MIG

Hey Petzl, How then does SC successfully parse spam, with no Mailhosts configured As it did: Friday 26/04/19 08:21 PM https://www.spamcop.net/sc?id=z6541305991z244053acf8840b94d8ed4b353b382ceaz ? 🤔🦗

Go to the top of the class✌️ Gnarlymarley, Just tested it with active Mailhosts, results same as Jelmer: https://www.spamcop.net/sc?id=z6541621305z585cc48567a257c25a06b41e90d7842az I thought SC worked with & without MH configured? At least that (may) put paid to the "thinking" that scum have found a way to bugger up the parser, but it raises another question... What to do? 🦗

This is a general observation: How about SCF has a [pinned] topic/table: Email addresses, for the purpose of collecting all "helpful" email addresses that we can use (that the parser does not identify), and, given there's only one additional SC Parser To: field that an address can be manually added to, many of us, take further action on spam, (like forwarding to x & x & xxx ..) after, we utilised SCP? I know I've been helped many times by finding email addresses in the SCF posts. If all those addresses were collated in a table it would be most useful (imo). Anyone? GH happy to do the grunt work if anyone is warm to the idea but time poor. Be kind x🦗

🤣 https://en.wikipedia.org/wiki/Ain't My teachers fullstop had objections to everything that came out of the mouths of their charges. 🦗

Hey HeatherReid43, I think you've covered all bases. There's also an online but (imo) it's painful, much easier to forward the email to those address & any reporting authorities you choose... Cheers!

Hey Jelmer, Just putting "automation" aside, for a moment, I've just parsed the link you posted & get: https://www.spamcop.net/sc?id=z6541305991z244053acf8840b94d8ed4b353b382ceaz, fully resolved, this surprised me, so, I tried a different account & browser, same result. Is it this one spam that's a issue or are there more of the same? Please let us know? Cheers!

Hello HeatherReid43, Yes, it's a generic response, just checked back thru some very old Amazon responses. Not sure about "all", if I remember correctly, I got a swathe of them before I began to (as well as processing via SC), forward every email to ec2DASHabuseATamazonDOTcom (if you're not doing this already?) From: Amazon.com <nobody@bounces.amazon.com> Sent: Thursday, 10 January 2019 05:39 Subject: Re: Fw: Your new profile is confirmed and already has video messages. Hello, We are sorry to hear that you received unwanted email through Amazon SES. Please note, this reporting address is only for mail sent via Amazon SES (emails originated from 54.240.0.0/18). If you have a complaint about other AWS abuse (e.g. EC2), please submit your complaint here: https://aws.amazon.com/forms/report-abuse Cheers!

Thank you Master! Popup blocks, nope, however, full reset of all browsers, popUps now working on 4, 5th still being worked on... Does contain a "bad" word😉? Thanks for the guidance. I'll find the abbrevs that have stumped me and post back. 🦗

Master?, 🐭over what/where? I beg you, pleeeeze don't slap me Master but GH's been 🐭ing over everything, cannot find leetle popUP window anywhere??? GH 🐭d over you, saw you-know-who with the 🧹, Petzl, got Johhny-miss-him-madly-Cash.... Don't think🐭over technique is lacking, just have absolutely NO IDEA where to 🐭over... Have mercy🙏!

HeatherReid43, I second the Master's kudos to you HR (hehe, that's "Her Royal"). Job very well done💪👍👏!! My own experience, using SC & going thru hard slog when it appears a mail account is in the firing line, keep the notifications going & voila, at some point in time, it goes from 100s x daily to 1 or none. When it 1st happened, I posted: "think there's something "wrong" with mail acc, not getting any spam". Now you've had a mighty success, you are entitled to be referred to as HR aka the Queen! Cheers! GH

Would it be possible for all of us (who use abbreviations) to either: post the "unabbreviated word/s", "once" in the post or have a table where all used abbreviations/acronyms are used. Grasshopper has a bugger of a time searching (net) for abbreviations/acronyms during researching a SC issue where a SC member is asking for help & we're all pitching in with solutions/observations/comments... Please? 🦗

Hey Norbet, Unfortunately scummy spammers "bury" legitimate email addresses, i.e. yours, mine... in the spam. Spamcop cannot mung these. It's not due to the "way" you're getting spam to SpamCop. To deal with this I a) Copy the spam source data to a text file/notepad. b) Search for every instance of my email address & or my unique email identifier, for example, grasshopper@greengrass.net, where ever "grasshopper" is found I replace... e.g. deadslug@greengrass.net c) Copy the contents of the text file to the SC parser, parse.... When I first starting using SCF I'd freak about the fact my email address was visible when/if I posted a SC Tracking URL, however, the very wise and experienced SCF Masters assured & convinced me, the spammers had my email address anyway. Hand on heart, my unsolicited spam has gone from 100/daily to 1 a month if I'm lucky, sometimes I now get pissed off that I haven't got any spammers to destroy☺️ Cheers!

Hey nh905, While you're collecting Spamcop tracking URL for Lking & GnarleyMarley.... & the rest of us curious critters 85.119.146.106 & 216.146.195.93 Cheers!

Hey GnarleyMarley, I was referring to your comment: "about the webapp, I can only get it to show me headers" What "webapp"? Image 1 = Original OutLook (live/web mail) previously Hotmail. Image 2 = Original OutLook (live/web mail) previously Hotmail, accessing "Source data". Image 3 = New OutLook (live/web mail) - previously BETA. Image 4 = New OutLook (live/web mail) - accessing "Source data" -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Off topic but "relevant" to Microsoft implementation of Outlook Live Beta, to access source data (in any mail) it's necessary to open the mail. It's this day & age of highly sensitive touch screen devices the possibility of inadvertently "selecting" a link in a spam/malware mail is significantly increased🤬. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Cheers!

