be related to the "leap second error" that took down many prominent websites a few days ago?
  5. Actually, it is rather simple: In your firewall or router, block the offending ISP(s) and/or domain(s). I use this for my company's entire server (globally blocking all offshore--from the US--IP addresses and individually blocking domestic IP addresses and domains), thus reducing our spam load by 95 percent and more.
  6. The URL in a spam I received, h ttp://upeydxwhkft.blogspot.com (I suspect it is a malware infection site), will not parse despite multiple reloads on reporting. Tracking link: http://www.spamcop.net/sc?id=z1775887640zc...cddf55fae31233z [edit url link broken]
  7. Despite many reloads, the parser would not resolve the spammed URL, ht tp://gailroffcc.blogspot.com Tracking link: http://www.spamcop.net/sc?id=z1649053025z1...28403622e54fc0z [edit - live spam link broken, no sense in giving a spammer free airtime]
  8. Thanks Wazoo et al. I will do the Mailhosts configuration route and see how it goes. DZ
  9. For som time now, the parser has consistently interpreted spam to/through my server's relay as the source, rather than the actual source IP. While I realize that "X-Originating-Ip:" [] can be spoofed, in this cas it isn't but the parser ignores it. Any suggestions I can pass on to the server admin appreciated. A sample tracking link and the associate original header below: LINK http://www.spamcop.net/sc?id=z1405828583z7...49c079b7df6166z HEADER Return-Path: <xxx[at]axisbancorp.com> Received: from gate11.r4.iad.mlsrvr.com (gate11.r4.iad.mlsrvr.com []) by mail18b.r4.iad.mlsrvr.com (SMTP Server) with ESMTP id BFB283E3AD1 for <xxx[at]fishgame.com>; Thu, 23 Aug 2007 16:07:22 -0400 (EDT) Received: from gate20.gate.sat.mlsrvr.com (sat6.emailsrvr.com []) by gate11.r4.iad.mlsrvr.com (SMTP Server) with ESMTP id 9A4508A8104 for <xxx[at]fishgame.com>; Thu, 23 Aug 2007 16:07:22 -0400 (EDT) X-Virus-Scanned: OK X-spam-Flag: NO X-spam-Score: 1.002 X-spam-Level: * X-spam-Status: No, score=1.002 tagged_above=-100 required=6 tests=[html_MESSAGE=0, RCVD_IN_SORBS_DUL=0.001, URIBL_DNSBL_BLAGR3=1.001] X-Originating-Ip: [] Received: from i3ED6FBEC.versanet.de (i3ED6E858.versanet.de []) by gate20.gate.sat.mlsrvr.com (SMTP Server) with ESMTP id 5C9AC1B409C for <editor[at]fishgame.com>; Thu, 23 Aug 2007 16:07:20 -0400 (EDT) Received: by with SMTP id JSjFkIBQXXSQz; Thu, 23 Aug 2007 22:08:08 +0200 (GMT) Received: by with SMTP id WkXRLnRxjMXWvF.3871365883681; Thu, 23 Aug 2007 22:08:06 +0200 (GMT) Message-ID: <000301c7e5c1$4fe1dec0$ecfbd63e[at]Linda> From: "sebastian bustin" <sebastian-bustin[at]axisbancorp.com> To: <editor[at]fishgame.com> Subject: reckhard Date: Thu, 23 Aug 2007 22:08:03 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0008_01C7E5D2.136AAEC0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.3028 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 X-Antivirus: AVG for E-mail 7.5.484 [269.12.2/967]
  10. ISP abuse departments are either (1) staffed with the brain dead or (2) operating under corporate policies that are dumber than a bag of hair. The bigger the ISP (Comcast, RoadRunner, SBC GLobal, et al), the worse the problem. The dumbest thing that seemingly all mail server administrators do is bouce back to the address in the From line rather than authenticating then bouncing back to the sending server before the transfer ever takes place. That is just plain dumb.
  11. Received a PayPal phishing spam that parsed oddly, yielding the message, "619.197.189 is not a routeable IP address." Here's the link. http://www.spamcop.net/sc?id=z947255965zee...49daf061b1823fz
  12. "...made myself an all-Korean and all-Chinese blacklist." I do something similar for my personal email account, but I blackhole ALL messages from IP addresses registered in APNIC, LACNIC, and RIPE. Since I receive no legitimate communications from persons anywhere but the U.S., it cuts my spam voume by three-fourths and I get no fales positives on legitimate email.
  13. Isn't this spam hawking pricewatch?
  14. Well, actually, for the time being mail from comcast IPs without comcast.net in the FROM field go to a "holding area" rather than directly to the bit bucket. I'd get the email, but maybe delayed a few hours, depening on how often I check the server spam folder. DZ
  • Create New...