Jump to content

A.J.Mechelynck

Membera
  • Content Count

    240
  • Joined

  • Last visited

Everything posted by A.J.Mechelynck

  1. A.J.Mechelynck

    ipv6 still unsupported?

    Cut away all this stuff from the top of the header part and paste it back into the "user comments" box on the "parse results" page, is that it? Well, if you say so… Best regards, Tony.
  2. A.J.Mechelynck

    ipv6 still unsupported?

    I still have that spam somewhere on my HD. I suppose that cutting away that first 10.x.x.x Received-line and what follows it (including the ipv6 X-Received line) until, but not including, the next Received-line, which says (as the parser displays it) might let SpamCop parse the email; but OTOH "tampering" with spam in that kind of way is supposed to be frowned upon, to say the least; so I wonder what I could do, if anything. Best regards, Tony.
  3. A.J.Mechelynck

    No unique hostname found for source

    See also
  4. A.J.Mechelynck

    ipv6 still unsupported?

    P.S. This seems related to the following topic:
  5. I think I have a similar symptom. I tried to configure mailhosts for my account @gmail.com and I accepted the default settings. Then Spamcop told me it had sent me 5 emails, each through a different SMTP server, as follows: alt1.gmail-smtp-in.l.google.com. alt3.gmail-smtp-in.l.google.com. alt4.gmail-smtp-in.l.google.com. alt2.gmail-smtp-in.l.google.com. gmail-smtp-in.l.google.com. in that order. I got the first four in the same sequence, but the last one never reached me. I dutifully pasted each of the ones I got (headers and data, just like when reporting spam) at the link contained in it, so I suppose it is OK. Each time, after submitting the received email, I was told it had been submitted successfully, and to visit the mailhost configuration page to make sure I had configured all my mail accounts (and yes, the only email account I'm still using is the one mentioned in the rolldown on that configuration page).
  6. A.J.Mechelynck

    R.I.P. Ellen

    :-( Miss Betsy some time ago, and now Ellen. I only saw Ellen's obituary on SC frontpage today, having been AFK for two days. «Prayer should be done in secret» but the loss of a loved one, or just of someone held in high esteem, make us seek the company of common friends. I shan't ever forget you.
  7. A.J.Mechelynck

    "This email contains no date"... parser bug?

    I got your three answers by email notification, no worry; and I seem to have been in a bad mood when I saw your former answer and lock, but that is over and done with :-) Sorry I didn't reply faster but I've been busy AFK this week.
  8. A.J.Mechelynck

    "This email contains no date"... parser bug?

    Instead of aborting on a Received line lacking a date, couldn't the parser fall back on the date in the Received line above that (the one from the router which received the message from that misconfigured server)? I don't think it likely that all the Received lines (including those from the reporter's mailhosts) would lack a date; I had thought at first to use the Date line as a kind of ultimate fallback, but that line can be "doctored" by the spammer.
  9. A.J.Mechelynck

    "This email contains no date"... parser bug?

    Thanks Farelf. When the site's Google search feature told me "about 2,480 results found" (all with some variation of "This email contains no date" as the topic title) I daresay that it was an understatement to say I was baffled.
  10. A.J.Mechelynck

    "This email contains no date"... parser bug?

    One more "clever forgery", AFAICT: A Received line before (below) my own ISP says the mail was got "with HTTP" with no date. Here is the tracking URL: http://www.spamcop.net/sc?id=z5984690981z6...e5f197f14e9a5dz I posted it before as a new topic and got rebuffed with "There are already lots of topics on that subject. Go to one of them." Topic closed. Indeed, searching for "email contains date" returns so many threads that I don't know which one to elect. If this one isn't the right one either, please move http://forum.spamcop.net/forums/index.php?...&st=0 to where it belongs rather than just tell me "This isn't the right place! Go away!".
  11. See http://www.spamcop.net/sc?id=z5984690981z6...e5f197f14e9a5dz The parser ends with the error: This email contains no date and aborts. I see dates, both in a "Date:" header and as part of the "Received:" headers. So is this a new parser bug, or have spammers found a new way to get around SC reporting?
  12. A.J.Mechelynck

