Jump to content

Yahoo spam empty message spam in subject.


mrfrench

Recommended Posts

Posted

I've been receiving a new type of spam lately - spam where the entire spam message is in the "Subject" field.  Because of this, Spamcop's email reporting process rejects the message because: "No body text provided, check format of submission. spam must have body text."

I've received several of these this week, and I think it's something the spammers have started doing in order to get past spam blocking and spam reporting software since most software typically ignores the "Subject" field.  I think the Spamcop software needs to be changed to look at the length of the subject field if there's no body and to parse that field as if it were message body text if it's greater than some amount like 80 characters.

A sample message is included so you can see what I'm talking about.

example-spam.pdf

Posted

See

among others.  I found this using the SEARCH in the upper right, looking for "no body"  Just for future reference.

Posted
10 hours ago, Lking said:

See

among others.  I found this using the SEARCH in the upper right, looking for "no body"  Just for future reference.

Nice idea... except that I do not know how to do this in a way that I can then work with the message in Mac's Mail.  That is, to edit a message I receive, I have to export it, modify and then I can't import it back to Mail (for some reason).  

Regardless, considering the prevalence of this new technique by the spammers, I believe that Spamcop should modify their procedures as stated previously.  We shouldn't have to go through all that trouble (to add a fake body) just to get Spamcop to process the message... and even if we did add a fake body, Spamcop still wouldn't parse through the "Subject" field to find links and websites used by the spammers so that those ISPs can receive the spam report as well.  

Posted

If you submit the spam using the SpamCop website, after cutting and pasting the spam into the submission window, you can then type in the needed "body".

As the saying goes, "There is nothing new under the sun." This type of spam has been around a while, although I have not see one in some time.

The problem with building a parser that tries to account for every (any) variation of a miss formed spam is that that would lead to possible errors.  To retain its integrity, SpamCop MUST only report verifiable sources and links.  By trying to interpret an email that does not conform to standards is potentially frat with errors.  An email application, like on you Mac, on the other hand, tries its best to display any and every email it receives whither it conforms to standards or not.  You, any user, would/does complain if an email is not displayed for some minor formatting error.  If the email app tries and gets it wrong there is nothing is lost, and the user MAY be able to figure out what was intended.  No senders reputation is impinged.  It is better to throw a few of the 200,000+ spam on the floor then make an error.  Or at least that is my interpretation of SpamCop's approach.

Reporting links normally found in the body of spam, is the lowest priority for SC.  First, identify the source of the spam, to build a viable block list. Second, send reports to appropriate IPS as a courtesy, assuming the will want to "clean-up their act."  Third, identify abuse addresses for links in the body so that those ISPs can also be informed that their services are being used by spammers.

Posted
They just moved the content of the spam to the subject. Kind of annoying that they get away with this.

Return-path: (Snip my isp info)

Received: from [27.123.206.58] by tm3.bullet.mail.tp2.yahoo.com with NNFMP; 09 Jul 2016 19:03:25 -0000
Received: from [127.0.0.1] by omp1003.mail.tw1.yahoo.com with NNFMP; 09 Jul 2016 19:03:25 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 998224.51996.bm@omp1003.mail.tw1.yahoo.com
X-YMail-OSG: ..CFfekLUzvwa8T4VXu8e.yOFUK.JRYg5Zd.7ElMSOw-
Received: from jws11017.mail.tw1.yahoo.com by sendmailws106.mail.tw1.yahoo.com; Sat, 09 Jul 2016 19:03:24 +0000; 1468091004.171
Date: Sat, 9 Jul 2016 19:03:23 +0000 (UTC)
From: Sir Richard Liam <barrettjohn941@yahoo.com.tw>
Reply-To: Sir Richard Liam <barr_gilbert.j_esq.org@outlook.com>
Message-ID: <1089758370.44268.1468091003693.JavaMail.yahoo@mail.yahoo.com>
Subject: You will be receiving 2500 dollars twice daily from your total
 winning of 750.000.00 dollars. Contact barrister Gilbert Jean with your
 full details where the funds will be sent once your fund release order file
 is signed by Accredited Attorney Barrister Gilbert. E-mail;{
 barr_gilbert.j_esq.org@outlook.com } Thanks, Sir. Richard Liam
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
References: <1089758370.44268.1468091003693.JavaMail.yahoo.ref@mail.yahoo.com>
Content-Length: 0

