Jump to content

refuses munged reports , What then ??


maccampus

Recommended Posts

http://www.spamcop.net/sc?id=z507461910z28...a7e312cd058047z

http://www.spamcop.net/sc?id=z506231455z35...a319227d57a7eaz

Hello ,

These are 2 links to references of spam i receive from the same origin but they refuse mungled reports . What do i do , do i send unmungled reports ?

Is www.national-net.com a trusted Webserver ? As i understand, see below, the spam both originate there & the site referred in the spam is hosted there , is this correct ?

What about www.gblx.net & www.egwn.net are these trusted sites ?

I really hope for a quick responds ,

Thx

Re: 66.115.174.226 (Administrator of network where email originates)

To: postmaster[at]national-net.com (refuses munged reports) (Notes)

To: abuse[at]gblx.net (Notes)

To: abuse[at]national-net.com (refuses munged reports) (Notes)

Re: http://66.115.174.226 (Limited spamvertized web site)

To: abuse[at]national-net.com (refuses munged reports) (Notes)

To: postmaster[at]national-net.com (refuses munged reports) (Notes)

Re: http://66.115.174.226 (Administrator of network hosting website referenced in spam)

To: postmaster[at]national-net.com (refuses munged reports) (Notes)

To: abuse[at]gblx.net (Notes)

To: abuse[at]national-net.com (refuses munged reports) (Notes)

Re: http://66.115.174.226 (Administrator of network hosting website referenced in spam)

To: postmaster#national-net.com[at]devnull.spamcop.net (Notes)

To: abuse#national-net.com[at]devnull.spamcop.net (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Limited spamvertized web site)

To: postmaster[at]national-net.com (refuses munged reports) (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Administrator of network hosting website referenced in spam)

To: abuse[at]national-net.com (refuses munged reports) (Notes)

To: postmaster[at]national-net.com (refuses munged reports) (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Limited spamvertized web site)

To: abuse[at]national-net.com (refuses munged reports) (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Administrator of network hosting website referenced in spam)

To: abuse[at]gblx.net (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Limited spamvertized web site)

To: postmaster#national-net.com[at]devnull.spamcop.net (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Administrator of network hosting website referenced in spam)

To: abuse#national-net.com[at]devnull.spamcop.net (Notes)

To: postmaster#national-net.com[at]devnull.spamcop.net (Notes)

Re: http://www.merrymaids4you.com/html_email/megapo... (Limited spamvertized web site)

To: abuse#national-net.com[at]devnull.spamcop.net (Notes)

Re: http://www.one2one.com/enter.php?&login=761149 (Administrator of network hosting website referenced in spam)

To: abuse[at]egwn.net (Notes)

Link to comment
Share on other sites

So strange to see the use of the wod "mungled" showing up in the newsgroups and now these Forums in just a matter of days ...

At any rate, the question of "what to do" is up to you. Some ISPs state that their wishes are that the actual spam is required to cover their legal issues if they were to persue charges. Other folks state that the only reason the ISP want's to see the actual spam is for the purpose of list-washing, i.e., removing "your" address from their future spew so as to cut down on the complaints received.

The SpamCop reporting tool tries to mung items such as your e-mail address, but .. if a spammer really wants to further identify "you" in the spam, there are millions of ways that could be used .. that stuff that looks like gibberish could be tracking codes, the amount and location of white space could be a tracking clue, on and on ....

The SpamCop tool doesn't reflect "trusted" or "untrusted" ISPs ... the request for reports to be sent unmunged is availlable to any complaint recipient. You'll have to make the same decision when you see the "third-party is interested" listings.

Link to comment
Share on other sites

So it's up to me to find out if www.national-net.com is a real Web Hosting company or Provider & not just a fake website used by the Spammer ?

How can i be certain about that . Can i change the email adress myself to some unexisting emai adress , so the unmungled mail doesn't contain my email ?

If i choose to send unmungled , does this mean unmungled to anyone or just to those who doesn't want the mungled reports ?

thx again

PS ; It was me too who has posted it in the newsgroups , i'm glad i posted it here too for 2 reasons. Great responds time & a more clarifiing asnwer then in the newsgroup . You can see it was me since i posted there under the same name :)

Link to comment
Share on other sites

So it's up to me to find out if www.national-net.com is a real Web Hosting company or Provider & not just a fake website used by the Spammer ?

That the parser found the address, DNS, and domain in all the look-ups suggests that this wouldn't be a fake web-site ... technically, this address is the registered host of any web-site referenced .. basically, you're mixing terms in your question .. maybe something akin to the use of this strange "mungling" you keep using. mung = mung until no good , recursive term

How can i be certain about that .  Can i change the email adress myself to some unexisting emai adress , so the unmungled mail doesn't contain my email ?

