Jump to content


  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

1,721 profile views

Outernaut's Achievements


Member (2/6)



  1. Looks like this is the only suggestion, the others are questions, but in keeping with old traditions - I'd like to suggest: That SC introduce ways and means of using SCBLs under cPanel accounts. A tool so we can drop in SCRBL s and let cPanel compare incoming mail to SCRBLs, and delete the often very obvious spam. Yes. Thanks for suggesting spam Assassin. If it was reliable, I wouldn't be suggesting side stepping the etch-a-sketch version of dealing with spam to using SC block lists instead of SA. O
  2. Not quite. After reviewing @gnarlymarley and checking again, it may be they used a contact form. The form did not have any captcha so I put a non-invasive invisible captcha on. We'll see. Thanks to you both for your asistance, ~o~
  3. This is new one for me. This scam comes from domainregistrationcorp.com (address is "502 Bad Gateway") The scam warns owners of domain to renew at ridiculous rates, and for certain, those that do, Inever see their renewal, only a hole in their pocket. https://www.spamcop.net/sc?id=z6708342598za3c1a7e1620502b088a404a350ad0835z ~o~
  4. I use spammassassin. Trouble is, even set at 2.5, so much crud still gets through - same spam, same IP. So I also use "Global Email Filters" and toss IP addresses in there. I don't care if I forget to check and remove them the list. Most come from Google, or passed through Outlook, or via OVH. That's a manual task I'd rather get rid of, each domain has it's own cPanel, so what I add is not system-wide through all my clients. Ergo, my question about SBL > RBLs. Now I've come across extortion without a IP. Separate post on that. Oh well, the battle goes on. ~o~
  5. All very generic old-style Viagra, Fat Burners, free energy scams, sunglasses - the usual stuff flogged by affiliates whose owners don't care how their product get's out, so long as they make a $ are inundating one email address. I have reported the IPs to SpamCop for 2 weeks now. The IP is always the same except last octet goes up or down a number or 2. But they are still coming, and I WAS still adding them, today I think about 20 of them before I decided I need some time for myself. I tested and pasted the full IP of several of those bits of wasted time into https://whatismyipaddress.com/blacklist-check and they all come out by SpamCop as being A-OK. I can't be the only one that gets these. So, how is SpamCop a good thing? I've been manually posting the messages here , then copying the IP and going to my mail server and adding them in to Global Email Filters, which has decided that it no longer likes the asterisk in addresses (170.130.207.*) and does nothing about blocking them. My own ISP, not affiliated with my other mail server, has decided not to use SBLs and insists customer can take the time to dig out the headers and paste it into a email to the ISP. I did this, and 2 weeks later received a email saying the spam was too old. They tell me they have their own "team" now reviewing copies sent to them. I think that support fella is too stoned. I have asked this before and got loads of technical gobbledygook. But, is there a way to use the SBLs at my mail server, without root access, just cPanel, to block or send these spams IP addresses and really, truly see them worked into the system to block them? ~o~
  6. That is great news. However, when I suggest people use real email and get Tbird, I get the deer in headlights looking back at me. Too, it's hundreds of people doing the job that ONE mailserver should be doing. I found today that all my manual reporting of domain 170.209.130.* spam for the last 2 - 3 weeks does nothing to stop it. That is in another post. But it is nice to see Tbird is still getting some add-ons. Thanks for the tip, ~o~
  7. @gnarlymarley I just received the following spam, posted it via the report spam box. It is dated Mar 10, as are all spam from our lover at amazonaws. The reference is: https://www.spamcop.net/sc?id=z6706263625z7a716025061c9bf82331039e2ea81dcfz Are you able to tell who/ISP is delaying it? Or a link to how to read that stuff. TIA ~o~
  8. After login, at the report and landing on the report page, is a new-to-me announcement: In a shell, does that mean we will no longer be able to report spam to SC, or does the change affect how we report? I'm also worried all you guys that help here will loose your high-paying positions ~o~
