Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by gnarlymarley

  1. gnarlymarley

    Replies from spammer BOK IQ PL

    Hetzner.de is basically the same. I meant to say the from address that would be sent to the ISP when you click the send spam reports button is unique and contains the report ID that goes to the ISP. It should would be nice if the ISPs could setup a unique address or method to accept spamcop all reports without the requiring their users to sign up.
  2. gnarlymarley

    SpamCop Emails To Me Bounce

    I had this happen with my account on gmail. I had to find all the related message in my spam folder and mark them as "not spam" in order to get their spam rules to stop rejecting it. For me, it all started when google changed their rule system and needed every thing to be setup again. So far I have all seems good for me. Hopefully this might help you.
  3. gnarlymarley

    Spams received already outdated

    A tracking URL would be useful. Also if you look at the headers, is your border server putting on an old date? Spammers have been known to put in faked headers with old dates to try to confuse the SpamCop parser. This is why the mailhosts setup now exists is to cause the parser to stop at your border server. This is so that the correct IP and date can be picked up by the parser.
  4. gnarlymarley

    Any point in reporting spam from AMAZONAWS?

    I do find it interesting that I still get the occasional spam from a specific "claimed" helo name and from. Seems like the spammer is able to stand up new EC2 instances almost as soon as amazon "claims" they are resolved the issue.
  5. gnarlymarley

    Can I forward spam Emails as attachment for reporting ?

    Yes, just attach the spams to an email that is heading to your submit address. The parser only recognizes them as an attachment.
  6. gnarlymarley

    Any point in reporting spam from AMAZONAWS?

    Interesting that my amazon spam has nearly all stopped after I had submitted ten reports in a four day period. What I also find is interesting is that I had one come back where the tech support person was not familiar with the date/time format in email headers and they needed it defined separately. * Complete, accurate timestamps of the activity including: - Date - Time - Time Zone * Full e-mail header and HTML content of the spam message
  7. gnarlymarley

    spam links hosted on https://storage.googleapis.com

    Heather, I have been getting that and it is coming from all over amazon's ip ranges. Google seems to have no interest, and neither does amazon. I setup my email server to reject it and they still try to send it. At this point, I am not sure there is a way to stop it without a firewall that can drop the tcp connection before it connects. Right now, I am mainly feeding the blocking list, but the spammer changes to a new IP every few minutes, so blocking based on a single IP seems pointless. If I hear of anything that works, then I can post it here.
  8. gnarlymarley

    Any point in reporting spam from AMAZONAWS?

    And hopefully they would revoke the port 25 being open if they previous opened it and close it back down. Yes, it is up to them to fix.
  9. Like Lking said just start reporting. Somethings to note is that your Mailhost setup is effective for previous submitted spam, so if you go to any of those to report them they should properly detect the correct spammer. Without the mailhost setup, spamcop would try to guess the IP that sent your email spam. With it, it will detect the spammer's IP that connected to your border email server.
  10. gnarlymarley

    Any point in reporting spam from AMAZONAWS?

    Ah, but it appears that one can request port 25 to be unblocked. I am not sure if there is a related fee or if it is free.
  11. gnarlymarley

    reports disabled for spam [at] uce dot org

    If they are converting this into a sandbox, should be still be munging the address in these forums?
  12. gnarlymarley

    Any point in reporting spam from AMAZONAWS?

