Lking

I assume you are talking about topic "Interpreting SpamCop reports and blocking big spammers" One of the three forum spam I deleted on 30 Oct was added to that topic. When the spammer posted you and the other person following that thread were sent an email; I deleted the spam post before you check the topic. This is one of the side effects of having a wide open forum which doesn't run the risk of "AI" blocking some random new user with a valid question?

Looks like option one is the answer. Yes I agree, cut'n past lots of spam is a pain. A talk with your ISP is in order. It has been a while sense I had to deal with comcast so good luck. have you seen any pattern in when/how the 80/20% pass through / block occurs?

Are your reports getting to SC? After sending a spam, even if you do not receive a response the spam should be in your SC queue to be approved. If it is not there then your email provider is blocking your outgoing email because of the spam content, or they have outgoing settings that fail to connect to the SC server. If they are not sending or are trying and failing to sent, your outgoing email they should send you some kind of a notice. On the other hand, if your submitted spam shows up in you SC queue, then your email host could be blocking email from SC. In the passed it has been common for ISPs to block email with the word spam in them. Sense some are coming through, it may be informative to run a test: Forward some spam, one at a time, spaced out to see if there is a threshold when they start blocking outgoing or incoming email. Let the forum know what you find.

SpamCop anticipated your concern. You see a slightly different screen then the rest of us see. If you logout and browse the forum as a "guest" and go to you post clicking on the Tracking URL I think you will see the redacted email.

If you would provide the Tracking URI for the message the rest of us could see the parser's results.

Sorry about the forum spam being visible so long. I was having access issues today.

Also see https://www.spamcop.net/fom-serve/cache/397.html www.spamcop.net, <Help> (upper right of screen) <Mailhost configuration>

That is the disadvantage of blocking an IP or domain when several unrelated parties use the same one.

nav2' you're good. When spamcop decides not to send a spam report, a copy is saved internally at devnull.spamcop.com. In the first example you gave, a spam report would have been sent to abuse{at}salesforce.com, but the report is stored. There are several reason SC doesn't send a spam report. If the intended recipient has ask NOT to receive spam reports, just puts them in the bit bucket, or bounces email from SC, there is no reason to clog the internet wasting bandwidth. However, to keep a record of why and when a party is added to the SCBL a copy of the report is stored in a big database at devnull.spamcop

There are some links to the forum as links to help. Unfortunately, some old links may be broken or to out of date info. As for moving from www.spamcop{dot}net to or from forum{dot}spamcop{dot}net there are security issues. As you may have notices spammers and other malcontent frequent this forum.

Have you looked at the statistics at https://www.spamcop.net/spamstats.shtml There you can look up an ISP and see what their reputation is, and the reputation of their "neighborhood"

Starting in the beginning, Is this new? have you been reporting spam received by this Yahoo account before and the error is new. Have you added your Yahoo email account to you spamcop mailhost? was there a tracking URL that the rest of us could see?

This sounds to me like a message from your ISP. If they have changed their settings, blocking messages to SpamCop could be a new results. I am currently trying to resolve the following:

Sorry, I have no experience to add light to this issue. This is an old thread, can't remember any contemporary threads.

You are correct.

Look carefully at the header. If you submitted a spam report resulting in report #15211355, the report received by cloudflare includes a SpamCop return email address including the report number. IF the real cloudflare responded to the report using that email, or did a reply TO: their email would have gone to spamcop. SpamCop would then forward cloudflare's response to you (who submitted the original spam) so you could respond if you want too. This process provides you with any response from those that receive spam reports you generate -- AND keeps your email address hidden from the spammers/host/ISP. Looking at the header/raw data you should be able to tell if the email you received came from SpamCop. This action is controlled by your preferences selected on https://www.spamcop.net/mcgi?action=showadvanced IMHO there is one draw back to this procedure. IF/when you respond to the sender (cloudflare) you will reveal you email address/identify. There is no pass through back from you, through SpamCop, to whoever received the report (cloudflare). On the other hand, if the reply is from the spammer, or ISP you think is supporting the spammer, there is no point. If you decide that those that received the report are a responsible party, there should not be a problem revealing your email. (On the other hand, it really doesn't make any difference, the spammer already has your email address.) In the last ~18 yrs I have had been using the same email address. Every one and their brother knows what it is (Norton finds my email everywhere). In spite of the visibility and activision, mostly I have a ho-hum level of daily spam; I have no filtering so I can see everything sent to my domain and sort them in FireFox. There have been three DOS attacks on my email address.

A simple option would be to login to your reporting account and go to https://www.spamcop.net/mcgi?action=wizard&stage=1 <Preferences>, Second option "Change Email address or name"

Historically SpamCop has had three priorities: 1) Identify the source of spam to feed the SCBL, 2) Send spam Reports to appropriate IP management so they can take action, 3) identify spam links in the body of the spam - a follow the money - effort to kill funding for spam. From there it is a mater of allocation of resources, and I would suggested ROI https://www.spamcop.net/spamgraph.shtml?spamstats

Every win is a win, no matter how small!😄

Login to your reporting account, <Preferences><Reporting preferences> scroll down to "Quick data Reports", select Disable, scroll down more and save.

<Browse> <Staff> Richard W

Which may not be relevant. In this case years ago SpamCop and Hormel (meat processor of spam) agreed to differentiate between the trademarked meat product spam, and the main interest of SpamCop by capitalizing on and not the other. As a result this form automatically makes some edits. You can go to the "Test" forum and try to enter a test post with the meat product in the title. You can also try to edit other words in the title.

Upper case 'S' spam is a canned meat product. Lower case 's' spam is an unwanted email. ninth is correct. what is done is done. However, you really can't dispute your spam report because it is not your IP that was reported. You should let the reported party that you made an error. The good news is that one spam report will not put an IP address on the SCBL. For details go to https://www.spamcop.net/fom-serve/cache/297.html and scroll down to SCBL Rules.

Seem to be fine now - at least when I login.

Yes John forwarding spam as an attachment is the best way generally. However, for the few image-only spam, Login in to your reporting account, cut-and-past the spam with full header. Then scroll down past the first blank line, delete the body (and gjf/jpg causing the problem). Then add a line stating what you did "deleted image-only body". Then submit the spam. This approach is similar to the process for spam that is too big to process. In that case the body is truncated and a line of text is added. Remember parsing the body is the lowest priority, after processing the header to collect data about the IP for the SCBL, then sending spam reports to the ISP etc, THEN process the body.