Jump to content

Unsure how to proceed with odd emails I'm receiving. Report or Not?


Recommended Posts

Ok, I'm new around here and found the site while trying my best to research what to do with some odd emails I have been receiving. The emails started coming in at 10:23AM on March 2nd, 2009 and have continued to the present time. I have received 33 messages so far and in every single one, the message body consists of a greeting (hi, hello, salute) and then followed by a pic of some girl. There are no links in the messages. I want to do something about this but I'm not sure what to do. The from field contains a gmail address so my first stop was to report the emails to gmail using their online form. I would like to report them here but the whole bulk mail thing threw me off when trying to figure out if the emails I'm receiving meet the criteria. I can post the full header to the email here if that will help. I'm not sure if thats allowed hence the reason I haven't. I noticed that there is an "Insert Email" function here so I can do that as well as post the image if that is needed for some reason.

Any help would be greatly appreciated.

Link to comment
Share on other sites

I have received 33 messages so far and in every single one, the message body consists of a greeting (hi, hello, salute) and then followed by a pic of some girl.
Sounds like a bulk mailing to me! This would be especially true if neither your name nor any other identifying info appear in the message (your e-mail address might not even appear in the to-field). In any case, it seems to be abusive mail. If you are not comfortable with using SpamCop to report this mail you can use it to analyze the mail and then stop short of actually filing the reports; you can use the information it uncovers (mail source, abuse contacts, etc.) to file your own reports via your own resources.

The from field contains a gmail address so my first stop was to report the emails to gmail using their online form.
In most spam, the from-address is forged, so reporting it does no good (and in fact tends to implicate the innocent party whose address was stolen). See here at the Wiki.

I can post the full header to the email here if that will help.
A tracking link will be more helpful, see this wiki page.

-- rick

Link to comment
Share on other sites

Thanks for the input. Here is the tracking link:

http://www.spamcop.net/sc?id=z2671416509zc...1ce7b657d70e1dz

So is this pretty much all that I can do now that I reported it here and sent in a report to gMail for them to invesitgate? I sent the header info as well to gMail when I reported the emails to them

Edited by TheUsedVersion
Link to comment
Share on other sites

Thanks for the input. Here is the tracking link:

Looking at your sample, my first thoughts were about the many reasons why I would have expected the results to be a failed parse. Although there was a target offered for sending a report, there is notification that there is a problem with your method of submittal.

Finding links in message body

Parsing text part

error: couldn't parse head

Message body parser requires full, accurate copy of message

More information on this error..

You do need to follow the link to see, read, and take action .... Problems with spam not in original format

So is this pretty much all that I can do now that I reported it here and sent in a report to gMail for them to invesitgate? I sent the header info as well to gMail when I reported the emails to them

As previously stated, more than likely the GMail address used in the From: line is forged or non-existent. If you take a look around, you'll find FAQ and Wiki entries dealing with the "I didn't send this spam!!" scenario, caused by folks seeing/receiving spam that has had their address forged into the From: line of a spam run.

Link to comment
Share on other sites

Thanks for the input. Here is the tracking link:

http://www.spamcop.net/sc?id=z2671416509zc...1ce7b657d70e1dz

So is this pretty much all that I can do now that I reported it here and sent in a report to gMail for them to invesitgate? I sent the header info as well to gMail when I reported the emails to them

Thank you for the link. By reporting the spam you have (1) notified libero/iol that they have a spam problem, and (2) possibly helped add this address to the SpamCop blocking list, so that future spam from this address to yourself and others may be caught and detained.

On the other hand, as my friend Wazoo alludes, there were some "issues" with what you pasted into the parser. It appears to have been taken from the body of some other e-mail forwarded from somewhere else. Many mail programs (are you listening, Microsoft?) will mangle this sort of information by adding or deleting line breaks, etc., which has the effect of rendering the mail unparseable. Also, there's no sign here of the pictures you alluded to in your first post -- no MIME part info, no hyperlinks, etc. Again, this may be the result of clobbering by your mail program. It is indeed surprising that this message managed to get parsed at all, let alone as fully as appears to have happened.