Edit; Spamcop's report says

 

Tracking message source: 203.188.201.54:

Routing details for 203.188.201.54
[refresh/show] Cached whois for 203.188.201.54 : abuse@yahoo.com
network-abuse@cc.yahoo-inc.com redirects to spamcop@mailservices.yahoo.com
Using best contacts spamcop@mailservices.yahoo.com

Yum, this spam is fresh!

Message is 0 hours old
203.188.201.54 not listed in cbl.abuseat.org
203.188.201.54 not listed in dnsbl.sorbs.net
203.188.201.54 not listed in accredit.habeas.com
203.188.201.54 not listed in plus.bondedsender.org
203.188.201.54 not listed in iadb.isipp.com

No body text provided, check format of submission. spam must have body text.
Posted

I have started to receive spam with no body, but having a long subject line containing the message, the spam. When I try to report it here, I get the following. My question is why is this type of spam not considered spam? Meaning, why does spam need a message body?

 No body text provided, check format of submission. spam must have body text.

 

Posted
22 hours ago, Lking said:

If you submit the spam using the SpamCop website, after cutting and pasting the spam into the submission window, you can then type in the needed "body".

As the saying goes, "There is nothing new under the sun." This type of spam has been around a while, although I have not see one in some time.

The problem with building a parser that tries to account for every (any) variation of a miss formed spam is that that would lead to possible errors.  To retain its integrity, SpamCop MUST only report verifiable sources and links.  By trying to interpret an email that does not conform to standards is potentially frat with errors.  An email application, like on you Mac, on the other hand, tries its best to display any and every email it receives whither it conforms to standards or not.  You, any user, would/does complain if an email is not displayed for some minor formatting error.  If the email app tries and gets it wrong there is nothing is lost, and the user MAY be able to figure out what was intended.  No senders reputation is impinged.  It is better to throw a few of the 200,000+ spam on the floor then make an error.  Or at least that is my interpretation of SpamCop's approach.

Reporting links normally found in the body of spam, is the lowest priority for SC.  First, identify the source of the spam, to build a viable block list. Second, send reports to appropriate IPS as a courtesy, assuming the will want to "clean-up their act."  Third, identify abuse addresses for links in the body so that those ISPs can also be informed that their services are being used by spammers.

Your argument makes some sense but not completely.  I'm not asking for Spamcop to process every form of malformed mail.  I'm asking for very specific action on a very specific problem that appears to be prevalent.  Secondly, while reporting links found in the body of spam may be the lowest priority (and I'd agree with that assessment), it is certainly, IMO, very wrong for the spammers to be able to spew their junk without penalty.   Even if the body is empty, the headers can still be scanned to see where the message originated and that site informed of the user's probable violation of the Terms of Service (or a hole in their security).

Why would it be so hard for Spamcop to process the headers as normal even if the body text is empty?  Isn't "empty" spam still spam?  Even if the subject line was short, why can't it still be spam?  A message with the Subject "Go to http://spammers.paradise.org to get your free Viagra without prescription" would still be spam that should be reported even if the body text were empty.

As others suggested, even if Spamcop didn't want to process the headers automatically by default, would it be so hard to add another layer where the report asks you to check a box acknowledging that the body text was empty but verifying that it is still spam?  And, if the box is checked and you check "Submit reports" the reports should still go to the ISP where the spam originated.

Finally, I object to my message having been moved to another thread without consultation, especially since I have seen this spam originate from other sites beside Yahoo.  The Yahoo spam I posted was just one example.  If someone has this problem with spam from another site and searches to look for answers here, they could miss this discussion.

Posted

Is there any point in posting suggestions regarding changes to the reporting system here? I haven't seen any indication in years that anyone who can implement them pays attention to them.

Posted

spam with no body text Blank spam blizzard   and others.

