knightshade Posted June 22, 2015 Share Posted June 22, 2015 I'm seeing that one of my pet spammers has adopted using a redirect via an amazonaws web page, presumably because it adds another level of obsfucation to hide/protect their target URL (https & the URL in the spam uses POST to pass a name & id string if the recipient is unwise enough to click through)... This raised a couple of questions/observations: Currently, SC reports to ec2-abuse#amazon.com[at]devnull.spamcop.net (apparently devnulls at amazon's request) & email-abuse[at]amazon.com. Looking at amazon's own reporting page at portal.aws.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse , this references abuse[at]amazonaws.com - I'm wondering if the latter email address is equivalent to email-abuse[at]amazon.com, or ought to be used instead of/as well as? The reporting form on that same page indicates that, if used, amazon forward the complaint details to the EC2 customer (aka the spammer), which 'aint such a good idea - *sighs*... Is there a way to safely follow the redirect (in order to try to manually report the destination URL)? The usual techniques (urlquery etc) don't work as that target URL is protected by whatever scripting sits behind the amazonaws URL in the spam... Here's the SC tracking URL for any folks so inclined to have poke around: spamcop.net/sc?id=z6139877106z19ab51f56290487899361dbdef5efc87z Link to comment Share on other sites More sharing options...
turetzsr Posted June 23, 2015 Share Posted June 23, 2015 <snip> Currently, SC reports to ec2-abuse#amazon.com[at]devnull.spamcop.net (apparently devnulls at amazon's request) & email-abuse[at]amazon.com. Looking at amazon's own reporting page at portal.aws.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse , this references abuse[at]amazonaws.com - I'm wondering if the latter email address is equivalent to email-abuse[at]amazon.com,        Not exactly; please see SC FAQ article "Reports sent to SpamCop addresses". Note that, as you suggest may be true in this case, SC may do this by request of the abuse address owner but it may also be, as you also hypothesize may be the case here, because the abuse address owner forwards the reports to the spammer. or ought to be used instead of/as well as?        SC won't but you may do that manually. Link to comment Share on other sites More sharing options...
knightshade Posted June 23, 2015 Author Share Posted June 23, 2015 Not exactly; please see SC FAQ article "Reports sent to SpamCop addresses". Note that, as you suggest may be true in this case, SC may do this by request of the abuse address owner but it may also be, as you also hypothesize may be the case here, because the abuse address owner forwards the reports to the spammer. I was going by Don's comment in this thread, which indicated it was Amazon's choice: http://forum.spamcop.net/forums/topic/14731-ec2-abuse-amazoncomatdevnullspamcopnet-email-abuse-amazoncomatdevnullspamcopnet/#entry91712 But forwarding to the spammer remains a good reason. SC won't but you may do that manually. Well, part of the reason for posting that detail was as a possible suggestion aimed at any SC admin that may come across the thread. I already do much outside of SC - it's only 1 tool in the arsenal... However, reporting within SC is still preferable, because doing so eliminates both a manual forward & any need to repeat the obscuring of trackable stuff like email addresses, which SC already does a reasonable job of. Link to comment Share on other sites More sharing options...
turetzsr Posted June 23, 2015 Share Posted June 23, 2015 <snip> However, reporting within SC is still preferable, because doing so eliminates both a manual forward & any need to repeat the obscuring of trackable stuff like email addresses, which SC already does a reasonable job of.        True, that! You could add abuse[at]amazonaws.com (or any other address, for that matter) to your Preferences | "Report Handling Options" | "Public standard report recipients" so you can easily send a report using SC's parser/ reporting mechanism. Link to comment Share on other sites More sharing options...
knightshade Posted June 23, 2015 Author Share Posted June 23, 2015 True, that! You could add abuse[at]amazonaws.com (or any other address, for that matter) to your Preferences | "Report Handling Options" | "Public standard report recipients" so you can easily send a report using SC's parser/ reporting mechanism. Is there a way to add a recipient to individual spam reports? I already use the report handling functions to automatically forward a copy of every spam to knujon, but not every spam I get is connected to amazonaws - it would be nice if specfic email addresses could be included for individual spam reports (and even better if SC could offer a drop-down menu of previously selected addresses). Does SC have a suggestion box? Link to comment Share on other sites More sharing options...
turetzsr Posted June 23, 2015 Share Posted June 23, 2015 Is there a way to add a recipient to individual spam reports?        Preferences | "Report Handling Options" | "Public standard report recipients." The SC parser then adds to each parse an option to send to this receipient; you simply uncheck it for those spam that do not come from amazonaws and turn the check mark on for those that do! <snip> Does SC have a suggestion box?        This Topic will do but the "official" place for feature requests is the "New Feature Request" SC Forum. Link to comment Share on other sites More sharing options...
petzl Posted June 24, 2015 Share Posted June 24, 2015 Is there a way to add a recipient to individual spam reports? I pay for SpamCop reporting and when I submit a report via web it has this? Check the "Show technical details" box not sure if this feature is available in free reporting? Link to comment Share on other sites More sharing options...