Again, so as not to incur the wrath of Ellen, the guidelines are that based on the unmunged request, it is to be sent unmunged, if you agree to that Send click. If you do mung the contents and Send anyway .. if the ISP takes exception to this and complains, your account could be in jeopardy.

If i choose to send unmungled , does this mean unmungled to anyone or just to those who doesn't want the mungled reports ?

You can always verify by hitting the "preview reposrts" button, but the answer is that the unmunged reports only go to those that requested unmunged and you agreed to Send them to .. the other recipients receive the versions that have been munged by the SpamCop tool.

Link to comment
Share on other sites

Okay .

I'm sending the unmunged ( i got it right this time , but i must admit being Dutch speaking mungling sounded better then munging :) ) reports .

The parser did it's job , found everithing about the ip from the webhost/Provider .

I also understand now that i don't want to upset Ellen & risk losing my SpamCop account , i would never want to upset any girls . So Ellen , if you're reading this , i'm sorry if i even tought of altering the spam reports .

I hope this will make the spam stop since they send me daily & it's the only spam i still get ; Spamcop stopped al the other spams i got .

I also want to thank the entire SpamCop team for it's great efforts reducing spam for everyone & specially Wazoo for replying to my post so qiuckly

Thx to all of you

Link to comment
Share on other sites

Ok, I actually read your newsgroup post first ... glad it worked and you're a bit more comfortable with the decision. and I'll say you're welcome, noting that in reality, Wazoo should have been sleeping in the wee hours here <g>

Link to comment
Share on other sites

So it's up to me to find out if www.national-net.com is a real Web Hosting company or Provider & not just a fake website used by the Spammer ?

That the parser found the address, DNS, and domain in all the look-ups suggests that this wouldn't be a fake web-site ... technically, this address is the registered host of any web-site referenced . . .

<snip>

...Please correct me if I'm wrong, Wazoo (and other experts) but I don't see this as safe. Just because a URL is verified as being a "real" (not fake) URL doesn't mean that sending un-munged data to an associated e-mail address would keep the data from being exploited by spammers or other evil-doers, does it?

<snip>

I also understand now that i don't want to upset Ellen & risk losing my SpamCop account , i would never want to upset any girls . So Ellen , if you're reading this , i'm sorry if i even tought of altering the spam reports .

...maccampus -- IIUC, it is okay to alter spam reports provided you cancel them instead of sending them once you have retrieved the information you want (such as the abuse address of the ISP/e-mail service provider).

I hope this will make the spam stop since they send me daily & it's the only spam i still get ; Spamcop stopped al the other spams i got .

...It might but probably will not. First: the only way to truly stop spam is for the ISP or e-mail service provider to stop it and not all such providers act on spam reports (especially if it's just one). Second: one lone report will not cause the IP address through which the spam came to be placed on the SpamCop.net block list (and, of course, if you are not a SpamCop.net e-mail customer and your ISP/e-mail provider is not using the block list, even getting the offending IP address on the block list will not have any affect on your spam).

I also want to thank the entire SpamCop team for it's great efforts reducing spam for everyone &  specially Wazoo for replying to my post so qiuckly

<snip>

...Yep, Wazoo is one of the best! :) <g>

Link to comment
Share on other sites

So it's up to me to find out if www.national-net.com is a real Web Hosting company or Provider & not just a fake website used by the Spammer ?

That the parser found the address, DNS, and domain in all the look-ups suggests that this wouldn't be a fake web-site ... technically, this address is the registered host of any web-site referenced . . .

<snip>

...Please correct me if I'm wrong, Wazoo (and other experts) but I don't see this as safe. Just because a URL is verified as being a "real" (not fake) URL doesn't mean that sending un-munged data to an associated e-mail address would keep the data from being exploited by spammers or other evil-doers, does it?

Well, I was actually going with the original phrase of "fake" web-site in that part of the flow. But, to answer the query, yes, you are correct that hitting the wrong ISP may in fact allow the unmunged data to flow back to the bad guys .... but, the obvious flip side is that the bad guys already had your address, that's how you got the spam in the first place <g> .... A few years back, there were a number of spammers that would take a complaint seriously, especially if it caused the ISP to pull the plug, and "revenge" was an option taken (believe me, experience talking here <g>) ... but in all honesty, I haven't managed to tick off a spammer like this in a heck of a long time. One of the few "bad" things that happens these days is managing to have your address as the forged From: / Reply To: of the day/week/month ... but I believe that this is more the bad luck of some randomizer being used in some scummy software ... The last half-dozen folks I've dealt with locally that had this happen to them had never heard of SpamCop, and only "just hit delete" on their spam after being told by their ISP that there was nothing else they could do about it (I'm headed over to this outfit tomorrow to talk to the new owners <g>)

...Yep, Wazoo is one of the best!  :) <g>

You guys are going to have to stop this .. This old retired military guy isn't used to having these kinds of things said about him <g> But thanks all the same ..

