Jump to content

gnarlymarley

Memberp
  • Content Count

    561
  • Joined

  • Last visited

Everything posted by gnarlymarley

  1. gnarlymarley

    (Notes)?

    Also, the (Notes) portion is a link to some text boxes further down on the page where you can add some information to the particular report that goes out. The group text box for is up by the "Send Reports" button, and the individual text boxes are below.
  2. That edit button could also be based on either time signed up or amount of posts. I have the edit button for some posts of mine in this forum going back to before June 8th. I suspect a forum admin might be able to do it if you no longer have edit access when you are logged in.
  3. gnarlymarley

    Reporting addresses bouncing?

    This is in part why I have to check my whois for my domain every few months to make sure it is correct. I am not sure if they have the same requirement for the whois for IP addresses.
  4. gnarlymarley

    Sendgrid reports dev'nulled?

    Might be good to have this as a new feature since most of these reports are not going any where any way.
  5. I am excited for the time when the whois portion gets fixed and properly redirects on its own.
  6. gnarlymarley

    forum spam handling

    This is in part why I try to put a note for the reports going to legitimate hosters such as "You might want to work with your customer to clean up their compromised system."
  7. gnarlymarley

    obscure address in coded content

    I guess I have a scri_pt to do this for me before the spam gets submitted for reporting. Probably a good idea to have.
  8. gnarlymarley

    504 Gateway Timeout

    Interesting. I still see the same thing too with both of your links, but all mine work fine. If you have not had any luck figuring this out, I would suggest to contact the deputies: https://www.spamcop.net/fom-serve/cache/12.html
  9. I have had much thought on this, and I no longer trust much of the addresses that are called abuse or postmaster anymore. I figure that as long as my address is munged in the report and I give out the minimal headers in the report (meaning the spam gets pulled from my border server and reported), they I am not sure it matters as they already have that information from when they connected to my email server. I myself have not seen any repeat spam to be reported to vvsg180@gmail.com, so it very well could be legit.
  10. Yep, the admins are trying to resolve that issue by curbing some spam that seems to be affecting gmail's rules. This thread appears to be related to:
  11. gnarlymarley

    Report Ends With "Parsing Header:"

    I see a dot at the beginning of the domain at right after the "by".
  12. It has been a long time since I got spam at my abuse address. With mine being an alias, I still like the ability to know what address the email was sent to. It sure would be nice if the whois cache could be sync'ed and be more accurate.
  13. gnarlymarley

    Sendgrid reports dev'nulled?

    Yes. Also, if I remember correctly, some ISPs were not happy about the munged reports and turned it off because of that.
  14. gnarlymarley

    forum spam handling

    I can cut and paste from wordpad almost faster than running a scri_pt anymore these days. A few months ago, we had some duplicates where the email subject (or the post's title) where one started with "http" and the other started with " http". So if a bot is posting it, would the bot randomly add a space in the title? (Either at the beginning or the middle.) I think the quickest one I saw a few months ago was between three and four minutes. If I was going to automate any part of this (via a bot), the sign up portion would be what I would automate. Most of the providers have imap or pop and the fetchmail command can output the email directly to a scri_pt. I expect that if I were to do this, the posts would show around the first 10 seconds of every minute. (It could be they do a randomized sleep, but cron starts at the top of the minute.)
  15. gnarlymarley

    forum spam handling

    Nope, the capcha is not working. I think it was only about two months ago that Richard increased the capcha challenge level. Due to the typos and spaces, I don't think this is done by computer. I think it is done by one or two humans. If it is humans and you try to stop them with a capcha, you will also stop legitimate forum users. But then they have already developed AI on computers that can read any capcha more accurately than humans, so maybe it is a computer. The "typos" as I call them appear to be when copying from a microsoft product where a space is sometimes added at the beginning or end.
  16. gnarlymarley

    forum spam handling

    Maybe better yet is to have all posts that have a URL, but it is not a spamcop URL (forum or tracking URL) all go to be moderated if it is supported.
  17. gnarlymarley

    forum spam handling

    Does the forum support keyword filtering redirection for moderation? (Meaning that if someone posts with something URL that contains supplement or keto, the post will not be seen until a moderator approves it?)
  18. Interesting that the cached whois says it is from the mirror and the format of it is slightly different. Also interesting that APNIC and RIPE seem to have abandoned the separate abuse handle in favor of the following line: % Abuse contact for '203.188.252.0 - 203.188.252.255' is 'nayon.isn@bangla.net.bd' If I recall correctly, everyone used to use something similar to the following: OrgAbuseEmail: abuse@example.com
  19. The link still forwards. Apparently, the link is a search where it clicks the "I feel lucky button" and forwards directly to the first returned google search result. The "I feel lucky" button as being part of the URL: btnI=bQm4
  20. gnarlymarley

    AWS spam source

    Though, I believe you have some good addresses, I am not sure it will help. After me seeing the joke of the do not call list for the past decade (more than the current administration), I would suspect that amazon.AWS thinks these addresses would be nothing more than an external rating system. I do not believe they would actually stop the spam. I use the SpamCop blocking list for that. Each time you report, it feeds the algorithm behind the block list.
  21. gnarlymarley

    godaddy spam source

    I don't think I have ever got any spam from godaddy. If the reports are not helping, at least the reports are feeding the block list. One thing you might want to try reporting to their ISP.
  22. gnarlymarley

    ovh.net spam source

    If the reports are not helping, at least the reports are feeding the block list. One thing you might want to try reporting to their ISP.
  23. gnarlymarley

    hetzner.de spam source

    If the reports are not helping, at least the reports are feeding the block list. One thing you might want to try reporting to their ISP.
  24. The address matches the cached entry returned from RIPE. I am not sure I would trust the other RIPE email any more than the gmail address either. SpamCop RIPE cached: % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '92.63.192.0 - 92.63.192.255' % Abuse contact for '92.63.192.0 - 92.63.192.255' is 'vvsg180@gmail.com' New RIPE query: e-mail: vigorv@mail.ru e-mail: hawk@diamondc.ru upd-to: stell_hawk@mail.ru abuse: hawk@diamondc.ru One quick note that you may not be aware of is that thanks to GDPR there might be times where the "-B" gets in the way and someone has performed a manual add. SpamCop: Reports routes for 92.63.192.124: routeid: 78192297 92.63.192.0 - 92.63.192.255 to: vvsg180@gmail.com Administrator interested in all reports 7/17/2019, 9:45:55 AM -0600 [Note added by (no name)] Route added without comment
  25. gnarlymarley

    No links, but wait, there is!

    I don't know why they are not showing either. I keep thinking it has something to do with the multipart boundary lines, but Nothing is standing out. If I recall correctly, I think it used to say under the "Finding links in message body" something about parsing text/plain and also parsing text/html. Lately, I have only noticed it seems to parse the links from one multipart section.
×