Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by MyNameHere

  1. Update: For several weeks, I have been stripping off the first Received line from my Hotmail spam and including it in the "Additional notes" box. It looks like the proper sender is now being reported. Bonus: My incoming spam count has gone 'way down. Might or might not be related.
  2. Update: For several weeks, I have been stripping off the first Received line from my Hotmail spam and including it in the "Additional notes" box. It looks like the proper sender is now being reported. Bonus: My incoming spam count has gone 'way down. Might or might not be related.
  3. Hmmm... in most cases, the first Received line is just the first line, right? Thanks!
  4. Hmmm... in most cases, the first Received line is just the first line, right? That does seem to work. Interesting. Thanks!
  5. Okay, so the proper procedure for Hotmail and other Micro$oft accounts is to uncheck the report about the sending address and just report any spamvertised links? Or would it be better to flood Micro$oft with as many spam reports as possible? Maybe with a note saying what the problem is? Also, since this seems to be a universal problem, wouldn't it be a good idea to add it to the MailHosts and Reporting forums' pinned info? (I didn't see it on either one, but I didn't look carefully, either, he said sheepishly.)
  6. I just went to one I reported earlier in the week and re-parsed it. The parser, indeed, found the web links. Hooray!
  7. That works, even when the quotes are HTML quotes ("). That's what mine typically show. But it is "SpamCop-legit" to make this change?
  8. I've been away from the forums for a while. Is there no way to get a message to the SpamCop "powers that be"?
  9. Ahah! A good reason to reconsider paying for the service. Thanks!
  10. How do I add it to my report? There used to be a place for supplemental reporting addresses, but I haven't seen it for a while. Or is that available for paying users?
  11. I am running into the same phenomenon. SpamCop has failed to find links in just about all the spams I have gotten in the past week. It looks like someone (or two someones) has taken two tacks: Using Base64 to hide the links in images. Old school, but can be effective. Using "Content-Transfer-Encoding: quoted-printable" which seems to hide the URLs by encoding the HTML. For those, I see no reason the parser couldn't be modified to read the obfuscated HTML the same way it reads plain HTML. Though I could be wrong. Here is a reporting URL so you can see what I'm talking about on #2.
  12. Yep, I think you're psychic. Just this morning I went to the mailhosts and found that nothing was set up. I thought I had done that, but I did it again, and now it's finding non-Microsoft sources for most of my spam emails. Thanks!
  13. I want to raise the question again, simply because it seems so unlikely to me: How is it that the SpamCop parser always says my spam came from Microsoft? Surely, some spam is coming from somewhere else. This strikes me as being a likely parser problem. ???
  14. Tracking URL: https://www.spamcop.net/sc?id=z6202092832z56555340852d4093f4f78c465ff19ae0z
  15. Reporting URL: https://www.spamcop.net/mcgi?action=gettrack&reportid=6396232610
  16. I've noticed that all the spam I report from my Hotmail account is reported to the same place for the message source: danorm [at] microsoft.com After trying and discarding a bunch of received lines, the parser always ends up with an address that looks like "2a01:111:f400:7e4a:0:0:0:208," which is then reported to the above email address. For the past week, at least, the "2a01:111:f400" part has been constant, with some minor variations in the "7e4a" part and the "208" part. This happens even for legitimate emails that I parsed just to see where they would be reported.... Any ideas? Thanks!
  17. Brand new reporting login procedure, I guess, but I am not able to obtain a password. Message is Don't know if it's a problem on the SpamCop side or my side. I'm using FF30.0 with NoScript, but I don't see any scripts blocked. I'm also confused because I didn't see an earlier announcement of this change, which I think should have been phased in rather than imposed all at once. On the other hand, maybe I missed something because unless it was in red, I probably didn't read it.
  18. In reference to this forum thread. I have received several spam messages that fit this description in the past week, and there are a couple of new issues: If I click on "View full message," SpamCop sends me a ".sc" file that, of course, the browser doesn't know how to open. I save it and open it with Notepad and see that it is a text file with no apparent line breaks. In Wordpad, it does show line breaks. I don't have the tools here to see what the line break character is. The SpamCop parser displays a very large portion of the message rather than just the headers, and it seems to know where the lines break, too. As before, the parser fails to detect the body AS the body, and so is unable to parse any URLs in the body. If I insert a blank line in the proper place and paste the resulting message into the parser, it parses normally, including the body URLs. Example of parsing failure and unusually long message display: http://www.spamcop.net/sc?id=z5923835285ze...ab314479fe9baaz
  19. No idea. I've never seen that page before, don't know how to navigate to it, and don't know what it does.
  20. No, the button is, in fact, "Process Sample." Use the URL that Don provided.
  21. Thanks, Don--not to be disrespectful, but I already know how to get the source from the webmail interface, and I don't see how "Process Sample" helps because I already parsed the source and found out that it didn't work. We also know why: the spammer, perhaps deliberately, malformed the email by leaving out the blank line. I am curious what the Process Sample page is for and whether there is a way to navigate to it from the SpamCop reporting system. My last inquiry had to do with the fact that the webmail interface actually renders some of the HTML from the spam as if it were in the header. That sounds like a flaw that could turn into an exploit (getting webmail to execute a scri_pt, for example).
  22. I will do that, but if it's a problem, it looks like it would be a Horde IMP problem, so they won't be able to do anything about it.
  23. My email client is the SpamCop webmail service. In the email list, it shows "Unknown Date Invalid Address [No Subject]" When it displays the email, it renders some of the body (the headline and a hyperlink) as part of the header information (between the To line and the Subject line). This is a bit disconcerting, because it means it can cause a webmail service to render HTML (and perhaps execute scripts) even when it's not set up to do that. When I look at the source, you're right, there is no blank line. If I insert a blank line as you did, then parse the result, it parses properly.
  24. I have gotten a couple of these in the past day or so. The parser chokes, saying "No blank line delineating headers from body - abort" Here is a tracking URL: http://www.spamcop.net/sc?id=z5920230771z7...3b77a23e0a3810z ??? Thanks!
  • Create New...