My suggestion would be to go back to the original machine and mail program where this message sits, and then follow the instructions at http://www.spamcop.net/fom-serve/cache/19.html to get the clean, unaltered SMTP packet. Paste this into the parser and see if there is any difference (don't file the reports, you've already dealt with this message).

If you want to continue reporting mail through SpamCop, you should probably submit to the Mail Hosts Configuration process (see http://www.spamcop.net/fom-serve/cache/397.html). This will enable SpamCop to get a better picture of your particular mail setup, so that it will be more accurate in tracing the spam. Otherwise, you risk having SpamCop cast blame on your own provider on upon someone else who doesn't deserve it.

You mentioned reporting to Google -- but bear in mind that the headers show no evidence of the message having gone anywhere near GMail servers, so Google simply isn't involved here. Along with Wazoo, I urge you not to pursue the matter any further with Google. There's nothing for them to investigate. The gmail.com from-address was surely forged by the spammer and is therefore a lie.

-- rick

Link to comment
Share on other sites

My suggestion would be to go back to the original machine and mail program where this message sits, and then follow the instructions at http://www.spamcop.net/fom-serve/cache/19.html to get the clean, unaltered SMTP packet. Paste this into the parser and see if there is any difference (don't file the reports, you've already dealt with this message).

Ok here is a new tracking link:

http://www.spamcop.net/sc?id=z2672912083zb...51b11561f54425z

The first time I followed the instructions of forwarding the email to the address that it gave me. This time I used the message source to submit which is what I did with gmail. I realize now that the address has nothing but with gmail asking for the same info as required here I assume that their investigators are aware of the same problem. At least, one would think so.

And yeah, I dislike Microsoft. I use Firefox/Thunderbird combo. Seriously, thanks for all the help. I hope all the messages will stop in due time. Its up to 46 messages now. For now, I'm using a filter to automatically put them in an out of sight folder. I've noticed that all of the images are the same in the emails but each one has a different name. And I still think its odd that there are no links in the message and AVG is not picking up anything when it scans the messages. Any ideas?

Edited by Wazoo
Link to comment
Share on other sites

Wait a second, I just noticed on that new link that its reporting to someone else. Does that mean I need to go through and check every single one to see if I need to report them?

This new one says:

Re: 118.165.182.154 (Administrator of network where email originates)

To: spam[at]ms1.hinet.net (Notes)

... which is different from the last two.

Edit: The reason I used a new email this time was because I couldn't remember which one I used the last time.

Edited by TheUsedVersion
Link to comment
Share on other sites

Ok I've been going through them all and I'm getting different addresses that its reporting to. I stopped just now because I came to a spamcop.net address. What is that all about?

http://www.spamcop.net/sc?id=z2672958192zc...fea07d3cd02eb6z

Re: 83.237.113.38 (Administrator of IP block - statistics only)

Internal spamcop handling: (level3)

noc[at]mtu.ru

abuse[at]mtu.ru

postmaster[at]mtu.ru

support[at]stream.ru

http://www.spamcop.net/sc?id=z2672960307z0...70b99a6018c19az

Re: 78.128.18.118 (Administrator of IP block - statistics only)

mitko[at]mitko.com

rkovachev[at]bol.bg

http://www.spamcop.net/sc?id=z2672961261z7...a966c48a331930z

Re: 82.17.67.240 (Administrator of IP block - statistics only)

pim[at]virginmedia.co.uk

http://www.spamcop.net/sc?id=z2672962241z7...2f4094c13d668bz

Re: 94.181.224.126 (Administrator of IP block - statistics only)

noc[at]volga.ertelecom.ru

abuse[at]c-line.ru

postmaster[at]ertelecom.ru

abuse[at]transtk.ru

helpdesk[at]transtk.ru

info[at]ertelecom.ru

noc[at]ertelecom.ru

abuse[at]ertelecom.ru

http://www.spamcop.net/sc?id=z2672963387z7...f2933d0d634b2fz

Re: 77.100.130.22 (Administrator of IP block - statistics only)

abuse[at]blueyonder.co.uk

http://www.spamcop.net/sc?id=z2672964544z6...2d32d2ed07a01ez

Re: 87.97.241.78 (Administrator of IP block - statistics only)

