Jump to content

Name Server for Spamvertized Website


agsteele

Recommended Posts

Posted

I'm sure somebody will tell me that the reporting to Name Servers of Spamvertized Websites has been around since the earliest days but... I've only recently noticed that some reports include such a section.

Seems a good idea but I'm concerned that the submission report doesn't make clear which website is involved.

It seems to me that it would be more helpful - especially in avoiding false reports - if the information line could say something like

123.123.123.123 Name Server for Spamvertized Website (somedomain.com)

Then I could be sure that I'm not sending a report to the name servers for cnn.com or similar innocent bystanders. As it is the process of checking the validity of these reports is somewhat difficult.

The last thing I want to do is create even more hassle for those whose domain names are selected for inclusion in spam without their knowledge. :blink:

Or maybe I'm missing something.

Andrew

Posted

Generally, the issue you're pointing out is something currently raised over in the newsgroups also .. it appears to be results from the last set of code changes Julian put in place, along side the additional code to work around the too-many-links issues ... personally, I'd say that this new code is still undergoing some testing and work ... but, that's just me ..

I've no idea how you're seeing the parse results (or seeing tham at all) .. I can only answer from one that stil uses the paste-it-in-here box with "show tech details" on .... so I can see what's happening and where ... then again, I don't submit that much spam through SpamCop ... it's usually parsing other folk's spam so I can try to figure our where the issues in that submittal went wrong ...

Posted

OK, here's an example just processed...

Re: 221.143.42.30 (Name server for spamvertised domain)

To: nospam[at]hanaro.com (Notes)

To: spamrelay[at]certcc.or.kr (Notes)

Re: 24.126.124.15 (Administrator of network where email originates)

To: abuse[at]comcast.net (Notes)

Re: 24.126.124.15 (Third party interested in email source)

To: Cyveillance spam collection (Notes)

Re: 61.250.93.207 (Name server for spamvertised domain)

To: abuse[at]epnetworks.co.kr (Notes)

To: spamrelay[at]certcc.or.kr (Notes)

To: spamcop[at]kisa.or.kr (Notes)

To: postmaster[at]epnetworks.co.kr (Notes)

THe problem I now have is do the reports for 221.143.42.30 and 61.250.93.207 relate to real spam or innocent bystanders? That's why I suggested that actual spamvertised comain name appear eg:

Re: 61.250.93.207 (Name server for spamvertised domain - somedomain.net )

Just a thought...

Andrew

Posted

OK, I see what you are saying, but ... it is hard to make a statement without seeing the spam & parse in total ...

On the other hand, using the "single line" version of the web-based form, which doesn't use the entire / same parse code of the main spam parser, the results offered are the same for both of the IP's. So it may really amount to that the side-note of "Name server for spamvertised domain" is possibly a bit of debug code and not meaning exactly what it reads ... maybe nothing more than a distraction as far as the results are concerned? Maybe it's that I don't know how these specific IPs were derived? Or are we back to the difference between an e-mail submittal response and the web-based parse with full tech details shown?

Posted
maybe nothing more than a distraction as far as the results are concerned?  Maybe it's that I don't know how these specific IPs were derived?  Or are we back to the difference between an e-mail submittal response and the web-based parse with full tech details shown?

It may well be a distraction or some experimental text. I, too, don't know much about the current logic...

The messages all apear to be ones caught in flat rate mail account held folder. I submit using the 'Queue for reporting (and move to trash)' option. Then the list as provided appears.

Anyhow, I've made my observations. I'm certainly not complaining. Just trying to think of ways to improve the accuracy of the reporting and avoid false positives <_<

Andrew

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...