    Yahoo Headers

    lisati: You're right no one size fits all. When my ISP gets a message for me that its filters regard as spam, it's down the trash, up in smoke, never-never land for the message, not even a warning for me. No idea how many genuine (and sometimes important) messages have thus been killed because they were false positives. False negatives I can live with (especially if they come within reach of Bayesian filters — my own mail client's or the server's — which I can “trainâ€), but I absolutely want a way to retrieve false positives, no matter how spammy they might seem for the cybernetic eyes of the mail server's filters. That's why I prefer servers like Google (and, apparently, Yahoo) where "assumed spam" messages are only diverted to a spam folder on their webmail site (instead of forwarded to their POP server) and not dropped into the black hole, so I can at least have a look at them before they are discarded. This way false positives are only delayed by the time it takes me to return to their spam folder, not lost forever.
  13. Since a few days, I'm getting a lot of spam from China. Here's my latest one: http://www.spamcop.net/sc?id=z5486059763z0...e8ef8310c852cdz Are other people seeing the same thing or is it just me?
  14. I just reported one Yahoo spam message a few minutes ago, after getting "500 Internal Server Error, please wait for some time and retry" a few times. Pessimistic hypothesis: I've just been lucky to get a message whose Received line was already in the YahooMain list of mailhost servers. Optimistic hypothesis: the Internal Server Error was because of a software overhaul, and the parser can now puzzle out the new Yahoo headers. Time will tell. ;-)
  15. A.J.Mechelynck

    Yahoo Headers

    I get a few spam from my Yahoo account and a few false negatives from my Gmail account, but most of the spam I get is from my ISP (belgacom.net/skynet.be) account, and for a very simple reason: unlike Gmail, they drop "suspected spam" to the blackhole bitbucket, so I cannot rescue false positives: therefore on that account I have disabled server-side spam filtering. All in all this new Yahoo problem is to me only a small nuisance. I suppose Yahoo will have to be "special-cased" in the parser but AFAIK it'll work when it'll work. In the meantime, I suppose Yahoo spam (just like IPv6 spam IIUC) will have to be left aside. Don (and others), let's hope you find how to fix the bug. ;-)
  16. yeah, me too, for a new message: http://www.spamcop.net/sc?id=z5893888384ze...10a064749fae8az I guess there is now a new loophole for spammers: "Send from Yahoo, it won't be reported". Well, let's hope Don and the Yahoo engineers find a solution. In the meantime, is it any use reporting tracking URLs for Yahoo spam here, or should we just dump them down the trash? Here are the Received lines in that spam: Received: from 188.125.68.154 (188.125.68.154) by 188.125.85.148(188.125.85.148); Sun, 25 May 2014 16:08:35 +0000 Received: from 127.0.0.1 (HELO smelektronik.de) (EHLO mta1051.mail.ir2.yahoo.com) (190.100.82.179) by mta1051.mail.ir2.yahoo.com with SMTP; Sun, 25 May 2014 16:08:35 +0000 The topmost (most recent) one seems to be Yahoo-to-Yahoo but not from something known by SC as "YahooMain" (though 188.125.84.186, which comes close, is known). The other (earlier) one seems to come from 127.0.0.1 which is not routable. There are no other Received lines but two lines above them there is X-Originating-IP: [190.100.82.179] which might be the point where the spam entered the net via HTTP webmail. It resolves to something to be reported to italo.sambuceti[at]vtr.cl which is definitely not Yahoo. The same IP appears (with no brackets) even higher in the headers, namely in the "X-YahooFilteredBulk" and "Received-SPF" headers. After writing all this, I finally notice that that entry point is staring me in the face at the very end of the second Received line.
  17. I had missed it, or at least not followed the link in it. When coming back to the computer a few minutes ago, I found an email "Mailhost waiver granted" from Don, and I also read that thread about Yahoo headers. Let's hope the Yahoo and SpamCop admins find a solution soon.
  18. Has something changed at Yahoo? I have tried reprocessing my mailhosts on spamcop but when I send back the spamcop generated test email I get I am not forwarding any mail to another host (as far as I know) Any ideas? I'm getting that exact same error, also for a [at]yahoo.co.uk email account, when trying to reconfigure my Yahoo mailhost after getting the following at the bottom of the spam reporting page, http://www.spamcop.net/sc?id=z5892590348z3...6a36aca4192385z Until I read Don's post above, what detained me from requesting a waiver (which I'll try now) is the last sentence in the "explanation" paragraph for the waiver procedure: “Until this process is complete, you cannot report spam.†Well, I suppose that I'll just have to let my [at]belgacom.net and [at]gmail.com spam accumulate while the problem with my [at]yahoo.co.uk account is being resolved… (Most of the spam I get is for my [at]belgacom.net and [at]skynet.be accounts, which use the same mailhosts; the rest is usually [at]gmail.com; I've been getting a couple of spam messages at [at]yahoo.co.uk recently but it's a kind of novelty.)
  19. A.J.Mechelynck

    Reporting problems today?