mihail.balikov[at]interbgc.com

blagovest[at]interbgc.com

hostmaster#interbgc.com[at]devnull.spamcop.net

abuse[at]interbgc.com

nhh[at]interbgc.com

lacho[at]interbgc.com

office[at]interbgc.com

peterp[at]interbgc.com

postmaster[at]interbgc.com

http://www.spamcop.net/sc?id=z2672966039z6...7402215c5bc498z

Re: 89.79.175.20 (Administrator of IP block - statistics only)

abuse[at]chello.pl

http://www.spamcop.net/sc?id=z2672967341z3...bb057c147a8731z

Re: 186.12.106.186 (Administrator of IP block - statistics only)

sdethiou[at]cti.com.ar

http://www.spamcop.net/sc?id=z2672968730z8...36bbb36c1f416ez

Re: 77.78.129.194 (Administrator of IP block - statistics only)

b_stoev[at]sstech.biz

kalinbarakov[at]abv.bg

http://www.spamcop.net/sc?id=z2672972025z8...12ff8042c0869dz

Re: 92.47.135.111 (Administrator of IP block - statistics only)

vadim[at]semsk.telecom.kz

http://www.spamcop.net/sc?id=z2672973091z5...208ad0c417939ez

Re: 82.38.25.10 (Administrator of IP block - statistics only)

sam.aldcroft[at]telewest.net

stuart.robertson[at]telewest.co.uk

ripe[at]telewest.net

capacity[at]telewest.co.uk

steve[at]blueyonder.co.uk

james.haffey[at]virginmedia.co.uk

david.lumb#telewest.co.uk[at]devnull.spamcop.net

Edit: Oh I see it must be some mistake. Its a telewest.co.uk address and somehow it screwed up. Might be something someone who runs this wants to look into.

Edited by TheUsedVersion
Link to comment
Share on other sites

The spamcop address that you see is going to devnull which means that the report is not being sent. You will see that a lot of times when abuse addresses bounce. Spamcop does not keep sending reports to abuse addresses that don't want them. In this case, it might be because the recipient doesn't want them because he isn't the person to take action (since the other abuse addresses are getting reports). In other cases, the abuse desk has no intention of taking action. When the spam report goes to devnull, the report isn't sent, but the IP address is added to the blocklist resulting in the IP address being listed if there are enough reports.

The reason that the spam comes from different places is because spammers use botnets and use unsuspecting computer owners' computers to send the spam.

You should not 'open' spam except in the message source. If you can identify it by subject line and can forward as attachment, then there is no reason to open them at all.

Miss Betsy

Link to comment
Share on other sites

The reason that the spam comes from different places is because spammers use botnets and use unsuspecting computer owners' computers to send the spam.

So should I try to report all of the emails I'm receiving (at least the ones that are getting reported to different addresses) that are not more than 48 hours old?

I still don't understand what the purpose of this spam is. There are no links. It's also coming in on an email address that I rarely use. I have my spam email addresses where I don't care if spam comes in but this address is the newest one I have and hardly anyone knows it. Is there nothing more that i can do?

Link to comment
Share on other sites

What do you want to do?

There is no avoiding spam if you use an email address that is easily guessed (or might be used by someone else since spammers use the addresses they have with all the domains they can find), if your address is published somewhere on the internet either by you or by an organization to which you belong, if you have not read the privacy policies, and if any of your correspondents (and their correspondents) are not careful and get infected.

spamcop's philosophy about spam is to identify it and prevent it from entering your inbox. The blocklist can be used to reject it at the server level. There are many blocklists that filter in different ways. The email is sent back to the sending server with a rejection message. There are also several content filters used by ISPs to try and detect spam by the content after the email has been accepted . If the email is tagged as spam, it generally goes to a junk or, at spamcop, a held mail folder (as you are doing with the spam you are getting now). There are two reasons for that - one is that it doesn't clutter up your real email and two, you can search it for false positives.

Since most spammers, at this time, are criminal, or close to it, there is little that you can do to stop them. Occasionally, a spamcop report goes to a server admin who doesn't realize that one of his computers is infected. Then he is grateful because he can fix it before his IP address gets on many blocklists.

