klappa Posted November 3, 2015 Share Posted November 3, 2015 Since my spammer usually send links with URL redirects in the BODY (directing the user from compromised domains to his own domains) and Spamcop can't recognize those real domains after the redirect is it better to make an abuse report directly to the DNS host where his own domains are based? I don't want to take the risk of OVH exposing me. Thanks in advance! Link to comment Share on other sites More sharing options...
Lking Posted November 3, 2015 Share Posted November 3, 2015 IMHO there is no clear answer. Some things to consider: Sending a report to the spammer's true host may get you identified to the spammer. An ISP that host a spammer may be in it for the money, not the good of all. The spammer already has your email address, so there is nothing lost if you are exposed in #1 above. There is a possibility that the ISP used by the spammer does not know about the activities of their client. AND will take action to close them down (for a while anyway.) Link to comment Share on other sites More sharing options...
petzl Posted November 3, 2015 Share Posted November 3, 2015 Abuse reports I don't see going to spammer just the bit bin.Spammers once you get spam have your address often scraped from your friends zombie/BOTNET computer so advise other windows of free malware scan here Norton Power Eraser is a free tool and doesn't require installation. It just needs to be downloaded and run.https://security.symantec.com/nbrt/npe.aspx So it gets worse as your email is sold upwards.Webpages can be reported online herehttps://www.ovh.com/fr/support/documents_legaux/contenu_illicite.cgi Link to comment Share on other sites More sharing options...
klappa Posted November 17, 2015 Author Share Posted November 17, 2015 IMHO there is no clear answer. Some things to consider: Sending a report to the spammer's true host may get you identified to the spammer. An ISP that host a spammer may be in it for the money, not the good of all. The spammer already has your email address, so there is nothing lost if you are exposed in #1 above. There is a possibility that the ISP used by the spammer does not know about the activities of their client. AND will take action to close them down (for a while anyway.) I use an abuse e-mail and i usually post the parsed Spamcop reports so there's no risk. They haven't taken action yet. I've reported atleast two or three times now without them doing anything to shut the spam domain down. Abuse reports I don't see going to spammer just the bit bin. Spammers once you get spam have your address often scraped from your friends zombie/BOTNET computer so advise other windows of free malware scan here Norton Power Eraser is a free tool and doesn't require installation. It just needs to be downloaded and run. https://security.symantec.com/nbrt/npe.aspx So it gets worse as your email is sold upwards. Webpages can be reported online here https://www.ovh.com/fr/support/documents_legaux/contenu_illicite.cgi As said above i've already made several reports to OVH. They don't care it seems. I have reported to the DNS providers, the MX Mail providers, the CERT divisions etc... Nothing! I am beginning to think i can't write a good enough abuse report for them to taking notice or just doesn't care. OVH is as bad as GoDaddy. Link to comment Share on other sites More sharing options...
petzl Posted November 18, 2015 Share Posted November 18, 2015 As said above i've already made several reports to OVH. They don't care it seems. I have reported to the DNS providers, the MX Mail providers, the CERT divisions etc... Nothing! I am beginning to think i can't write a good enough abuse report for them to taking notice or just doesn't care. OVH is as bad as GoDaddy. I see them worse than Godaddy! Perhaps you can add OVH reports to CERT France? Complain that their abuse box is asleep at the wheel http://www.cert.ssi.gouv.fr/cert-fr/contact_en.html Link to comment Share on other sites More sharing options...
klappa Posted November 18, 2015 Author Share Posted November 18, 2015 I see them worse than Godaddy! Perhaps you can add OVH reports to CERT France? Complain that their abuse box is asleep at the wheel http://www.cert.ssi.gouv.fr/cert-fr/contact_en.html Thanks! BTW does Russia have some similar? There seems to be several like http://www.cert-gib.com/, http://www.cert.ru/en/about.shtml etc... Which one should i contact? Link to comment Share on other sites More sharing options...
petzl Posted November 18, 2015 Share Posted November 18, 2015 Thanks! BTW does Russia have some similar? There seems to be several like http://www.cert-gib.com/, http://www.cert.ru/en/about.shtml etc... Which one should i contact? Most CERT pages Here https://www.first.org/members/teams Russia here https://www.first.org/members/teams/cert-gib Link to comment Share on other sites More sharing options...
klappa Posted November 18, 2015 Author Share Posted November 18, 2015 Most CERT pages Here https://www.first.org/members/teams Russia here https://www.first.org/members/teams/cert-gib Thank you again! But i have tried to send mail to RU-Cert before but it always bounces back with a Delivery Status Failure because they receive it as spam. I might add it doesn't care where i send it from i always get the delivery status failure. Link to comment Share on other sites More sharing options...
petzl Posted November 19, 2015 Share Posted November 19, 2015 Thank you again! But i have tried to send mail to RU-Cert before but it always bounces back with a Delivery Status Failure because they receive it as spam. I might add it doesn't care where i send it from i always get the delivery status failure. Gave wrong site don't speak Russian https://www.first.org/members/teams/ru-cert http://www.cert.ru/en/about.shtml email info[at] Link to comment Share on other sites More sharing options...
Thorin Posted January 29, 2016 Share Posted January 29, 2016 I have been getting spam from the OVH rogue house of spam friends since many years. I am actually getting spam mainly from these IP addresses: 51.255.151.63 51.255.140.244 176.31.42.230 (Portugal) 151.80.165.203 let's say, generally speaking, the most huge flow of crap getting into my mailbox is coming from two subnets: 51.254.* and 51.255.* Needless to say nothing had changed after sending many complaints both through Spamcop or directly tpo their useless ghost abuse[at] desk and to France CERT as well [1]. It seems neither at FR CERT nor at RIPE to care about these spamming brain injured monkeys. I started also sending reports to https://www.signal-spam.fr/en/index.php/frontend and through a Thunderbird plugin to renater.fr but it seems it was unuseful as trying to teach quantum physics to a donkey. Is there any hope in an earthquake to blast away all that spamming house farm once for all? I am quite fed of getting daily crap from them and no hope to see its end. [1] Are these addresses correct, at least? cert[at]cert-ist.com, contact[at]cert.ssi.gouv.fr, certa-svp[at]certa.ssi.gouv.fr,abuse[at]nic.fr Link to comment Share on other sites More sharing options...
Thorin Posted January 29, 2016 Share Posted January 29, 2016 [at]petzi: as I wrote in another post, I have always been adding CERT FR in my complaints but it seems they are as dumb about getting rid of spam complaints as the unuseful OVH abuse desk is. Maybe if they'd start receiving some hundreds of newsletters to their abuse desk from many of their victims something could change? Link to comment Share on other sites More sharing options...
Lking Posted January 29, 2016 Share Posted January 29, 2016 Maybe if they'd start receiving some hundreds of newsletters to their abuse desk from many of their victims something could change? I do not think it would ever be productive to add spam to the system. "Hundreds of newsletters" would probably have the same affect at their abuse desk as all the "Increase your bedroom life" emails I get; I do not bother to read any email from knanderson{AT}instituto.ru Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.