petzl
-
Posts
2,981 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by petzl
-
-
8 hours ago, sc_aswglo said:
We have been receiving literally the same spam email every single day from the same network and it still is not on SpamCops block list. The network is Layerhost and it's clearly a spammers heaven but I report these Emails eveyry day and SpamCop does not block it. Does anyone know what is going on here?
https://www.spamcop.net/sc?id=z6875012231z01deb9435cbbe9b35da77cc3716fc7bez
snip
https://www.spamcop.net/sc?id=z6872567543zadc3d8a351e1690eb05d589f6a3ef719zIt is Chinese spam going through a American server
https://www.ronhamjinten.com
contact for the spam creeps, they have a facebook page as well
Might pay to check you email address is owned by creeps?
https://au.norton.com/breach-detection
seem to be through a network "(unknown [127.0.0.1])" concealing the span source
23.247.15.203 layerhost don't seem interested!
As the unsubscribed spam seems phishing you might try
US CERT phishing-report[AT]us-cert[DOT]gov *Don't expect the US FED's to care either*
Their job is flameproof can't be fired IMO!
The web links are Chinese "Hong Kong"
Name: count.bestedm.net
IP: 43.135.35.107 abuse for IP as139341_abuse[AT]aceville[DOT]net (SpamCop is in error)
Aliases: count.ronhamjinten.com
Domain: ronhamjinten.com
you need to complain to Registrar DomainAbuse[AT]service.aliyun[DOT]com -
3 hours ago, ninth said:
60.251.163.7 discarded as a forgery, using 185.56.86.136
IP forgery by spammer.
The links in the email are registered by nic.br mail-abuse@cert.br host hostinger US
60.251.163.7 has been hard coded by SpamCop to go to 185.56.86.136?
Could be a legacy issue?
60.251.163.7 Abuse address is hostmaster[AT]twnic[DOT]net[DOT]tw -
10 hours ago, display said:
Both https://www.intertor.net/ and related https://avito.pl/ are websites of supposedly some 'fiber internet provider', but they look more like generic placeholders than anything else.
My guess they are controlled by the spammers themselves.
Can you update the website so it wouldn't suggest sending reports to them?
SpamCop don't send reports to website Registrar just to the IP the domain resides on
If it did
Name: www.intertor.net
IP: 185.35.199.240
Domain: intertor.netName: www.intertor.net
IP: 185.35.199.240
Which needs yo go tp
Domain: intertor.net
Registrar Abuse Contact Email: abuse[AT]key-systems[DOT]net
INSTEAD
SC would send it to
abuse-c[AT]intertor[DOT]net
learn how to send a URL track top of page BEFORE you submit
like
https://www.spamcop.net/sc?id=z6865456272zb80b6714137b6a769602c5c935b6318ez -
9 hours ago, dlongnecker said:
They are not getting to SC. I can copy and paste them but I literally get 30 spam emails a day that I want to report and cut and pasting those headers each time is a slow process.
Probably all from same spammer. you need to find our registrar of their web pages which IMO spammer don't like
just forward as attachment to Registrar -
3 hours ago, Lking said:
Are your reports getting to SC? After sending a spam, even if you do not receive a response the spam should be in your SC queue to be approved. If it is not there then your email provider is blocking your outgoing email because of the spam content, or they have outgoing settings that fail to connect to the SC server. If they are not sending or are trying and failing to sent, your outgoing email they should send you some kind of a notice.
On the other hand, if your submitted spam shows up in you SC queue, then your email host could be blocking email from SC. In the passed it has been common for ISPs to block email with the word spam in them.
Sense some are coming through, it may be informative to run a test: Forward some spam, one at a time, spaced out to see if there is a threshold when they start blocking outgoing or incoming email. Let the forum know what you find.
Gmail often blocks my spam reports to abuse desks, because they contain spam.
Copy and past to Spacop Web page is the best method -
4 hours ago, Steve said:
It usually says something to the effect of "Reports disabled for abuse AT sendgrid DOT com", but no explanation by the parser is given.
Used to but rarely now!
SpamCop reporting is easily disabled.
It's not hard for ISP's to stop receiving SpamCop reports but guessing takes time for admin to log reason
Sendgrid are masive email platform unlikely to be ever blocked by SCBL
https://www.spamcop.net/fom-serve/cache/77.html
IMO free email need to be scrutinized or they are just overrun by spam bots
https://sendgrid.com/free/
Twitter/X is attempting to remove what was 90% full of bots I believe
Discourages people from signing up, I like a VPN so I always get confirmation messages
so I just read news links without signing in -
2 hours ago, jakeqz said:
Every time I report a spam message received at my Hotmail account, SpamCop determines the contact for "administrator of network where email originates" to be report_spam[AT]hotmail[DOI]com.
Years ago Hotmail abuse wanted SpamCop reported to a different address. This may now be a ignored legacy address?