  9. Have you found anything out? Today's visit to spam Cop (SC) shows a SC announcement dated March 11, 2021 at spamcop.com > "Welcome registered user" page title, under the "Paste entire spam..." box, > News: (Last Modified: 3/11/2021, 12:51:03 PM -0800) makes me wonder how the changes will affect people like myself that manually post full *'source' to spam. I have been reporting several spam-a-day through amazonaws now for 2 weeks. Nothing changes except the date and the IP addresses and only slightly. (I see it as IPs address changing in IPs 3rd digit by one or two of the 3rd and/or 4th octets (i.e., today's spam originated from amazonaws ###.###.###.123 becomes ###.###.###.124). Too, one could sometimes fantasize and send full headers to abuse@amazonaws.com. I hope you have heard good news and also hope I am misunderstanding the SC announcement. ~o~
  10. Aha! So the key is "slowly" and the tooltip appears. I wondered what the dotted underline was supposed to do and since moving around and over it to find a link or something, I never went slowly. The onhover:showit(?) seems slow at this end. As in: <abbr title="Now I Understand">NIU</abbr> I take it that one needs higher privileges like Admin, Mods etcetera to invoke that via this GUI. I'll stick to using * to call out a footnote. I know topic is old, but forum isn't. Might help another noob like myself. * Asterisk. Used to call out a footnote.😊
  11. Thanks, I understand - I think My email client (Thunderbird) shows the spam date being March 10 and the garbage comes in after March 14 (today). My emails including the trash from scumbags is listed by most recent. Tomorrow, I know I will see several new legit email, and some unread (spam) will have day-before-yesterdays date. Let's blame the email client If I understand the Spamcop announcement (News: (Last Modified: 3/11/2021, 12:51:03 PM -0800) new announcement at Spamcop.net > login > Reporting GUI is abandoning us, just a week after my ISP threw customers into the cesspool by dropping their use of SBLs and telling customers to start using the webmail GUI to create filters, ISPs not being allowed. It is a very sad day. R.I.P. Internet. I am addressing this in a separate Topic. ~o~ p.s. If I don't get to say so before we are blocked from adding spammers, my sincere thanks to you and all the others here that volunteer your time, experience, and patience to help everyone battle the festering sores of the Internet.
  12. On a busy email address, spam comes in but occasionally with older dates/times. It's sometimes rejected by SC due to it's age. This is a example: https://www.spamcop.net/sc?id=z6706167000zcd603f42bf470b11f07d5489c8829d4dz (rejected saying it was to large (not! Rejected because it appears old?) Today is March 14, 2021. There are several emails dating back to March 10, 2021 and the spam showing the date of March 10, 2021 was not delivered until today. The spam seems to have been backdated or held until today, but with March 10 date. How is this even possible? TIA ~o~
  13. One account I am interested in protecting (Y.Com for example) is on a shared server/IP. It's one of those reseller programs similar to what Hostgator and the like offer. The account has it's own domain name of course, and may have a multitude of email addresses. The email IP octet set has one number different in the last octet than the site IP shared address. i.e. Site may be 123.456.789.001 and the email is 123.456.789.002 I sent a email out from me@y.com to myself at a telecom email address. The headers showed the IP for the shared host email IP, followed by my ip at the telecom. If I understand you correctly, then my IP is showing? Is there a handy-dandy how-to for noobs you could recommend that addresses this issue of 'to bounce or just delete'. ? I very much appreciate your time, ~o~
  14. Can someone tell me where I should be asking this question? Should I open a account at cPanel and ask them? Thanks
  15. I will try to explain better: Mail arrives at server and in cPanel > Global Email Filters is where I enter the IP, and choose what to do with that IP next time email arrives. The "Action" options are: To Filter, I use: I enter a name for the filter (I use the offending IP - easier to find), then under Rules, from drop-down I choose "Any Header" > "Contains" and enter the IP address, or parts of it. and Under Actions, is where I choose what to do with it. My choices are: Discard Message Redirect to email Fail with message (bounce?) Stop processing rules Deliver to folder Pipe to a program I assume these checks are done as email arrives. Do you think 'Fail with message' shows my IP or senders? Too, the server Host tells me they scan for spam using default of '5' and use Spamcop, so I shouldn't have to do anything, BUT, I have my settings via spam Assassin (now Apache SpamAssassin) set to 2.5 and raunchy spam with phishing, worm, or Trojans still come through daily. The generic spam, those with my winning the latest Apple stalker, a contest winner, parcel waiting for pick up or receive my millions of dollars on hold, ad nauseum arrive daily.
  • Create New...