If you are not running your own server, you need to choose an ISP that filters spam the way you want it filtered or purchase a product like Mailwasher (however, do not use any 'bounce' features - they only send the spam to the forged FROM who is only on a spammer list and not the source of the spam).

If you want to have a spam free email address, use something like Th3U5edV3rs10n or The53Version which is not easily guessed and be careful who you give it to.

Miss Betsy

Link to comment
Share on other sites

What do you want to do?

I want to do whatever I can to stop it. In all of my years of being online, I have never had a problem like this. I learned back from the Windows 3x/Prodigy days to have a separate email address just for situations where I might receive spam. I receive maybe 3 or 4 emails a week on this address and since Monday I have received 47 of these crap emails. Actually, this is the first piece of unsolicited mail I have ever received on this email address. This email address (mine) came from an old internet service provider that I still pay to have the email hosted.

As I stated before, do I need to report each email that gives me a new address that it will be reported to?

Also, are ISPs usually open to helping out their customers in situations like this? Can I send them the info and have the addresses blocked from any future emails (if that should happen)?

Is there any way to track the source so that the source can be dealt with whether by contacting the source's ISP or going the criminal route? Unsolicited spam is criminal right?

If all of the above fails, I am interested in what software is out there to enable me to fight off this kind of thing? What do I need to look for? Are there any tools I can use in conjunction with Thunderbird to have the messages bounce to the original sender?

Also, can anyone answer why the emails are coming? Is this just general douchebaggery on the spammer's part? Could it be some kind of virus on someone's PC that is causing these emails to send out? I'm not used to seeing spam like this. No links. No nothing. Just a big pain in my....

Edited by Wazoo
Link to comment
Share on other sites

I want to do whatever I can to stop it.
Unfortunately, there really is not anything you can do to stop receiving these messages, short of closing the account. Most people in this group would be very excited to receive only 47 spams in a week. For a while, I was getting about 100/day.

The addresses are changing because your address is being spammed by a botnet... one person/group controls a whole bunch of machines around the world and instructs them to send spam to his list. SpamCop's list is not very effective against this type of attack because each machine (there are likely millions of them) only sends a small percentage of the messages.

Link to comment
Share on other sites

...Also, can anyone answer why the emails are coming? Is this just general douchebaggery on the spammer's part? Could it be some kind of virus on someone's PC that is causing these emails to send out? I'm not used to seeing spam like this. No links. No nothing. ...
It looks sort of experimental to me - maybe a spammer playing around with Chilkat tools - Sending HTML Email with Embedded Images to Gmail Accounts. Not to make light of your predicament (spam is spam) but a handful of pictures a day of a pouting lady (using the tool at Decode BASE64 encoded text on the partial data in your examples) is certainly not likely to be a mainstream spamming activity. Of more concern, obviously, is that "they" have your address to perhaps spam more seriously in future. What they ultimately want is your money and/or your computer, naturally.

Of course, report the sources (even if they are repeats) if you can. A few ISPs will take action to shut down the zombies on their networks and the cumulative reports might affect the network reputations of the others, even tip them into the SpamCop blocklist on occasion though SC is far from optimal in dealing with botnets, as Steven has indicated. There are more effective tools1 to go after those who advertise through spam but the kind you are getting so far has no such links.

1Such as Complainterator - nothing to do with SC by the way, but mentioned in these forums (use site search for more information if you want it).

Link to comment
Share on other sites

Ok I've been going through them all

I noted going through these links that the From: address happened to be the same in most or all cases. If this is true of this particular party, then you can actually set up a filter in your mail program to shunt future messages of this sort into the trash.

Normally, spammers forge the from addresses and change them extremely frequently, so they aren't even worth looking at. This particular chucklehead slept through that part of the curriculum, evidently, so you have a chance to use his stupidity against him.

-- rick

Link to comment
Share on other sites

<snip>

As I stated before, do I need to report each email that gives me a new address that it will be reported to?