Might pay to click refresh for IP address to see if it changes
Just tried refresh and seems a hard coded to a now bitbined address IMO -
8 hours ago, RobiBue said:
LOL... reminds me of three automakers... anyway, enough politic hinting from my side... (or I'll get into big trouble with Lking
)
Do they still en-masse turn up in Washington on their private jets carrying tin begging cups?
8 hours ago, RobiBue said:I know it's not funny, and I can feel the frustration, especially when it comes to an email address owned for quite a while.
Were with Mail.com paid account then they changed format, to make it impossible (maybe annoying) to get headers and text. So lost me,
but computer downgrades seem the norm, IMO Microsoft operating systems have been downgrading since WIN3.11,
Looks to me like a scam to make ones computer to slow down. so you buy a new one so they can sell another operating system! -
3 hours ago, RobiBue said:
Personally, I wouldn't trust anything below the first of these two... (my opinion and 2¢)
Seems abuse desk is asleep at the wheel, Aside from SpamTrap hits there are many user reports going back 4 days on this IP.
https://www.spamcop.net/w3m?action=checkblock&ip=116.206.125.107
Other hosts in this "neighborhood" with spam reports
116.206.124.177 116.206.124.217 116.206.125.41 116.206.125.106 116.206.125.108 116.206.125.109 116.206.125.110 116.206.125.112 116.206.125.113 116.206.125.114 116.206.125.115 116.206.125.116 116.206.125.117 116.206.125.118 116.206.125.119 116.206.125.120 116.206.125.125 116.206.125.126
Looked at another IP in range same spewing spam
https://www.spamcop.net/w3m?action=checkblock&ip=116.206.125.118 -
7 hours ago, captkirk said:
I will be glad to post the raw source of one of these if anyone wants to have a look.
Email blocklists are by IP address not domain
To repot a domain it needs to be to the registrar
Name: bangmodhosting.com
IP: 103.27.200.74
Domain: bangmodhosting.com
Registrar Abuse Contact Email: mailto:abuse-contact[AT]publicdomainregistry[DOT]com -
As CEO's and upper-management get higher salaries customers become less important!
-
8 hours ago, Larry F said:
Hotmail.com will not allow me to Forward (as attachment) any spam emails.
I've tried moving those email to my inbox, they still block me from
forwarding them in any way. I have to submit them from mt GMail account.Then you have to forward as attachment from Gmail to all 3 abuse addreses (microsoft are that bad)
cert[AT]microsoft[DOT]com junk[AT]office365.microsoft[DOT]com junk[AT]office365.microsoft[DOT]com
Ask for US $100 per spam and give the the Nigerian address (sarcasm) -
4 hours ago, John at Speeednet said:
I sent a duplicate to myself and it arrived as one big email not attachments, that said, the one to spamcop went through. so thanks for the tip.
so it is either your provider or your email client creating problems
-
11 hours ago, Oakley said:
I have recently enlisted the help of yourselves to help with a spam problem on my Yahoo account. I have sent various spam emails to the email supplied from yourselves but am not sure what happens after that. Is there anything else I should be doing to counter receiving these spam emails?
After submitting SpamCop will send a confirmation to the email address you have on file.
If you are not getting any reply the email address you have given is not working? -
3 hours ago, EstherD said:
Recently I have been receiving many HUGE spams, comprising mostly random garbage, over 500 KB each. SpamCop takes 'em and truncates 'em to 50 KB. But it's unclear if I am being charged for the FULL 500 KB submitted, or just the 50 KB truncated version used to generate the report. Anyone know for certain which it is?
just truncate message leaving in just headers two blank lines below headers
Then write "truncated"
or it will eat up the data allowance by doing this it's data use is minimal! -
15 hours ago, John at Speeednet said:
@Petzl Yes I always have so that the headers remain intact, in groups of up to twenty at a time. I have done this since 2012 with no problems.
? send a duplicate to yourself as well, again maybe your email provider may be up to something like stripping email of attachments?
-
7 hours ago, John at Speeednet said:
Thought I had found a solution, I set up an IMAP account for my Protonmail, sent the email, it arrived safely, however I now have this message.
SpamCop encountered errors while saving spam for processing:
SpamCop could not find your spam message in this email:
You are sending email submission "as a attachment"?
-
5 hours ago, John at Speeednet said:
This is what I get
Get rid/edit the screen shot it contains your super-secret SpamCop email address!!
This is your ISP rejecting your spam submissions, because it contains spam!
Gmail often do the same to me. When I get SMS/Text mobiles I email them to my Gmail,
then try to send to registrar of URL, (worked well for a while).
Now Gmail always rejects/bounces back these reports because it auto recognizes Phishing sites/URL's!
The work around is to copy and past to your SpamCop webpage. or get another email provider. -
On 8/20/2023 at 8:28 AM, Lking said:
Sorry, I have no experience to add light to this issue. This is an old thread, can't remember any contemporary threads.
Turns out malware does this, I imagine trying to get your login and password,
Used spyhunter a malware detector to find mine.
