Jump to content


  • Posts

  • Joined

  • Last visited

About csouter

  • Birthday 07/07/1948

Contact Methods

  • Website URL
    http://404 NOT FOUND

Profile Information

  • Gender
  • Location
    Sydney, Australia
  • Interests
    Classical Music, Computers, Photography, Good Food, Fine Wine, Cars, Horse Racing

Recent Profile Visitors

1,174 profile views

csouter's Achievements

Advanced Member

Advanced Member (3/6)



  1. Thanks for the heads-up! I've just received my first new piece of Gmail spam since my OP, and I was pleasantly surprised that the Gmail header problem seems to have been fixed! YAY! BTW, RobiBlue, it might be freezing where you are, but we're getting barbecued "Down Under" ATM!
  2. Hi all, Yet another of those stupid questions which I'm in the habit of asking. I don't get much spam these days, maybe three or four per week, (down from anything up to 400 - 500 per day a couple of years back)! Nowadays, I use Gmail for most of my online communications, and I will occasionally receive an email that has managed to slip through Gmail's spam filters, and, of course, I will immediately report it to SpamCop as soon as I become aware of it. However, more often than not, Gmail's filters will already have caught the spam and kindly placed it into the spam folder so that I can deal with it at my convenience. Most of the time, Gmail is correct in its assessment, but if it does come up with a false positive, it's a simple matter to click "not spam" and return the message to the inbox where it belongs. If a message has been correctly identified as spam, normally I will still report it to SpamCop, (having first redacted those lines that Gmail inserts into the headers, causing SpamCop to think that there's "nothing to do"). However, I do occasionally forget to make that report, and I'm just wondering whether it's really necessary to report spam that Gmail has already correctly identified. Is it of any use to anyone if I report spam that Gmail has already identified correctly? I'm looking forward to hearing your opinions on the matter. Thanks in advance. Best regards to all Christopher (Chris) Souter (Sydney, Australia)
  3. I've just received these 4 spams in the last hour. They seem to be arriving in pairs. 1. https://www.spamcop.net/sc?id=z6432003135z85b1283f75fe26fc67527132f3879eacz 2. https://www.spamcop.net/sc?id=z6432007009z4a4fd1a767cf2e2257b4392b71349c33z 3. https://www.spamcop.net/sc?id=z6432011457zbe5b0b3621ce9e6e4bf5846e9a7a7999z 4. https://www.spamcop.net/sc?id=z6432011515zfd9beaed8a2c8f9122436b50289c01ddz It would appear from the parse that the MailChimp abuse address gets the SpamCop "/dev/null treatment." I would have thought that an enormous mail forwarding organisation such as MailChimp ought to be investigating spammers and shutting them down, not ignoring SpamCop reports. It would also appear that SpamCop reports about the spamvertised Akamai links contined in those spams also get the same treatment, which mystifies me somewhat, considering that even though the reporting address is abuse-spamcop [at] akamai [dot] com, the reports are not sent because the annotation in the original parse states that akamai admins refuse to accept this type of report. If this is the case, why have a special "abuse-spamcop" account at all? WEIRD! I have a nasty feeling that I'm going to be getting a lot of spams like this, today, because it's quite unusual for me (a) to receive "paired" spams, and (b) to receive more than one spam pointing to the same host on the same day. (What I mean is that I usually get one copy per day of any given spam type). And the last time I received multiple copies of the same spam was a run of almost 500 on the same day, sent to one of my Gmail accounts about 5 years ago, just before that huge server takedown in wnich Microsoft and a few other major industry players were involved. Thoughts, anyone?
  4. You're not wrong about that, mate! Anyway, having conducted those little experiments in response to your useful suggestions, I've decided that I shall no longer be contacting Amazon AWS.directly, but I shall continue reporting to KnujOn. Cheers to all for Christmas and the New Year!
  5. Copied & pasted directly from the quoted report link: Reportid: 6758583785 To: hostmaster@hostex.lt Reportid: 6758583786 To: abuse@hostex.lt It's .it (.LT), not .it (IT) I also thought initially that it was .it, but hostex.it doesn't exist, according to my browser, whereas hostex.lt does. It's easy to mistake an "l" for an "i" because of the font used. .lt is the TLD for Latvia.
  6. I have no idea whether or the the "unsubscribe" link works. I did click on that link in the very first of those spams I received, but, IIRC, nothing happened - I was not taken anywhere at all - no new browser window opened, etc... nothing... Normally, I never respond to survey requests of any kind.
  7. FYI, my spam came from Latvia, not Italy. The TLD is .lt, not .it.
  8. Got the following reply from Amazon: (Bold text emphasis added by me, because I think this proves that the spammers are receiving the reports and using them to harvest known valid email addresses). It makes me wonder wny I should even bother reporting to Amazon Web Services at all, if the spammers are just using the reports to send more spam. BTW, I have just this minute received another such spam, pointing to not quite the same site, (the beginning of the link is the same, but it ends slightly differently). SpamCop reporting URL for this message is: https://www.spamcop.net/sc?id=z6430456086z1fbf0bab202104b59115db70b74a2770z These messages seem to work in very much the same way as the popup ads that accompany so-called "free" mobile apps: if the hapless user taps the ad, he/she is taken to some bogus website, asked to provide his/her mobile number and told that he/she is in a draw for a free iPad, or some such thing, and if the user is silly enough to provide the number, he/she will start receivng a barrage of spam SMS messages, to which the standard reply of STOP has absolutely no effect. The exact spamvertised URLs are constantly changing, and as soon as the network admin shuts one down, they simply create a replacement. I suspect that the entire process is fully automated. Anyway, that's my 2ยข worth.
