Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About lbaty

  • Rank
  1. OK, it seems I have all the answers to my problems. (The remaining points seem to be a matter of opinion or personal preference) If there are no other comments, I am happy for this thread to be closed. Thanks to all who participated. Summary ... I will cease reporting extracted spam messages from email bounces (as per spamcop rules). I will report only the mail delivery failures or bounces. I will consider using the spamcop system to locate email appropriate abuse or administrator addresses for spam extracted from bounces (however will report them from my own mailserver, not using spamcop).
  2. Thanks for your reply Miss Betsy, OK, I see your point. However it seems there would be benefit in emailing an administrator who may not realise that they have a hijacked machine. I can also see what you mean about reporting the mail delivery failures; This makes sense. My other main concern is that others may falsely block or identify my email address as the source for this spam.
  3. Thanks for your reply StevenUnderwood. A rule I clearly missed or misunderstood when I signed up - I have been blocked from further reporting for this rule violation (and rightly so). Perhaps ... however I fear that others will not report this spam or worse will block my email address as the (falsely) identified source of the spam. I agree this is a good long-term solution. However I'm still stuck for a solution that will help in the shorter-term. Doesn't it seem worthwhile to assist the administrators of compromised machines to identify holes in their systems? If these compromised systems are shut down or fixed, there will be less available for spammers to exploit. Excellent - Thanks.
  4. Thanks Wazoo and Miss Betsy. I see I have made some mistakes in my posting. Please don't hesitate to let me know if I have missed anything in my followup post ... Additional information ... I followed all the instructions for setting up the mailhosts configuration. I received and followed up on the account configuration email including pasting the mail header and special codes etc. into the relevant spamcop page. The email messages I want to report are attached to bounces from various email servers (mail delivery failures). So the emails I am reporting have not directly been received by me. I.e. I have extracted the spam out of the bounced email. (I have been extremely careful to report only spam email messages.) Additional Questions ... Am I correct in assuming that If I report the bounced mail delivery failure itself, I am not reporting the spammer, but the mailserver which has rejected the spam? I don't see how reporting these mail delivery failures or bounces helps anyone ??? If the "Rules" state that I can't or shouldn't report the extracted spam from the mail bounces, how can I stop or report this spammer for using my email address as the spoofed sender of his spam? Is it against the spamcop "rules" to use spamcop analysis to find the necessary contact email addresses, etc. Then cancel the spam report in spamcop and send a spam report from my own email server? Comments ... I think the spamcop service is fantastic. If I have been breaking the rules by reporting the spam extracted from the bounced mail failures, I will stop doing so.
  5. My topic is similar to a previous topic ("Spoof of my address"). Background ... I have been sucessfully been using SpamCop to diagonse and send reports to the spammer's hosting ISP and originating mailserver abuse addresses. Links to the offending website address/es seem to change about once a week and old domains/addreses seem on longer accessable (I'm assuming the SpamCop reports are getting the domain names cut off). I don't remember the name of the topics about spamvertised sites, but the primary purpose of spamcop is to identify the source of the spam. There is not much energy expended by spamcop on identifying the spamvertised web sites. As Wazoo said, the spammers regularly change websites to keep in business. Problem ... Without realising the implications, I updated my account to the "Mailhosts" system. Now when I try to report, I get the message "Possible forgery. Supposed receiving system not associated with any of your mailhosts" (see here) Questions ... Should I revert back to the older system (pre mailhosts)? How do I do that? Can anyone suggest anything else?