    I am guessing this is because amazon appears to be rotating public IPs every minute. They seem to want to know the minute and since I have NTP enabled, it should make just fine into their systems. I wish that they would just enable IPv6 and stop with the NAT stuff.
  13. gnarlymarley

    No Headers

    Both of my paid and non-paid SpamCop accounts work fine for me. The only advice I think I can add is maybe it is a formatting issue. Maybe this will help: The first space when reading down the email that you encounter is between your headers and the body as well as the "Received:" lines should have start at the beginning of the line. The "Received:" line will have lines below it and those should be indented with a space or a tab.
  14. Apparently @mac.com emails could be forwarded to another account. If you can read the headers, then a part such as "for user@example.com;". You might want to remove some of the "Received:" lines to split up the email if it is being forwarded.
  15. gnarlymarley

    No Headers

    I wonder if your thunderbird automatically updated to a newer version between the day it worked and the day it didn't.
  16. gnarlymarley

    Replies from spammer BOK IQ PL

    My understanding is that the from address on each report changes as it appears to be the number is the report ID. Some ISPs like this authorize only the full address. The deputies might be able to work something out with the ISP. Under the circumstances, might just be an autoresponder that sends it to the bit bucket. Like Lking says, that this may be added to the blocklist.
  17. gnarlymarley

    No Headers

    I don't see this issue, but then my thunderbird is v2. Perhaps it could be a compatibility issue? I used both imap and "webmail - hotmail 1.3.2" and it works for me.
  18. gnarlymarley

    No Headers

    I envy you as I don't get that much. I had setup an automated forward as an attachment rule (back when that is what the freebie email providers allowed it) and I no longer get lots of spam. I think my hurdle was when I reported to the legitamite providers such as comcast and qwest is when I lost my bulk. I have no idea how 'century link' would take reports. If you can figure out how to tell the difference on who would take action on your reports and report just those, then it may help on getting your counts down.
  19. I had thought they turned off the "Please make sure this email IS spam:" warning when they promote V5 as I have not seen the warning in quite a while. I suspect spamcop is checking the headers for a particular format and it might only pop up if the headers matches legitimate email.
  20. gnarlymarley

    No Headers

    I typed in your URL from the image https://www.spamcop.net/sc?id=z6598002198z8fb6021e44f26436f7ebe6fd86760940z so we can have a clickable link. I have not seen a problem on my side. I did notice your submission is missing all "Received:" header lines. When I went to check out my hotmail account on both the webmail and imap sides, I see the "Received:" header lines all intact.
  21. Without the tracking URL, I would guess this is the line that it is stopping at right above the "identified internal IP as source" message: It would appear that you need to update your mailhost configuration but resending a message to your account. Then you should be able to return to the spam report page and it should work.
  22. I have seen this before. It came in the reply of email I had forwarded to my submit address. Most email providers are doing the forward inline, where the forward is like a reply and headers are lost. Once I figured out how to forward as an attachment (Some used the ctrl key on the forward button) my problem was solved. You may find as in my case the email providers change the key regularly. It may be better to "view source" and then submit that in the reporting form.
  23. gnarlymarley

    How to automatically submit spam?

    There are some ways to accomplish this. Since not all of my email providers support forwarding as an attachment, I did it using a unix program called fetchmail and a perl scri_pt. (The perl scri_pt encapsulates the email as an attachment and sends it to the reporting address.) I will offer a word of caution about full automation of reporting, as I have recently had one group send me an email fifteen years after I had signed up on the list to my main email address. (Yes, they went quiet for more than a decade.) If someone were to do a restore or grab the old email address, then you could be trying to report legitimate email. That said, I have not had any problems with reporting from my accounts I signed up and never used for email.
  24. gnarlymarley

    How Do I Use SC on MY Mail Server?

    Outernaut, For me, I have migrated away from the spamcop filter when I found that SpamAssassin contains a spamcop rule called RCVD_IN_BL_SPAMCOP_NET. (I abandoned filtering at the SMTP level when I found emails I was interested showed up on the blocklist.) Since you already have spam Assassin, you may have this rule already enabled. If you have it, you may need to use the "score" keyword to manipulate the rankings. (I currently just use the defaults for this one item.)
  25. I have not seen this happen to me when I changed servers. IrvSp, When you logged into your reporting account, were you greeted with a reject or bounce message on the reporting page? I have seen gmail bounce the replies for me and it stopped the replies.