sigma
-
Posts
9 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by sigma
-
-
I'm still having problems with these. Here's one I reported earlier. https://www.spamcop.net/sc?id=z6734521748z31344c1b98ac107ec335fc366cc181e2z
Is it possible to unpick where it's really comming from?
-
-
Thanks. I get one or two every day. Always better to report than ignore I think.
-
Happy that it does submit via the web interface, even though the urls in the content get ignored that way. That's still a whole step forward.
-
I've enabled mailhosts and done the email exchange to correctly enable it. I always submit via email as it picks up the urls so much better.
It's still picking up the bad date/ forged header I'm not on Outlook, my ISP uses synchronoss.net. The email arrived today Mon, 6 Dec 2021 16:13:46 +0000 (UK)
host 2603:10a6:20b:461:cafe:0:0:1a (getting name) no name
host 2603:10a6:20b:461:0:0:0:19 (getting name) no name
host 2603:10b6:5:1b3:cafe:0:0:4d (getting name) no name
host 2603:10b6:5:1b3:0:0:0:46 (getting name) no name0: Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam07on2050.outbound.protection.outlook.com [40.107.95.50]) by mail241c28.carrierzone.com (8.14.9/8.13.1) with ESMTP id 1A5HB74k005364 for <x>; Fri, 5 Nov 2021 13:11:10 -0400Hostname verified: mail-dm3nam07on2050.outbound.protection.outlook.com
Possible forgery. Supposed receiving system not associated with any of your mailhostsWill not trust this Received line.
Mailhost configuration problem, identified internal IP as sourceMailhost:
Please correct this situation - register every email address where you receive spamNo source IP address found, cannot proceed.Add/edit your mailhost configuration
Finding full email headersSubmitting spam via email (may work better)
Example: What spam headers should look like
Nothing to do. -
Thanks again, I'll do that.
It's bitcoin spam, deliberately designed to make reporting "difficult".
-
Thanks. Unfortunately, this on my personal email account at home provided by my ISP, rather than the mail server I look after at work. There is a correctly dated recieved by header put in by my ISP's server, but Spamcop seems to carry on processing past that, past more genuine headers until it gets to:
Several of these:
Received: from MW3PR22MB2107.namprd22.prod.outlook.com (2603:10b6:303:46::24)
by BN6PR22MB0082.namprd22.prod.outlook.com with HTTPS; Tue, 10 Aug 2021
00:30:21 +0000before this:
From: x x<microsoft-noreply@microsoft.com>
Date: Tue, 10 Aug 2021 00:30:17 +0000
Subject: The most effective way to make money using bitcoin.The analyisi does seem to correctly identify the source - I agree with what it identifies, but the reporting fails because of the borged dates seeming to dominate.
-
My current spammer is borging the header such that although the spam was sent and arrived yesterday 2nd Dec,2021, they have borged the header to include an August date as well which Spamcop manages to parse and then refuses to submit reports. Ohers reporting the same IP addy in www.abuseipdb.com suggest they are experiencing the same problem and that the spam is designed to bypass Spamcop.
Any suggestion as to how to deal with this?
Borged dates in the header making spam unreportable.
in SpamCop Reporting Help
Posted
Thanks again.