Farelf Posted February 3, 2009 Share Posted February 3, 2009 http://www.spamcop.net/sc?id=z2581127020za...39262c79fb416ez http://www.spamcop.net/sc?id=z2581137306zc...bedeb6681bb4baz These are the same spam, the first case an e-mailed submission (forwarded as attachment in batch) the second case view page source, select-all, copied and pasted from Mozilla mail 4.79 directly into the parser box. The spam is malformed in any event (looks like cases analyzed on these pages before with "DATA" lines in the header without colons) but in the paste-in case it at least proceeds to offer reports. In the e-mailed case, 'something' has apparently broken the headers with a 'blank space' insertion so there is "Nothing to do": X-Originating-IP: [188.8.131.52] MAIL FROM: <standardx[at]themeltmethod.com> Am I missing something, or should this be referred for possible engineering examination? My thought is that if it happens with other mail clients there could be a lot of missed spam (especially if happening in quick reporting). I am also mindful of Don's post that Wazoo recently resurrected concerning problems with quick reporting - maybe the (supposed) fix did something? I had one other similar instance in the same batch, all others went through routinely (35 in total). Next: http://www.spamcop.net/sc?id=z2581290362z3...58360d1c661c25z resolves to report being offered "To: abuse[at]pipex.net (refuses to accept this type of report)" but hitting the "Send Ð…pam Report(s) Now" button simply loops (yes, I know it "looks" uncancelled but that's the whole issue - it is cancelled otherwise I had an "Unreported Ð…pam Saved" link in my member page and the ensuing loop could not be bypassed). I'm fairly certain this one should be referred though it was the only case I've seen - linked to that reporting address of course but maybe others? I don't recall seeing other posts about this. Reports are unmunged by the way, it is not a question of refusing munged reports (which calls up a different wording and process). Thoughts?  - just got another 'looper', same address: http://www.spamcop.net/sc?id=z2581497203z2...f0304a1828e75ez but I cancelled this one at the submission box, instead of using the "Cancel all reports" link used in the previous example. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.