Morg2 Posted March 22, 2016 Share Posted March 22, 2016 Lately almost half the spam I've gotten has been traced back to "mit.edu", which according to the Spamcop reports, has asked indefinitely to not receive any reports. I can see some spammer-haven ISP not wishing to be bothered dealing with their scum tenants, but a respectable university? How does it make sense that they wouldn't want to root out the abusers and punish them for messing with the name? Just curious if anyone can explain the philosophy of that. Here's the lines from a recent report: Using abuse net on arin-mit-security[at]mit.eduabuse net mit.edu = abuse[at]mit.eduUsing best contacts abuse[at]mit.edu ISP does not wish to receive reports regarding http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd- no date available http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtdhas been appealed previously. Link to comment Share on other sites More sharing options...
Dave_L Posted March 22, 2016 Share Posted March 22, 2016 It might be helpful for you to post a Tracking URL for one of the problematic spams that you're tried to report. Link to comment Share on other sites More sharing options...
spinner Posted March 24, 2016 Share Posted March 24, 2016 I could be wrong but what they don't want reports about is the "document type", in most web pages you have a statement saying what standard the page is supposed to adhere to and that statement can also say where there is something that defines that standard. Its not their fault a spammer pointed to it. Link to comment Share on other sites More sharing options...
Dave_L Posted March 24, 2016 Share Posted March 24, 2016 Spinner, that makes sense. And if Morg2 posts a Tracking URL so that we can see the actual spam email, it could be confirmed. Link to comment Share on other sites More sharing options...
Morg2 Posted March 24, 2016 Author Share Posted March 24, 2016 Here's just a couple from today: https://www.spamcop.net/sc?id=z6223183725z1e2ac85494511deb7e0ce4ece0d8d9dfz http://www.spamcop.net/sc?id=z6223183722z1a0b20bb836888fd81e646a38cc2d12ez Mean anything to you guys? Link to comment Share on other sites More sharing options...
Lking Posted March 24, 2016 Share Posted March 24, 2016 Thank you for the Tracking URLs. They confirm what Spinner stated, http://www.w3.org/is the domain of The World Wide Web Consortium. Every webpage should include a reference, similar to, http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtdidentifying the HTML standards used. Many websites that make a point of complying with the W3C standards, include on their pages a badge and link to the standards and the W3C validator, similar to: <a href="http://validator.w3.org/check"> <IMG src="http://www.w3.org/Icons/valid-html401" alt="Valid HTML 4.01 Transitional"> </a> Obviously, W3 does not want to receive reports if a spammer includes a reference to their website/domain. Others in a similar situation would be someone like the "New York Times." At one time it was common for spammers to include references to news stories implying validity of the clams for the snake oil they are trying to sell. Link to comment Share on other sites More sharing options...
hank Posted April 19, 2016 Share Posted April 19, 2016 Late to the topic, same question -- I looked at his tracking URLs but the reports must have changed since you looked at them on March 24th, no mention there of W3. So did he just remove the W3 site from his report, and then it went through OK? Link to comment Share on other sites More sharing options...
Dave_L Posted April 19, 2016 Share Posted April 19, 2016 Hank: I just looked at those two tracking URLs, and they both contain text like this: Resolving link obfuscation http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd Tracking link: http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd No recent reports, no history availableISP does not wish to receive report regarding www.w3.orgHost www.w3.org (checking ip) = 128.30.52.100Resolves to 128.30.52.100Routing details for 128.30.52.100Cached whois for 128.30.52.100 : arin-mit-security[at]mit.eduUsing abuse net on arin-mit-security[at]mit.eduabuse net mit.edu = abuse[at]mit.eduUsing best contacts abuse[at]mit.edu ISP does not wish to receive reports regarding http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd - no date available http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd has been appealed previously. Link to comment Share on other sites More sharing options...
Lking Posted April 19, 2016 Share Posted April 19, 2016 hank if you scroll to the bottom of the parsing of each tracking URL you will see where the parser identified W3. Without bothering to decode the body of the spam, I assume the link can be found in poorly constructed html there. If the html in the body of the email was properly formed the parser would not have picked up the standard referenced in the html <head> Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.