...Taking you literally: no, you don't. But it may help those whose e-mail providers use the SpamCop blacklist to reject or filter potential spam and even those few server admins whose machines are being used to send spam unbeknownst to them.
Also, are ISPs usually open to helping out their customers in situations like this? Can I send them the info and have the addresses blocked from any future emails (if that should happen)?
...Some are -- for example, Yahoo!Mail seems to provide such a capability. You could try that.
Is there any way to track the source so that the source can be dealt with whether by contacting the source's ISP ...
...That's exactly what SpamCop tries to do when you submit your spam to it!
or going the criminal route? Unsolicited spam is criminal right?

<snip>

...Nooo!!!!! Different legal jurisdictions, different (or no) laws. In the US, only spam that violates the CAN-spam act is a legal violation (unless it violates some other law; see, for example, Botnet ringleader gets four years). Some of us libertarian types are pleased that the law is either absent or ineffective and others bemoan it.
Link to comment
Share on other sites

Nooo!!!!! Different legal jurisdictions, different (or no) laws. In the US, only spam that violates the CAN-spam act is a legal violation (unless it violates some other law; see, for example, Botnet ringleader gets four years). Some of us libertarian types are pleased that the law is either absent or ineffective and others bemoan it.
Noting en passant that nearly all spam I get is in violation of CAN-spam (forged header entries, lack of removal mechanism, etc.). Obviously, that hasn't stopped it, since the really big growth in spam has come after CAN-spam ("...when spam is outlawed, only outlaws will spam!", to paraphrase the NRA).

Hard for the feds to do much about simple spam, when the perps are often located in places where we (U.S.) don't even have particularly good diplomatic relations, let alone police jurisdiction. The mailings come from China, Poland, Russia, Brazil, Argentina, et. al. -- not like the FBI could show up with a summons.

My conjecture is that most spam-related cases that wind up in the courts are civil, not criminal (i.e., "stop spamming my network!" or "stop stopping me from spamming your network!"). Courts have sometimes proven rather resistant to the notion of unsolicited e-mail being a crime (one judge next door to me in Virginia even cut Jeremy Jaymes loose claiming that he was only sending "anonymous e-mail," whatever that might be). It seems as though prosecutors have better luck by bringing other indictments into the picture (wire fraud, drug dealing, etc.) where the legal issues are more clear-cut. Botnetting might well be such an indictment (certainly should be), we will see how things develop.

I'm no flaming libertarian, but I too am wary of laws that deal with content of speech. Mainly what I find objectionable about spam is all the associated criminal activity -- this is what we need to focus on and what we need to bring under control. Make the spammers contract openly for their resources and follow the laws, then we will see how viable their business model truly is.

-- rick

Link to comment
Share on other sites

As I stated before, do I need to report each email that gives me a new address that it will be reported to?
Yes, of course. Each new address is a possibility that the server admins will do what they should do about informing their customers that their computers are infected. Each report is a possibility that this IP address will be added to the spamcop blocklist. Of course, if you do not take advantage of the spamcop blocklist, reporting is altruistic on your part.

Also, are ISPs usually open to helping out their customers in situations like this? Can I send them the info and have the addresses blocked from any future emails (if that should happen)?
Many ISPs have spam filtering in place. You would have to ask your ISP what he has done. Some have various levels that you can choose. Usually, there is no way to report spam to them. If there is, your report basically adds to the filter criteria. Some may report the way spamcop does to the sending server admin. As spam filtering is an arms race against the spammers, few will tell you very much about what they do.

Is there any way to track the source so that the source can be dealt with whether by contacting the source's ISP or going the criminal route? Unsolicited spam is criminal right?
As others have said, there is not much legally that can be done.

If all of the above fails, I am interested in what software is out there to enable me to fight off this kind of thing? What do I need to look for? Are there any tools I can use in conjunction with Thunderbird to have the messages bounce to the original sender?
You did not read my post. DO NOT TRY TO 'bounce' messages. When you attempt to 'bounce' messages back, all you do is become part of the problem. You can buy spam filtering in various ways. You can get a program like Mailwasher. McAfee has a spam filter. You can get an email account with an email service that filters - the spamcop email service is one. Hotmail and Yahoo filter aggressively even with the junk mail function turned off (you can report junk mail in either one).

