Emerson Prado Posted May 12, 2010 Posted May 12, 2010 Hi all, This is my very first post here, so I apologize if I'm doing it the wrong way somehow. I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers. But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around. This is my last report: http://www.spamcop.net/mcgi?action=gettrac...rtid=4944509793 I guessed the offender also owns the domain the messages come from and the links point to - the domain is the same. This way, reporting to him is plainly useless. I still report but unchecking his own addresses. I also wrote to the local (Brazilian) domain certifier (Cert), without answer (what doesn't mean without action). Is there another way to fight this guy? Best regards, Emerson Admin Edit: ectracted from http://forum.spamcop.net/forums/index.php?showtopic=11310 as it isn't actually carrying on 'that' Discussion. PM sent to advise of this action/move.
Farelf Posted May 12, 2010 Posted May 12, 2010 ...This is my last report: http://www.spamcop.net/mcgi?action=gettrac...rtid=4944509793... Hi Emerson, That's not a tracking URL - only you and SpamCop staff can see the report from that link. If you want it tp be available to the rest of us to look at you will need to open the report and pick up the Tracking URL that appears near the top of the "Parse" page (and is identified by that name).
Emerson Prado Posted May 13, 2010 Author Posted May 13, 2010 open the report and pick up the Tracking URL that appears near the top of the "Parse" page (and is identified by that name). Oops, sorry! Here's the correct url: http://www.spamcop.net/sc?id=z4010880963za...3b90e00a33a834z Thanks, Emerson
Farelf Posted May 13, 2010 Posted May 13, 2010 Hmmm ... I don't know if the situation is as you describe it but have to admit it certainly looks much that way. If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address: WHOIS Source: LACNIC IP Address: 189.1.164.212 Country: Brazil Network Name: 006.943.198/0001-23 Owner Name: HOSTLOCATION LTDA ... % Security and mail abuse issues should also be addressed to % cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br % and mail-abuse[at]cert.br
Emerson Prado Posted May 21, 2010 Author Posted May 21, 2010 I don't know if the situation is as you describe it but have to admit it certainly looks much that way. Pls feel welcome to challenge anything. Maybe I missed something and can look for. If you are sending reports to cert.br in preference to the allocated owner you may be using the wrong address: ... % Security and mail abuse issues should also be addressed to % cert.br, http://www.cert.br/, respectivelly to cert[at]cert.br % and mail-abuse[at]cert.br In fact, I tried both addresses (cert and mail-abuse at cert dot br), in different time frames. I changed from mail-abuse to cert recently, just to see if something happened. I'll probably revert to mail-abuse, since this is a mail abuse issue (though the guy sells addresses). But, since I used that before, this doesn't seem to be the cause. Many thanks and best regards, Emerson
agsteele Posted May 21, 2010 Posted May 21, 2010 I also have a problem with an unstoppable spammer. The offender sells addresses and does mail listings - so it also feed other spammers. But, after dozens and dozens of reports sent thru SpamCop, nothing changed at all. The spammer is still happily sending junk and helping others sending junk around. Hi Emerson, Welcome to these forums... The situation you describe is quite common and sometimes reflects a misunderstanding about SpamCop reports. The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest. To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists. HTH Andrew
petzl Posted May 22, 2010 Posted May 22, 2010 The main purpose of reporting to SpamCop is to feed the SCBL and all your reports will, indeed, do that. The Email reports to an ISP may or may not have much effect. Some ISPs take a SpamCop alert very seriously and others with little interest. To benefit from your reports (and those of others) you should ensure that you implement dsnbl checking and include the SCBL as one of the block lists. Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers? They in fact claim to be anti-spam? http://www.cert.br/ Google translation Brazilian Honeypots Alliance - Distributed Honeypots Project The CERT.br is part of the coordination of the Brazilian Honeypots Alliance - Distributed Honeypots Project , which aims to increase the capacity of incident detection, event correlation and determine trends in attacks on the Brazilian Internet space. The data collected by honeypots are processed to generate daily statistics from malicious activity observed. These statistics are available from: Statistics: Brazilian Honeypots Alliance - Distributed Honeypots Project The CERT.br also uses the data collected by the project to identify malicious activities in the Brazilian Internet space and notifying those responsible for networks involved in these activities.
Snowbat Posted June 5, 2010 Posted June 5, 2010 Reporting to mail-abuse[at]cert.br does (IMO) seem to feed Brazilian spammers? Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia. http://www.cgi.br/english/index.htm I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete) If you need to contact a human, try here: http://www.cert.br/contact.html
petzl Posted June 6, 2010 Posted June 6, 2010 Not in my eperience. Cert.br is an arm of the Brazilian Internet Steering Comittee, an organization created by the government of Brazil, with members from government, enterprise, and academia. http://www.cgi.br/english/index.htm I suspect the reporting address is unmonitored and just feeds their statistics database (which is unfortunately incomplete) I still believe "cert Brazil" are very much aiding spammers All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported" Brazils incompetence in handling spammers also reflects badly on their whole country
Farelf Posted June 7, 2010 Posted June 7, 2010 I still believe "cert Brazil" are very much aiding spammers All mail from Brazil just hits SpamCop Email held box and is "Very Easily Reported" Brazils incompetence in handling spammers also reflects badly on their whole country Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time - so the whole process is quite disconnected and remote from the viewpoint of the reporter. The difference being the primary reporting for those US ISPs is direct to them, the same avenue is not open for Brazil reports. Interestingly, the responsibility for Australian oversight is being increasingly shovelled onto to ISPs through 'voluntary' codes of conduct (if they know what's good for them). The UK is seeking to sheet home the blame for the misuse of their computers to the individual owners. An Englishman's home is his castle and he'd better jolly-well defend it (and all you Scots and Welsh and Northern Irish and Manx and sundry other islanders too, your Government is watching to be sure you do). Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one.
petzl Posted June 7, 2010 Posted June 7, 2010 Yep, frustrating in the extreme - but from a distance you could say much the same about US reporting to the FTC which mostly just gathers evidence for "other agencies" who act in their own good time - Different countries take different approaches. Paper tigers all. None is manifestly successful in ferreting out the predatory perpetrators and subjecting them to the immediate, hideous and satisfyingly sustained punishments we all know they deserve. Ah, it doesn't pay to obsess - they make monsters of us all. Well, of me for one. Not getting any spam through my Greylist from USA or Australia Brazil I do Reporting spam to US Australia does work in fact all countries except Brazil Greylisting means my email only accepts mail from a email server
Farelf Posted June 7, 2010 Posted June 7, 2010 ...Reporting spam to US Australia does work in fact all countries except Brazil Greylisting means my email only accepts mail from a email server Okay, fair enough.
Emerson Prado Posted June 10, 2010 Author Posted June 10, 2010 Reading throughly the topic suggested by Snowbat http://forum.spamcop.net/forums/index.php?showtopic=10380# gave me a sad picture of how it really is about this domain and what we can do about it. In fact, my issue is exactly the same discussed in that topic. Would it be better if I followed up there, so we have just one thread for this subject? I'll write the deputies, as suggested in that thread. Let's see. Best regards all, Emerson
Recommended Posts
Archived
This topic is now archived and is closed to further replies.