Link to comment
Share on other sites

<snip>

...Yep, Wazoo is one of the best!  :) <g>

You guys are going to have to stop this .. This old retired military guy isn't used to having these kinds of things said about him <g> But thanks all the same ..

...Well, I stand by my statement. OTOH, I notice that no one has seconded my remark. :) <g>

Link to comment
Share on other sites

<snip>

...Yep, Wazoo is one of the best!  :) <g>

You guys are going to have to stop this .. This old retired military guy isn't used to having these kinds of things said about him <g> But thanks all the same ..

...Well, I stand by my statement. OTOH, I notice that no one has seconded my remark. :) <g>

I second that!

Link to comment
Share on other sites

I suggest NOT sending unmunged reports. I tried this and for some "unknown" reason my spam quadrupled. And not just spam...Filthy nasty spam. I am of the opinion that I sent an unmunged report to a spammer or administrator who took offense to being reported and "retaliated" in some fashion. I used to always check the box to send these...but after some time learned not to do this. And since I stopped my spam has almosted stopped as well. The problem is you don't know if the "administrator" is either a spammer or in cahoots with the spammers. This is just what I have expirienced with this.

Link to comment
Share on other sites

Okay , it's me again .

One day later , 10 virusses richer ( lucky i have a Mac ) 1 yess the spam didn't stop but multiplied .

DON'T SEND UNMUNGED REPORTS !!!!!!!!!!! NEVER AGAIN :(

So i guesh they gave my info to the spammer or i have sended an unmunged report to it myself

I guesh the spammer hates me now so i'm lucky it sends me only 5 spams instead of 1 , could have been hundreds . It probably thinks i'm sobigged right now .

4 of the Spams did accept unmunged reports however , but the 1 that don't is still there & i wont send them unmunged reports nomore .

So what is NeXT ???

Link to comment
Share on other sites

One thing you might check is whether there are grounds for "third party reporting" - check out The banspam/javawoman page. If it's porn and if any of the "participants" looks to be under 18 (I know, you don't look) there are several European agencies that might take an interest. The list of reporting agencies actually seems to be growing, could be worth checking from time time even if there is nothing useful there just at the moment.

Just a thought ...

Link to comment
Share on other sites

I'm sending the unmunged ( i got it right this time , but i must admit being Dutch speaking mungling sounded better then munging :) ) reports

I'm almost tempted to post a poll on whether we should adopt mungling in preference to munging .

I quite like the verb 'to mungle'

:lol:

Andrew

Link to comment
Share on other sites

3 Days after the receiving the virus mails ( only the 1ste day ) and new spams , the spams are decreasing again & the original spam that didn't want the mung(l)ed reports that spam stopped too .

So after that webhost company gave my unmung(l)ed report to the spammer they disided to cancel his account ? Would have been nice if they removed my adress before they gave copies to him .

Once again , lucky i'm a Mac user , if i used Windows i was surely been beagled by him ( well not true , cause i would use firewall , anti-virus & the latest security patches , still on Windows you never seem to be save )

Ps ; i don't dislike Windows , but i know that everyone i knows with it isn't using the latest sec patches & their Anti Virus are outdated or not there , so i'm sure that is affecting my view on Windows

For now i'm receiving 6 spams ( daily ? , 4 of them are identical ) , but they accept mung(l)ed reports , i hope they use them well ; & no more virus containing mails ( he's probably sure he f[at]#ked up my computer )

Maccampus

Link to comment
Share on other sites

PS ; It was me too who has posted it in the newsgroups , i'm glad i posted it here too for 2 reasons. Great responds time & a more clarifiing asnwer then in the newsgroup . You can see it was me since i posted there under the same name

Wow! That's an interesting comment, and much appreciated by the folks "over here"

Link to comment
Share on other sites

Ps ; i don't dislike Windows , but i know that everyone i knows with it isn't using the latest sec patches & their Anti Virus are outdated or not there , so i'm sure that is affecting my view on Windows

While it is undoubtedly exciting to imagine a vengeful spammer, this is far more likely to be the origin of your virus attacks.

Please do have a look at third party reporting per the link I gave earlier (before we got carried away with the sheer poetry of your new verb :-)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...