turetzsr Posted June 24, 2015 Share Posted June 24, 2015 I pay for SpamCop reporting and when I submit a report via web it has this? Check the "Show technical details" box not sure if this feature is available in free reporting? Yes, it is (I do not pay and I have this option set), but I don't believe this helps knightshade accomplish the goal to "add a recipient to individual spam reports." Link to comment Share on other sites More sharing options...
petzl Posted June 24, 2015 Share Posted June 24, 2015 Yes, it is (I do not pay and I have this option set), but I don't believe this helps knightshade accomplish the goal to "add a recipient to individual spam reports." Under "Preferences" click "Report Handling Options" look at Personal copies of outgoing reports or Public standard report recipients Link to comment Share on other sites More sharing options...
knightshade Posted June 24, 2015 Author Share Posted June 24, 2015 Preferences | "Report Handling Options" | "Public standard report recipients." The SC parser then adds to each parse an option to send to this receipient; you simply uncheck it for those spam that do not come from amazonaws and turn the check mark on for those that do! Thanks! I did not realize that addresses added to this field would then be offered as optional (defaulted off) copy-to forwards - I thought they'd just automatically be always forwarded, or that I'd have to keep clicking them off when not required. This option effectively achieves the goal, though (note for interested parties reading in the future) it requires a comma separated email address list, not a space separated one. I pay for SpamCop reporting and when I submit a report via web it has this? Check the "Show technical details" box not sure if this feature is available in free reporting? It shows up on the cut'n'paste reporting form, but not on the form you get when you click on 'Use links to finish spam reporting' in the email from SC. I always use the link in the SC emails, so I've never messed with 'Show Technical Details' - what exactly does this provide? (Just sating my curiousity now - turetzr's suggestion does what was required.) Link to comment Share on other sites More sharing options...
turetzsr Posted June 24, 2015 Share Posted June 24, 2015 <snip> (note for interested parties reading in the future) it requires a comma separated email address list, not a space separated one        The field also has an undocumented 100 character limit, including spaces and commas. <snip> It shows up on the cut'n'paste reporting form, but not on the form you get when you click on 'Use links to finish spam reporting' in the email from SC. I always use the link in the SC emails, so I've never messed with 'Show Technical Details' - what exactly does this provide? (Just sating my curiousity now - turetzr's suggestion does what was required.)        The easiest way to see is to turn on the feature. You do this with a different option under Preferences | "Report Handling Options" -- "Show Technical Details during reporting." Link to comment Share on other sites More sharing options...
knightshade Posted June 24, 2015 Author Share Posted June 24, 2015 The field also has an undocumented 100 character limit, including spaces and commas. Useful to know - thanks. The easiest way to see is to turn on the feature. You do this with a different option under Preferences | "Report Handling Options" -- "Show Technical Details during reporting." Gotcha. Actually, I think I may have played with that in the past. Link to comment Share on other sites More sharing options...
klappa Posted July 23, 2015 Share Posted July 23, 2015 Not exactly; please see SC FAQ article "Reports sent to SpamCop addresses". Note that, as you suggest may be true in this case, SC may do this by request of the abuse address owner but it may also be, as you also hypothesize may be the case here, because the abuse address owner forwards the reports to the spammer. SC won't but you may do that manually. Thanks! I did not realize that addresses added to this field would then be offered as optional (defaulted off) copy-to forwards - I thought they'd just automatically be always forwarded, or that I'd have to keep clicking them off when not required. This option effectively achieves the goal, though (note for interested parties reading in the future) it requires a comma separated email address list, not a space separated one. It shows up on the cut'n'paste reporting form, but not on the form you get when you click on 'Use links to finish spam reporting' in the email from SC. I always use the link in the SC emails, so I've never messed with 'Show Technical Details' - what exactly does this provide? (Just sating my curiousity now - turetzr's suggestion does what was required.) Use link to finish spam reporting? How does that work? Link to comment Share on other sites More sharing options...
turetzsr Posted July 23, 2015 Share Posted July 23, 2015 Hi, klappa,        If I understand correctly, knightshade was referring to a feature of submitting spam via e-mail. For more information about this, please see SC Forum Topic "How do I submit spam via email?" Link to comment Share on other sites More sharing options...
klappa Posted August 23, 2015 Share Posted August 23, 2015 Hi, klappa, If I understand correctly, knightshade was referring to a feature of submitting spam via e-mail. For more information about this, please see SC Forum Topic "How do I submit spam via email?" Thanks! Link to comment Share on other sites More sharing options...
tanner Posted February 15, 2016 Share Posted February 15, 2016 Has anyone ever seen Amazon shut down a spammer? I have a fairly persistent one called "trueventus.com" whom I keep reporting and whom Amazon keep ignoring. I cannot say for certain that they quietly promote the ability to spam without fear of being blocked as one of the advantages of their cloud services. It is certain that I have quite a few reports of the various spammers, with "trueventus.com" and "localcounselcollective.com" being the most noteworthy, all ignored by Amazon. [paid spamcop user for a decade or so] Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.