Also, can anyone answer why the emails are coming? Is this just general douchebaggery on the spammer's part? Could it be some kind of virus on someone's PC that is causing these emails to send out? I'm not used to seeing spam like this. No links. No nothing. Just a big pain in my....
Since we aren't spammers, we don't know why. Our guess is that someone bought a spam program hoping to become rich and doesn't understand the directions. Yes, it is 'some kind of virus' on someone's PC - see the explanation of botnets.

Like myself and many others, you came to spamcop hopping mad because of a particular spam (or the breaking point of too many). No, there is nothing you can do to STOP spam. Yes, there are filters - ways to keep it out of your inbox - without also filtering out good email.

Most of us here believe in blocklists because the internet is run on netiquette and the mannerly way of dealing with rudeness is 'the cut direct' or totally ignoring the perpetrator. Theoretically if all ISPs used blocklists, spamming would not be lucrative. There are some who want to shut down the spamvertising website. The lowest effective level of dealing with spam is JHD (just hit delete). You can learn more about anti-spam techniques. Since you have mastered reporting, you can continue to report - there is a certain satisfaction in hitting the report button. It doesn't stop the spam, but it does contribute to the anti-spam effort, which, in the long term, may reduce spam to manageable levels. I don't think the more lucrative criminal activity, such as 419 spam, will ever go away.

Miss Betsy

Link to comment
Share on other sites

Sorry I have been busy for the past week. For the time being, the spam has stopped. 67 in all. I fully expect more to come sometime in the future. I have read everyone's recommendations and appreciate all of the help I have received.

Unfortunately, there really is not anything you can do to stop receiving these messages, short of closing the account. Most people in this group would be very excited to receive only 47 spams in a week. For a while, I was getting about 100/day.

I receive probably anywhere from 100-300 every day but the thing is those are on my so-called "spam addresses" where I don't mind if I receive spam. One address I've had for almost 12-13 years. When I need to give an email and I'm not confident how reliable they are or quite simply know that my address will be sold, I give them one of my two spam addresses. My other addresses I try my best to take great care of who I give them out to. It wasn't a case of me being mad because poor ole me received 60 something spam in one week. It was that I received them on an address that I have taken great care to protect. Like I said, I receive tons of spam every day across all of my addresses just like I'm sure everyone or most everyone does.

You did not read my post. DO NOT TRY TO 'bounce' messages. When you attempt to 'bounce' messages back, all you do is become part of the problem. You can buy spam filtering in various ways. You can get a program like Mailwasher. McAfee has a spam filter. You can get an email account with an email service that filters - the spamcop email service is one. Hotmail and Yahoo filter aggressively even with the junk mail function turned off (you can report junk mail in either one).

Miss Betsy, if you reread what I wrote I said "bounce messages to the original sender" not the forged from address. I simply asked if there was a way. I'm sure there probably is not but because I am not aware of what products are available, I put the question out there. Software capable of doing that would be too easy and I guess all of us would be using it right now.

Anyways, thanks guys and gals for the help and wonderful information. Because I have been so busy this week, I am no longer able to report the rest of the spam I received but I now know where to come whenever I receive them in the future. You can mark this one resolved. Not sure if that applies here or not but you get the idea.

- TheUsedVersion -

Edited by TheUsedVersion
Link to comment
Share on other sites

Well scratch that. New emails have been coming in exactly like the last ones except with a new address. The name is the same but the forged from address is different now.

Here is a recent tracking link:

http://www.spamcop.net/sc?id=z2690786223z5...36f0c82f468a09z

Regardless... unless anyone has anything else to add, I will just keep on reporting.

Link to comment
Share on other sites

I want to do whatever I can to stop it.

It is just worth noting that whilst reporting via SpamCop is a great help to those folk who have implemented filtering using the SCBL, it will not help you at all unless your incoming mail provider also uses the SCBL for filtering. Well, if the originating ISP takes action then it may help a little, but that is not the main benefit.

I noted your mention of Googlemail. If Googlemail is your incoming service then you will get the best service in blocking this junk by reporting everything that reaches your inbox as spam within Googlemail. This keeps your Google spam filters fresh.

But please feel free to report via SpamCop as well. Your contribution to the SCBL is valued by those of us who do use filtering based on the SCBL.