As noted back in 2008, the distinction between a spam w/o a body, and a spam that is incorrectly submitted for any of several reasons, is not reliably detectable.

When working in an environment with limited resources, those resources (analysis/programmer time) need to be allocated to priority issues.  Addressing situations such as "no address found," munging submitter's name, protection against direct attacks on SC, etc.  IMHO would have higher priority than the issue you identify, which has an identified work-around in place.

Of course your suggestion for a change/new feature can be submitted in the forum New Feature Request

To merge several (three) new threads that are related, to avoid the discussion becoming segmented/redundant. As a volunteer Admin that was my call. Sorry.

Dave_L True they seems to be few and far between. But reviewing "New Feature Request" I do see some suggestions marked Resolved.  Looking at the subjects, I also think I see some suggestions that seem to have been quietly implemented.  A continuing voiced frustration.

Posted

Ditto, as i have been getting from two to five of these a day for the past week.  I'm just asking for SpamCop not to ignore these type of messages, as if they are not spam.  After all, per Wikipedia: spam - unsolicited or undesired electronic messages.  

No where (except SpamCop) have I seen the definition of 'spam' to be unsolicited or undesired electronic messages that contains text within the body of the message.

Here's the latest example...

X-Antivirus: Avast (VPS 16071000)
X-Antivirus-Status: Clean
Return-Path: <ubamoneygram48@yahoo.com>
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
	 by sloti34d2t10 (Cyrus 3.0.0-beta3-git-fastmail-13606) with LMTPA;
	 Sun, 10 Jul 2016 18:43:40 -0400
X-Cyrus-Session-Id: sloti34d2t10-3955279-1468190620-2-17243836796815958729
X-Sieve: CMU Sieve 2.4
X-spam-known-sender: no
Subject: {spam 18.1} =?UTF-8?Q?MONEY_GRAM_MONEY_TRANSFER_OFFICE_ADDRESS:_2225_Osborne_R?=
 =?UTF-8?Q?d,_St_Marys,_GA_31558,,_United_States._Hours:_OFFICE_TEL?=
 =?UTF-8?Q?:_(909-589-1121)_for_Call_and_Text_SMS..__Attention_Bene?=
 =?UTF-8?Q?ficiary_!!!!!__The_International_Monetary_Fund_Annual_Com?=
 =?UTF-8?Q?pensation_from_USA_._The_International_Monetary_Fund_(IM?=
 =?UTF-8?Q?F)_is_compensating_some_2015_scam_victims_and_your_email_?=
 =?UTF-8?Q?address_was_found_in_the_scam_victims_list._This_MoneyGr?=
 =?UTF-8?Q?am=C2=AEoffice_has_been___mandated_by_the_IMF_to_transfer_your?=
 =?UTF-8?Q?_compensation_to_you_via_MoneyGram=C2=AE_Money_Transfer_in_US?=
 =?UTF-8?Q?A.__However,_we_have_concluded_to_effect_your_own_paymen?=
 =?UTF-8?Q?t_through_MoneyGram=C2=AE_Money_Transfer,_$2,999USD_pay_Day_u?=
 =?UTF-8?Q?ntil_the_total_sum_of_$1.5Million_is_completely_transferr?=
 =?UTF-8?Q?ed___to_you_the_receiver.__We_can't_be_able_to_wait_or_t?=
