goopot Posted May 5, 2004 Share Posted May 5, 2004 Hello, I've been swamped recently with bounces coming from spam that's got forged headers in it. I've be abiding by the rules and NOT reporting it with spamcop. Instead I've been doing two very boring tasks: (1) Replying to a suitable postmaster[at].. person explaining why the email was forged and asking them to reject forged headers rather than bouncing them to me (2) Mailing abuse[at].. for the machine where the forgery came from. It strikes me that both tasks could be automated in a similar way to the normal spam reporting. What do we think? Dave. Link to comment Share on other sites More sharing options...
turetzsr Posted May 5, 2004 Share Posted May 5, 2004 Hi, Dave, ...What I would do is: run the spam through the SpamCop parser look at the draft e-mails generated (click on the "Preview Reports link" button) copy one of the preview e-mails and paste it into a new e-mail message copy and paste the "To:" addresses into the "To" line of my e-mail replace the "This message is brief for your comfort. Please use links below for details." with the internet headers and (optionally) appropriate parts of the body of the spam send the e-mail cancel the SpamCop unreported spam Link to comment Share on other sites More sharing options...
goopot Posted May 6, 2004 Author Share Posted May 6, 2004 Sorry for the newbie response, but by "run the spam through the SpamCop parser" do you mean the reporting form at: http://mailsc.spamcop.net/ If so there's a problem with that approach as I've signed up to MailHosts so the parser doesn't parse anything below the forged header and therefore I don't get the draft emails generated. Dave. Link to comment Share on other sites More sharing options...
dra007 Posted May 6, 2004 Share Posted May 6, 2004 no, but you can manually cut and paste the report; once it is generated, paste it in a new e-mail, send to suggested abuse<at> and cancel reporting. Link to comment Share on other sites More sharing options...
goopot Posted May 6, 2004 Author Share Posted May 6, 2004 Might be a crossed-wire, but since I've signed up for MailHosts I can no longer generate these reports. They stop at the forged header saying that they won't trust anything else below the forged line and hence I get no reports. Are we looking at the same thing? Dave. Link to comment Share on other sites More sharing options...
jseymour Posted May 6, 2004 Share Posted May 6, 2004 Might be a crossed-wire, but since I've signed up for MailHosts I can no longer generate these reports. They stop at the forged header saying that they won't trust anything else below the forged line and hence I get no reports. I have the same problem. Now that I'm using mail hosts, I can't take a copy of a spam received by somebody else and use the parser to analyze the headers. In such cases, I don't want to send reports - I just want to find the origin and decode any embedded url's. I would love to see a "parse-only" submission box somewhere. P.S.: The mailhosts feature is working brilliantly otherwise. I wouldn't go back to the old system for a minute! This one limitation is my only complaint... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted May 6, 2004 Share Posted May 6, 2004 I have been asking about this since mailhosts were proposed. I know Julian is neck deep right now working on getting mailhosts ready for the general public but perhaps it will be implemented eventually. It never hurts to keep asking until we're asked not to any more Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.