  9. I just received another spam with a URL pointing to the same website administered by Amazon Web Services. I followed your suggestions, reporting to SpamCop, and I was able successfully to submit an abuse report to Amazon Web Services, but only after considerably truncating the email source. I had to trawl through the source to find the spamvertised URL, and I made sure that it was still there after I had stripped out all the HTML formatting code. As far as I can make out, it seems that Amazon Web Services don't need the full email source. BTW, the SpamCop reporting URL for this message is: https://www.spamcop.net/sc?id=z6430220543z9c15449883f426c8a3dc680c9ae70c46z We'll see what happens.
  10. Next time I get one, I'll give it a try.
  11. I get several spams per week from senders hosted by hostex [dot] lt, and the reporting address is shown as pagalba [at] hostex [dot] lt They all spamvertise sites hosted by amazonaws [dot] com and the reporting address is shown as abuse [at] amazonaws [dot] com It's not a lot of trouble reporting them, (I only get 1 or 2 per day, on average), but these spams have been continuing to arrive for many months, and reporting them seems to make no difference at all. Now, not all the spams originate from hostex [dot] lt and SpamCop sometimes shows the reporting address as <I-can't-quite-remember-the-exact-name. [at] microsoft [dot] com However, all the emails contain links to spamvertised websites that are hosted by amazonaws [dot] com As an aside, I have noticed that a spamvertising campaign usually drops off, (for me, at least), after maybe two or three months, but these amazonaws spams have been going on for almost a year, now, and show no signs of stopping. In fact, I have already reported 2 such spams this morning. As for Yahoo-based spammers, my email account seems mostly to receive 419 spams from them. 419 spams don't usually contain links, but mostly they seem to originate from large web-based email services such as Yahoo, Outlook [dot] com and gmail [dot] com. These campaigns usually last about 2 to 3 months and then drop off for a few months before resuming their onslaught. I should also add that I think I may well have brought these amazonaws spams upon myself, because I actually opened the first one that I ever received, (it was almost a year ago, I think), as it looked genuine, and was purporting to be associated with an online account that I really do have with Woolworths, a large Australian supermarket chain. Not only that, but there was a large button AT THE VERY TOP OF THE MESSAGE, NO LESS(!), marked "Report spam or unsolicited email!" Thinking that this button was a genuine, legitimate unsubscribe link, fool that I am, I clicked on it, which would have well and truly confirmed the validity of my email address to the spammers. I use MS Outlook 2010, (correctly configured with the appropriate registry settings to save the full message source, not only the headers), but my Outlook filtering settings mostly seem to fail, (even though the spams are shown by SpamCop to have originated from the same sender), and so I now have my inbox set up without a preview window. I can now right-click on the subject line and choose "block sender," and Outlook will move it to my Junk folder, with all links and images disabled, but the full source is still available for SpamCop reporting. I know that 10 or 12 spams a week is far from any kind of a big deal, but it's really frustrating that this particular campaign just seems to go on and on and on...
  12. Hi all, I have a question about SpamCop's policy regarding email source modifications. I use Avast Premier AV, which has, among its components an Anti-spam feature and a separate Mail Shield feature. By default, these features will modify email messages in various ways. Rather than going into all the details, (one picture is worth a thousand words), I provide here links to the relevant settings pages. 1. Avast Premier AV Anti-spam Settings Page 2. Avast Premier AV Mail Shield Settings Page If you care to visit these two links, you will see what Avast adds to the different kinds of emails, regardless of whether or not they have been flagged as spam. My question is: If Avast, (or any other AV, for that matter), modifies emails in this way, do they still fit within the SpamCop guidlines regarding unmodified sources? Thanks in advance for any help or advice on this matter. Best regards to all, Chris Souter (Sydney, Australia)
  13. OK, thanks for that. So if it's from Brazil, I can use cert.br as well as the ISPs own abuse desk, right? So, I guess I would have to research each one of them and try to build up a database of who will & who won't accept SpamCop reports. Sounds rather time-consuming, doesn't it? Downloaded and installed already! I've been reporting to SpamCop since about 2004, I think. I started using KnujOn after the BlueFrog fiasco, around the middle of 2006, IIRC. I can't remember how I found out about them, but maybe it was through CastleCops, where I was a member until they closed down in the face of the massive DDoS attacks of 2008. KnujOn had a forum on CastleCops, but when they closed down, he moved to LinkedIn, and I didn't follow; as a retired person, I have no interest in furthering business connections. That would certainly get their attention, but I couldn't use that for the pay2us site: I doubt if they're child porn spammers; from what I can find out about them, it's most likely a phishing site. Do you think it's any use for me to send reports to the FTC? I'm not a US citizen; I'm an Australian citizen, (obviously, also living in Australia). I seem to remember reading somewhere that the FTC is not interested in reports from outside the US, but please correct me if I'm wrong. Many thanks for all your info!
  • Create New...