    IIUC, "reporting to devnull" means that no actual email is sent, but that that IP address is still fed to the SCBL. If enough spam messages are "reported to devnull.spamcop.net" for that IP, anything more from the same source will be marked as suspect by any spamfighting software using the SCBL. There are several reasons why no reporting address was found. The first of these that comes to my mind is when the reporting address listed in the official whois database is found to be bouncing, i.e., a bogus email address for which no mail (or at least, no mail from spamcop) is accepted.
  20. A.J.Mechelynck

    Recent increase in Chinese spam

    I used to report by forward-as-attachment, then a few years ago my ISP (who blocks any connection to an SMTP server other than its own ones) decided to blackhole any outgoing email with attached spam. I didn't like it at first, but now I've taken to the routine: I order my spam most-recent-first in my mailer's Junk folder, then, one by one, I "View source" on them (without opening them, of course) and paste that in the SC form — for those which are newer than my "average reporting time" (7 hours at the moment) by the time I get to them. Older ones I move to Trash without reporting. This way I still get time to do something else than reporting spam, and the most important ones (those likely to be "caught in the act") get reported in priority. Yes, those "nomaster[at]devnull" reports puzzled me — how can someone send mail without a registered service provider? But as you said, they still get entered into the blocking lists, all the more so since there's nobody at the other end of the line to tell you that action has been taken; so, I report them just like the rest, no special treatment for or against. spam as instrument of state policy — yes, it has turned up in the news a couple of times recently, about different (but always totalitarian) countries. Well, that's several floors above me, let's let the diplomats, secret services, and investigation journalists handle that as best they can, I'm not going to complain about things I can obviously do nothing about. As Marcus Aurelius said: “O Gods! Give me patience to endure what I cannot change, strength to change what I can and must, and wisdom to tell them apart from each other.â€
  21. A.J.Mechelynck

    Is it worthwhile for me to report spam?

    Hi, George,...You may wish to check with them -- these days many have a means to indicate that "this is not spam" and/ or to "whitelist" senders. If your e-mail provider has no way to do that, you may wish to consider changing to one of the many that do. I tried to set my ISP's spam blockers off because I can tolerate getting spam but I won't accept a single unretrievable false positive. But I have no proof that they don't still silently send spam to some blackhole. So I subscribed to gmail, where I can check both what they thought was spam (and retrieve what wasn't) and (in the Trash) what they thought was legit and sent me (and there I can mark false negatives). Of course, gmail doesn't get its $$$ from email subscribers like me, but they must get them somewhere. Maybe they scan my mail to provide some paid service to “advertisers†or “partners†(as they call them). (Don't rush to conclusions: I have no proof that they do.) OTOH, Spamcop Mail guarantees that it won't give your personal information to any third parties; but it's a paying service. So: weigh the alternatives and take your responsibilities.
  22. A.J.Mechelynck

    Recent increase in Chinese spam

    I use the "Junk" filtering facilities built into SeaMonkey (and Thunderbird). For instance I could create a filter (just as I would for any email filter) but with as action "Set Junk Status To" "Junk" (for a blacklist) or "Set Junk Status To" "Not Junk" (for a whitelist). But anyway most of those Chinese spam messages are already correctly filtered away to my Junk folder (inside SeaMonkey) with no particular intervention on my part, that's how "pathetic" they are, as Farelf said above. The few that aren't correctly detected I mark as Junk manually, thus teaching the Bayesian filters. Well, oh, well. Let's just report as many of those botnet messages as seems reasonably feasible, and the spam blocklist barriers will someday go up against them (inshallah, as my neighbours would say).
  23. A.J.Mechelynck

    Recent increase in Chinese spam

    I'm on openSUSE Linux.
  24. A.J.Mechelynck

    Recent increase in Chinese spam

    Most of my spam arrives via gmail, which I read by POP, and which lets me get false positives and mark false negatives on their webmail pages. Whitelisting isn't difficult, that's not the problem. The problem is that when I suddenly start getting several tens of spam messages a day instead of hardly a handful, and practically all of them from China, it is bound to raise my eyebrows.
  25. A.J.Mechelynck

    Recent increase in Chinese spam

    Most of my spam is also “easily identified†and “pretty pathetic†but these days (this week, let's say) I'm seeing an increase by an order of magnitude or so, with subjects usually either in Chinese or in gobbledygook, and coming from IP sources in .cn — It's the increase that alarms me. What did I do wrong? Oh well, maa shallah, now that the sh** is in the fan, let's get our bats and give the molehills a good getting-go!
×