 =?UTF-8?Q?o_send_the_payment_with_your_email_address_alone_instead,?=
 =?UTF-8?Q?_we_hereby_need_your_information_to_where_we_will_be_sen?=
 =?UTF-8?Q?ding_the_funds._You_Can___Text_us_and_fill_below_Informat?=
 =?UTF-8?Q?ion_Or_contact_us_via_email.__(Receivers_name)..........?=
 =?UTF-8?Q?.._(Country)......................_._(_Address).........?=
 =?UTF-8?Q?............._.........._(Direct_Mobile_Phone_Number)...?=
 =?UTF-8?Q?.................._(Your_Age..........................._.?=
 =?UTF-8?Q?......_(ID_copy)............._..................__Note_t?=
 =?UTF-8?Q?hat_your_payment_files_will_be_returned_to_the_IMF_within?=
 =?UTF-8?Q?_2hours_if_we_did_not_hear_from_you_because_this_was_the?=
 =?UTF-8?Q?_instruction_given_to_us_by_the_IMF_office_here___in_Geor?=
 =?UTF-8?Q?gia,_USA._We_will_start_the_transfer_as_soon_as_we_recei?=
 =?UTF-8?Q?ve_your_information._You_are_hereby_warned_not_to_commun?=
 =?UTF-8?Q?icate_or_duplicate_this_message_for_any_reason___what_so?=
 =?UTF-8?Q?_ever_because_the_US_FBI_is_already_on_trace_of_the_crimi?=
 =?UTF-8?Q?nals_from_Africa.__THANKS,__Mr.ferdinand_Stone._Money_Gr?=
 =?UTF-8?Q?am_Money_Transfer_Office._Address:_2225_Osborne_Rd,_St_Ma?=
 =?UTF-8?Q?rys,_GA_31558,,_United_States._Hours:_Open_today_=C2=B7_8:00_?=
 =?UTF-8?Q?am_=E2=80=93_8:00_pm_OFFICE_TEL:_(90?=
 =?UTF-8?Q?9-589-1121)_for_Call_and_Text?=
X-spam: high
X-spam-score: 18.1
X-spam-hits: ADVANCE_FEE_4_NEW_MONEY 0.001, BAYES_99 3.5, BAYES_999 1.2,
  DEAR_BENEFICIARY 2.731, FREEMAIL_ENVFROM_END_DIGIT 0.25,
  FREEMAIL_FROM 0.001, FREEMAIL_REPLYTO 1, HK_SCAM_N8 3.097,
  LOTS_OF_MONEY 0.001, MISSING_HEADERS 1.021, MONEY_FRAUD_5 2.896,
  RCVD_IN_DNSWL_LOW -0.7, RCVD_IN_UNSUBSCOREBL 1,
  REPLYTO_WITHOUT_TO_CC 1.552, REPTO_QUOTE_YAHOO 0.646,
  RP_MATCHES_RCVD -0.001, SPF_PASS -0.001, LANGUAGES en, BAYES_USED user,
  SA_VERSION 3.3.2
X-spam-source: IP='98.138.90.90', Host='nm27.bullet.mail.ne1.yahoo.com', Country='US',
  FromHeader='com', MailFrom='com'
X-spam-charsets: subject='UTF-8', plain='UTF-8'
X-Resolved-to: xxxxxxxxxxxx
X-Delivered-to: xxxxxxxxxxxx
X-Mail-from: ubamoneygram48@yahoo.com
Received: from mx1 ([10.202.2.200])
  by compute1.internal (LMTPProxy); Sun, 10 Jul 2016 18:43:40 -0400
Received: from mx1.messagingengine.com (localhost [127.0.0.1])
	by mailmx.nyi.internal (Postfix) with ESMTP id 85131DC514
	for <xxxxxxxxxxxx>; Sun, 10 Jul 2016 18:43:40 -0400 (EDT)
Received: from mx1.messagingengine.com (localhost [127.0.0.1])
    by mx1.messagingengine.com (Authentication Milter) with ESMTP
    id BE76B9F584C;
    Sun, 10 Jul 2016 18:43:40 -0400
Authentication-Results: mx1.messagingengine.com;
    dkim-adsp=pass (ADSP policy from yahoo.com);
    dkim=pass (2048-bit rsa key) header.d=yahoo.com header.i=@yahoo.com header.b=R0eRZ4AX;
    dmarc=pass header.from=yahoo.com;
    spf=pass smtp.mailfrom=ubamoneygram48@yahoo.com smtp.helo=nm27.bullet.mail.ne1.yahoo.com