Andrew

Link to comment
Share on other sites

Well scratch that. New emails have been coming in exactly like the last ones except with a new address. The name is the same but the forged from address is different now.
As has been noted, typically these things have a constantly changing roster of forged addresses. Your cases, with just a couple, are nothing like typical (and more than usually pointless). That is a puzzle.
Here is a recent tracking link:

http://www.spamcop.net/sc?id=z2690786223z5...36f0c82f468a09z

Regardless... unless anyone has anything else to add, I will just keep on reporting.

You haven't completed reporting that one - please report or cancel but don't leave it 'live' in any event. The tracking URL is unaffected by either action.
Link to comment
Share on other sites

Miss Betsy, if you reread what I wrote I said "bounce messages to the original sender" not the forged from address. I simply asked if there was a way.
Not that I'm aware of. To use a post office analogy -- suppose you get a letter from a crook. You know that the return address (in e-mail, the from-address) is probably bogus, so you don't bother with it. You could look at the postmark on the letter (the source IP, in e-mail) which would get you close to where the letter was actually sent from; however, it would be difficult to go from the postmark to the specific party who gave that mail to that post office.

In other words, just because you know with certainty the source IP of the spam does not mean that you necessarily know the e-mail address, name, nationality, or hat size of the person who sent it.

-- rick

Link to comment
Share on other sites

As has been noted, typically these things have a constantly changing roster of forged addresses. Your cases, with just a couple, are nothing like typical (and more than usually pointless). That is a puzzle.You haven't completed reporting that one - please report or cancel but don't leave it 'live' in any event. The tracking URL is unaffected by either action.

Yeah I realized that before even reading your post. I reported it.

The more I think of it the more odd it seems. It makes sense that it may just be someone testing out their new software and are trying to figure out how to use it effectively; however, what doesn't make sense, is that this complete noob spammer (I assume at least) would be the person who first sends me spam. By the way I'm totally calling that the chick in the pic is actually a guy. I swear I can almost make out an adam's apple. Anyways, like I said before, I believe this is the first unsolicited spam I've received on this specific address. It just doesn't make sense.

---------------

Also, I wanted to ask something else but I realize this may not be the place. Are there any new technologies or breakthroughs on the horizon for email? As in different protocols or something? A whole new way of how email works from the bottom up... down to its core. To try and prevent the issues that are plaguing so many today from happening. Prevent may be the wrong word. A way to defend against these type of things when they do happen. As in always having a traceable link back to the original source because of the way it(email) is built?

If so, links would be wonderful.

Link to comment
Share on other sites

...Also, I wanted to ask something else but I realize this may not be the place. Are there any new technologies or breakthroughs on the horizon for email? As in different protocols or something? A whole new way of how email works from the bottom up... down to its core. To try and prevent the issues that are plaguing so many today from happening. Prevent may be the wrong word. A way to defend against these type of things when they do happen. As in always having a traceable link back to the original source because of the way it(email) is built?

If so, links would be wonderful.

We can split it off into a new topic if discussion develops. AFAICT any proposal along those lines has sort of perished through collective paranoia and/or apathy. Bill Gates promised us an end of spam by Christmas 2005 (or maybe it was 2004, I haven't the heart to research it). In another topic - http://forum.spamcop.net/forums/index.php?...ost&p=69753 there is mention of domain keys which, in conjunction with a responsible mailing service, certainly goes a long way towards sorting the wheat from the chaff.

But there is a veritable industry devoted to dealing with the bandwidth issues caused by/consumed by spam (with a white side and a black side), another devoted to ISP filtering, many (for each jurisdiction + inter-judicial) for legal, legislative and law enforcement issues, another for virus/worm detection and rescue and the mirror-image industry to create the things (white and black again) and, of course, many kinds of of spam 'business'. I'm not sure, in the midst of a global recession, if the world can afford to kill spam right now. :D (No, no, we can.)

Maybe the phrase 'try and' (... prevent the issues that are plaguing ...) is hopelessly optimistic in this (and many other) circumstances. I tend to use 'try to', but then I'm funny about stuff like that :P.

I look forward to comment on your question from other members ... there has to be some hope, somewhere, or hints of it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...