atarspam

I just got some spam in an Outlook account, and so the links in the email had the safelinks.protection.outlook.com stuff that Microsoft adds. I would have expected that SpamCop would ignore that bit, and work on the URL that is the final destination, but that doesn't seem to be the case as the Resolving link obfuscation section of the parser just did https://kor01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwingirls.fc2web.com%2Ff.html&data=05%7C02%7C%7Caf6894b1776842d009de08dc4d780dc8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638470425300444050%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=m6xTFDXrk4S1eM%2Ft8xAI1kBSSdK51Zl6rNiO1D0axZ4%3D&reserved=0 Percent unescape: https://kor01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwingirls.fc2web.com%2Ff.html&data=05%7C02%7C%7Caf6894b1776842d009de08dc4d780dc8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638470425300444050%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=m6xTFDXrk4S1eM%2Ft8xAI1kBSSdK51Zl6rNiO1D0axZ4%3D&reserved=0 Percent unescape: https://kor01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwingirls.fc2web.com%2Ff.html&data=05%7C02%7C%7Caf6894b1776842d009de08dc4d780dc8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638470425300444050%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=m6xTFDXrk4S1eM%2Ft8xAI1kBSSdK51Zl6rNiO1D0axZ4%3D&reserved=0 and then the Tracking link section did https://kor01.safelinks.protection.outlook.com/?url=http%3A%2F%2Ftwingirls.fc2web.com%2Ff.html&data=05%7C02%7C%7Caf6894b1776842d009de08dc4d780dc8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C638470425300444050%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=m6xTFDXrk4S1eM%2Ft8xAI1kBSSdK51Zl6rNiO1D0axZ4%3D&reserved=0 No recent reports, no history available Unescaped: https://kor01.safelinks.protection.outlook.com/?url=http://twingirls.fc2web.com/f.html&data=05|02||af6894b1776842d009de08dc4d780dc8|84df9e7fe9f640afb435aaaaaaaaaaaa|1|0|638470425300444050|unknown|twfpbgzsb3d8eyjwijoimc4wljawmdailcjqijoiv2lumziilcjbtii6ik1hawwilcjxvci6mn0=|0|||&sdata=m6xtfdxrk4s1em/t8xai1kbssdk51zl6rnio1d0axz4=&reserved=0 Host kor01.safelinks.protection.outlook.com (checking ip) = 52.102.12.172 Resolves to 52.102.12.172 Routing details for 52.102.12.172 [refresh/show] Cached whois for 52.102.12.172 : abuse@microsoft.com Using best contacts sewr@senpluspluseop.onmicrosoft.com Microsoft isn't responsible for the likely dodgy site twingirls[dot]fc2web[dot]com, so there doesn't seem to be much point telling them about it, so should I be reporting those links? It would be much more sensible if SpamCop could report to the owner of twingirls[dot]fc2web[dot]com, so is there a reason why it's not doing that? Thanks

I just got a email, so at least for those messages, this seems to be fixed.

I've had this "your email is bouncing" message too. I just looked up the error code in the bounce, 5.7.26 and it says "This message does not have authentication information or fails to pass authentication checks (SPF or DKIM). To best protect our users from spam, the message has been blocked." - see https://support.google.com/a/answer/3726730?hl=en This suggests a problem at the SpamCop end. I sent a message through https://www.spamcop.net/fom-serve/cache/401.html so hopefully this gets fixed soon.

If you're getting this on emails received at a Yahoo! email address, check the headers. Very often, the Yahoo! headers are "corrupted" by what seems to be an error in the Yahoo! system, which means that the last IP address from which the email is received is 127.0.0.1, e.g. Received: from 127.0.0.1 by atlas-production.v2-mail-prod1-gq1.omega.yahoo.com with HTTP; Fri, 19 Aug 2022 00:02:42 +0000 You'll find this line at the very top of the headers. I've complained to Yahoo! about this, but found it impossible to get through the very limited support that they provide. Their response is basically "just use our spam filtering". SpamCop treats this as an internal handoff, but since it is the last step in the headers, SpamCop sees it as an error and so gives the "nothing to do" message. I've assumed that SpamCop won't be interested in allowing for this in its system, and so haven't reported it to them, but you could give them a try.

In case it is of any assistance, I've noticed that when I get these errors, if I then log in to SpamCop, the link to report spam (i.e. as if you've made a report by email, but not completed the reporting) is always active. When I click on the link, it will tell me that the spam has already been reported.

I've never had any problems with it using Chrome. I've never tried it with any other browser. Sorry, that's the best that I can offer.

You can also report Gmail users using https://support.google.com/mail/contact/abuse It's a bit of pain to complete, but hopefully Google takes notice of the reports.