Try it for free but you will have to remove malware manually, don't give them your credit card, use PayPal do not allow automatic payments'
The program though is very good, stopped using it because they started multiple charging, never found a malware detector better though.
Or use any good Malware detector of choice.
Once Malware is removed change your passwords
Use at least 10 alphanumeric/symbol/up/lower case password to completely new one/s
Now may of jumped the gun?
Changed password and the login keeps coming upreset password by email and same problem now can't login
https://www.spamcop.net/fom-serve/cache/66.html -
16 hours ago, nav2spamcop said:
Hi Petzl,
Do you mean I need to put that tracking url in the forum when a report comes back with errors?
Before you submit is when tracing URL appears.
Copy and paste it to notepad first
Also check here to see if your email address is compromised?
https://haveibeenpwned.com
If so change password scan device. -
2 hours ago, Gort said:
Found an email about forwarding YAHOO mail as an attachment:
------------------------------------------------------------------------------
Thank you for contacting Yahoo! Customer Care.
I understand you want to forward email as an attachment from your Yahoo!
Mail account. I apologize for the inconvenience this has caused you and
let me address this for you.
Unfortunately the feature or functionality that you're describing is not
currently available in the newest version of Yahoo! Mail.------------------------------------------------------------------------------
This also has been removed:
- Press Shif+Alt+F (simultaneously).
- It will automatically compose a new message with the selected e-mail(s) added as an attachment. So just add an e-mail address and send.
------------------------------------------------------------------------------
The current and updated YAHOO mail versions don't have any of these.
So I'm currently stuck with no MAILHOST because I can't forward the test emails as a YAHOO attachment.
I can copy and past the RAW MESSAGE, but that doesn't appear to do me any good if I'm not able to send it anywhere.
I'm sure this is really basic, but I've missed the point on how to use SPAMCOP correctly.
Mailhosts only report the email server IP your spam comes from, not the IP that sent it to the email server.
SpamCop parser does pick it up but won't report it if you have mail servers set-up.To me that's not good enough. without Mailhosts it reports to both IP of sender email server (usually free or compromised) and source (usually Botnet)
https://www.spamcop.net/sc?id=z6859783047z4175e7c8d2f518fe29bddb8d600862b7z
No unique hostname found for source: 147.78.103.235
Possible forgery. Supposed receiving system not associated with any of your mailhosts
Will not trust this Received line.
147.78.103.235 Botnet by SC not recognising or reporting it does not get listed by SCBL
https://check.spamhaus.org/listed/?searchterm=147.78.103.235
The machine using this IP is infected with malware that is emitting spam, or is sharing a connection with an infected device.
Removed all my mailhosts now reporting correctly
https://www.spamcop.net/sc?id=z6859844014z8709c4d971d7946bee132d9c1fa5de0dz -
On 8/27/2023 at 1:41 AM, gnarlymarley said:
I think this depends if you are using the HTTP authentication or the cookie authentication. If you are using the cookie auth, then it could be your browser expiring the cookie too soon. Is it always around the same amount of time for you to be kicked out and asked for the user/pass?
Might be onto something? removed my saved SpamCop cookie, but don't see it being given a new cookie, so far only logging in once? but not seeing cookies appearing?
However not having to repeatedly having to log in on every move like paste, submit. blocklist, ect.
Back to repeatedly logging in when trying to report a a spam, short lived?
-
5 hours ago, nav2spamcop said:
Hi,
I submitted a report and got this back:
spam report id 9999999999 sent to: networking@carbon60.com
/dev/null'ing report for abuse#salesforce.com@devnull.spamcop.net
/dev/null'ing report for abuse#c.exacttarget.com@devnull.spamcop.netWhat's the dev/null'ing mean and should I have done something differently?
Thanks in advance.
If you have problems to get solutions a SpamCop tracking URL at top of page BEFORE you submit needs copying first
The include it in your problem report example
Here is your TRACKING URL - it may be saved for future reference:
https://www.spamcop.net/sc?id=z6859114946z69e77276e6e6b2f8c8345191b051f707z -
2 hours ago, nav2spamcop said:
Hi,
I find SpamCop reports very difficult to read.
I'm noting in recent reports these domains:
*.cloudflare.com (says it's one of the biggest networks)
.hubspotemail.net (LOOKs to be a free email marketer)
*.carbon60.net (says it's cloud services and solutions)
I can block domains with my ISP. I want to block these guys because they appear in most or all SPAMcop reports, but I don't want to interfere with SpamCop itself.
- How can I go about finding out whether these companies are known to pass spam?
- How also can I find out what to NOT block, so I don't upset SpamCop processes?
Thanks
This is about URL's of Domains?
To complain about Domains you need to find the registrars abuse address.
Like
https://who.is not tried myself
)
How long do we have?
in SpamCop Lounge
Posted
Mines still going, not heard otherwise, but a bit of a worry that CIsco seems to be moving away from SpamCop importance?