Thank you Master! Got it! Unfortunately (for me) using my (private 16 char reporting account) has never worked. And using https://outlook.live.com/owa/?path=/mail/ does not have the functionality to forward spam as "attachments". However, your information certainly clarifies the question I had specific to spam submitted via SC parser. I'm curious about [red]: To: spam@uce.gov, Report@submit.spam.acma.gov.au, stop-spoofing@amazon.com Subject: [blah, blah, blah] spam Report From: XXX <x@xx.com> Acma spam reporting guidelines: "Forward the email spam to report@submit.spam.acma.gov.au. When forwarding an email, don't change the subject line or add additional text." Have Acma ever communicated with you regarding spam you've reported? Curious? Thanks & cheers!

Greetings Master, Thank you for clarifying! Much appreciated! However, 🦗 is confused, (for me) SC parser classifies Amazon (amazon[dot]com) as /dev/null, are you suggesting manually adding amazon[dot]com to https://www.spamcop.net/ [User_Notification] field, irrespective of SC's determination? Thanks in advance!

Hey Master, Very interesting. I previously raised (with SC Admin) "Request to add" stop-spoofingATamazonDOTcom, as so many amazon / SC reports resulted in /dev/null. SCA replied: quote Adding an address just because it looks like it might be a good idea, isn't a good idea. Stop-spoofingATamazonDOTcom is a specific address with a specific use. spam from Amazon's IP space is not the purpose of that address. It likely wouldn't take them long to start rejecting all SpamCop reports, even ones about spoofing, if we were to start throwing everything Amazon their way. unquote As a result of receiving that advice, I stopped manually adding stop-spoofingATamazonDOTcom, Amazon spam continued, when I add stop-spoofingATamazonDOTcom, spam reduces to an occasional, 1 a month, to none... Your thoughts? (would be very much appreciated) Cheers!

Hey gnarlymarley, I'm talking about mail accessed via https://outlook.live.com/ in/on a web browser. What used to be called [Hotmail]. Accessing source data is completely "do-able", irrespective of whether the [new Outlook] {used to be called "Beta", but now in production and called new Outlook (by MS)}, or the [classic Outlook] is used. To reiterate, using https://outlook.live.com/ [new Outlook &/or classic Outlook] it's not possible to: [Save ANY email as .eml] or any other format. There's no [key sequences] to [forward an attachment]. https://support.office.com/en-us/article/get-help-with-outlook-on-the-web-cf659288-35cc-4c6c-8c75-e8e4317fda11 When you say "about the webapp, I can only get it to show me headers", I don't understand. Can you provide more specific detail please, for example: Step 1 - go to x Step 2 - blah, blah, blah... I'm happy to help if I you'd take the time to provide info/reply please? Cheers!

Hello HeatherReid43, There's a 5 page post [ocn.ad.jp spam][http://forum.spamcop.net/topic/16696-ocnadjp-spam/] with some very good info about ocn.ad.jp, including info from skydealer: "The address that I received emails from when I contacted them directly is 'abuse_support@ocn.ad.jp' which is listed as the "OCN Internet Security Team". Reading the 5pg post, I'm not sure ocn.ad.jp, can be/will be compelled to do anything, however, me personally, I'd forward any unattentioned spam to all of the addresses you've listed, include in the forwarded email: the offending ip/s & a note, e.g. "X is being used by criminals to distribute unsolicited phishing spam". Please let us know if you have any success. Cheers! .

To the ghost who wrote "{He means a Tracking URL}", Thanks for the correction, that's exactly what 🦗meant. 🦗 is a tired, Caffeine depleted🦗 & that's why you're a Master & I'm a only a 🦗😁!

Thank you HeatherReid43😊

Hey RobiBue, Thank you! What I've been doing is manually searching for any "http" Example: <a href=3D"https: // odnogrupniki.com.ua / =away.php?url=3Dhttp:// recover.wokdorkers/?10809809944215154550025261733"> , removing everything except https: // odnogrupniki.com.ua /, dropping the result in SC Parser. 2 outcomes, SC Parser recognises the links & I think, in another post, you provided info that each time full links were parsed the spammer got a positive hit, that urinated me off so any action I can take to limit benefits for spammers, is good for me😎 I think I need to 101 regular expressions/Regex to get my🦗head around your solution😉 Cheers!

All good Klappa & thank you! Re 2. Please post more/new SC Report URLs that have embedded redirect links to Amazon. Cheers!

Hello HeatherReid43, Re "selecting SCF category for posts" Never let concerns about where to post stop you from posting, there's very good & helpful SCF people who'll move any "misplaced" post to the correct location. Re "escalating ongoing spam that is not being addressed" Sometimes rules are meant to be broken, oftentimes fighting spam makes rule breaking mandatory😎 Specific to "419 scam email" Are you able to post us a Spamcop Report URL please? {He means a Tracking URL} It'll look similar to: https://www.spamcop.net/sc?id=z-very long-number-z😊 at the top of your submitted SC report. Cheers!

Hey GnarleyMarley, Jimmywalter & anyone working with Outlook web mail, It's not possible to: [Save email as .eml] or any other format. When using Outlook web mail there's no [key sequences] to [forward an attachment]. Sucks I know, but, it is what it is. Cheers