RogerC Posted November 1, 2012 Share Posted November 1, 2012 From almost a year ago, I keep getting ads via mail, and they offer me an opt-out option, sometimes I opt-out, but trying to research more on this mails, they have the same format, looking into the source of the message all uses the same mail server, the domains that are used uses the same dns servers, so my guessing is that even tough effectivily have opted out, someone when create a new campaign they use again my email on every new email campaign. I'd checke the domain on black lists checks and there aren't any report on them (Maybe nobody in my country is doing anything?), I'm not sure if I signed for this, they claim not to be spam: "Este mensaje se envia en concordancia con la Ley 34/2002, del 11 de julio de Servicios de la Sociedad de la Informacion y del Comercio Electronico (LSSI), regulado en su articulo 21, numeral tercero, y la Ley 15/1999, de 13 de diciembre (LOPD) Ley Organica de Proteccion de Datos de la UNION EUROPEA, donde este email no sera considerado spam por cumplir con todas las normativas establecidas" A rough translation: "This message is sent according with the Lay 34/2002, of july 11 of Law of Information Society Services and Electronic Commerce (LSSI), regulated in its 21th article, third numeral, and the Law 15/1999, december 13 (LOPD) Data Protection Organic Law of the EUROPEAN UNION, where this email won't be consedered spam by fullfilling with all the stablished rules" I'm including the X-Antiabuse header: X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - host.eferias.info X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 32007] / [47 12] X-AntiAbuse: Sender Address Domain - usabolivia.com The whois for usabolivia.com is: Domain Name: USABOLIVIA.COM Registrar: DOMAIN.COM, LLC Whois Server: whois.domain.com Referral URL: http://www.domain.com Name Server: NS1.EFERIAS.INFO Name Server: NS2.EFERIAS.INFO Status: ok Updated Date: 23-oct-2012 Creation Date: 20-sep-2011 Expiration Date: 20-sep-2013 usabolivia.com is using eferias.info name servers that seems suspicious Another strange thing is when I opted out some times, almost immediatly an email arrived saying that my email had being confirmed: Your email address XXXX.XXXX[at]hotmail.com is confirmed! Thank you! with the following X-Antiabuse header: X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - host.eferias.info X-AntiAbuse: Original Domain - hotmail.com X-AntiAbuse: Originator/Caller UID/GID - [99 32007] / [47 12] X-AntiAbuse: Sender Address Domain - yourdomain.com This raises me the suspicion of spam If someone read through everything thanks, and any advices would be appreciated Link to comment Share on other sites More sharing options...
Derek T Posted November 1, 2012 Share Posted November 1, 2012 From almost a year ago, I keep getting ads via mail, and they offer me an opt-out option, sometimes I opt-out, Using the opt-out simply confirms to the spammers that they have a 'live' address. If you never opted in then NEVER opt out. Simply report all such crap to spamcop as spam. Link to comment Share on other sites More sharing options...
petzl Posted November 1, 2012 Share Posted November 1, 2012 Using the opt-out simply confirms to the spammers that they have a 'live' address. If you never opted in then NEVER opt out. Simply report all such crap to spamcop as spam. While a opt-out may (more likely not) get that spam stopped I find often that confirmed email address is passed on to other spammers causing spam to increase. Particularly with Brazil spam Link to comment Share on other sites More sharing options...
RogerC Posted November 2, 2012 Author Share Posted November 2, 2012 Using the opt-out simply confirms to the spammers that they have a 'live' address. If you never opted in then NEVER opt out. Simply report all such crap to spamcop as spam. Thanks for the replies. What will happen after I reported the spam, i see that generated a spam report message that has been sent to the "supposed" administrator of the mail server, but then what? Link to comment Share on other sites More sharing options...
petzl Posted November 2, 2012 Share Posted November 2, 2012 Thanks for the replies. What will happen after I reported the spam, i see that generated a spam report message that has been sent to the "supposed" administrator of the mail server, but then what? Reporting spam through SpamCop conceals your email address as best it can. That is unless you have selected the option in preferences "Leave spam copies intact" Best to leave the default setting "Obscure identifying information" Link to comment Share on other sites More sharing options...
turetzsr Posted November 2, 2012 Share Posted November 2, 2012 Thanks for the replies. What will happen after I reported the spam, i see that generated a spam report message that has been sent to the "supposed" administrator of the mail server, but then what?Hi, RogerC, ...Two things: SpamCop considers it as it decides whether to list the IP address in its blacklist -- see the SpamCop FAQ entry labeled "What is on the list?" for more information about that. The "supposed" administrator (abuse address) of the IP address has a report that they may use, if they wish, to investigate the spammer and take whatever action, if any, she/ he/ they deem appropriate. What we hope is that they will find the offending party and terminate their abuse of the service. Link to comment Share on other sites More sharing options...
Farelf Posted November 3, 2012 Share Posted November 3, 2012 It looks to me like SpamCop would be offering to send reports to spamreports[at]privatesystems.net. The next level up would be khnoc[at]khnoc.net, as far as I can tell (which would need to be added as a "user-defined" address, if reported at all). I can see no problem in reporting to [at]privatesystems.net. SpamCop tries to avoid sending reports to the spammers or to administrators who are known to pass on the reports to spammers with the addresses it uses. Link to comment Share on other sites More sharing options...
RogerC Posted November 3, 2012 Author Share Posted November 3, 2012 It looks to me like SpamCop would be offering to send reports to spamreports[at]privatesystems.net. The next level up would be khnoc[at]khnoc.net, as far as I can tell (which would need to be added as a "user-defined" address, if reported at all). I can see no problem in reporting to [at]privatesystems.net. SpamCop tries to avoid sending reports to the spammers or to administrators who are known to pass on the reports to spammers with the addresses it uses. How effective is the report to spamreports[at]privatesystems.net? Are there any precedents? Link to comment Share on other sites More sharing options...
Farelf Posted November 4, 2012 Share Posted November 4, 2012 SC has sent a handful of reports there in the last 90 days. Seemingly it is not an address found by ARIN lookup or abuse.net, perhaps it was one provided to SC by the network? It was responsive but cannot say if effective (or if it is still responsive). The main point is, any report, even if sent to devnull, will add weight to the SC blocklist data. I now see reports for khnoc[at]khnoc.net have been going to devnull. That does not affect SC - if the source is a sufficient nuisance on the internet it will fall into the blocklist when there are sufficient reports from different reporters (or if it hits spamtraps). Steve Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.