Received-SPF: pass
    (yahoo.com ... _spf.mail.yahoo.com: 98.138.90.90 is authorized to use 'ubamoneygram48@yahoo.com' in 'mfrom' identity (mechanism 'ptr:yahoo.com' matched))
    receiver=mx1.messagingengine.com;
    identity=mailfrom;
    envelope-from="ubamoneygram48@yahoo.com";
    helo=nm27.bullet.mail.ne1.yahoo.com;
    client-ip=98.138.90.90
Received: from nm27.bullet.mail.ne1.yahoo.com (nm27.bullet.mail.ne1.yahoo.com [98.138.90.90])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mx1.messagingengine.com (Postfix) with ESMTPS
	for <xxxxxxxxxxxx>; Sun, 10 Jul 2016 18:42:00 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1468190297; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; h=Date:From:Reply-To:Subject:References:From:Subject; b=R0eRZ4AXGw1oCcS/0Sgm1m2i8mmF+XlfdULFH9JoBTeklt37xwi802gQ9puHK8tCrduxP1f+nxFOgSF2BRty3gUNyjgI7X3LMzPWL2EFzcPyWuGtmzaL+01XEM5uVFh7dejT6cuSyhFq6QqnVuCIyKahC1QBJrzBvc1Uzt6308LlJATkVOLnMQSK8YZ3WJV6fcL/IKpxJSt6EkKcaHKVhM9gRHOchkhtAERxCjzG5SuGzZlJoh7jdJC8qacAlLF3H12kxMAO7LvkzZKToj8Y4MQJewUdPZ55EcMF1U2yMRwkVWLOvESKKMdHuAHscNQWHkNZejNWpqun9pX+9oitYw==
Received: from [98.138.226.179] by nm27.bullet.mail.ne1.yahoo.com with NNFMP; 10 Jul 2016 22:38:17 -0000
Received: from [98.138.89.164] by tm14.bullet.mail.ne1.yahoo.com with NNFMP; 10 Jul 2016 22:37:07 -0000
Received: from [127.0.0.1] by omp1020.mail.ne1.yahoo.com with NNFMP; 10 Jul 2016 22:37:07 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 849367.97911.bm@omp1020.mail.ne1.yahoo.com
X-YMail-OSG: rpMHQCMLUzu9_qbIFx8mWkxns9iyaUQMjBcOMiQlvuMDRH3GUxPK51Mg1kIHHvm
 fWyM352gpNhmb_Q--
Received: from jws100252.mail.ne1.yahoo.com by sendmailws103.mail.ne1.yahoo.com; Sun, 10 Jul 2016 22:37:06 +0000; 1468190226.752
Date: Sun, 10 Jul 2016 22:37:06 +0000 (UTC)
From: "Mr.Fedinand stone" <ubamoneygram48@yahoo.com>
Reply-To: "Mr.Fedinand stone" <ferdinandstone4524@gmail.com>
Message-ID: <2021052873.1546385.1468190226377.JavaMail.yahoo@mail.yahoo.com>
X-spam-orig-subject: =?UTF-8?Q?MONEY_GRAM_MONEY_TRANSFER_OFFICE_ADDRESS:_2225_Osborne_R?=
 =?UTF-8?Q?d,_St_Marys,_GA_31558,,_United_States._Hours:_OFFICE_TEL?=
 =?UTF-8?Q?:_(909-589-1121)_for_Call_and_Text_SMS..__Attention_Bene?=
 =?UTF-8?Q?ficiary_!!!!!__The_International_Monetary_Fund_Annual_Com?=
 =?UTF-8?Q?pensation_from_USA_._The_International_Monetary_Fund_(IM?=
 =?UTF-8?Q?F)_is_compensating_some_2015_scam_victims_and_your_email_?=
 =?UTF-8?Q?address_was_found_in_the_scam_victims_list._This_MoneyGr?=
 =?UTF-8?Q?am=C2=AEoffice_has_been___mandated_by_the_IMF_to_transfer_your?=
 =?UTF-8?Q?_compensation_to_you_via_MoneyGram=C2=AE_Money_Transfer_in_US?=
 =?UTF-8?Q?A.__However,_we_have_concluded_to_effect_your_own_paymen?=
 =?UTF-8?Q?t_through_MoneyGram=C2=AE_Money_Transfer,_$2,999USD_pay_Day_u?=
 =?UTF-8?Q?ntil_the_total_sum_of_$1.5Million_is_completely_transferr?=
 =?UTF-8?Q?ed___to_you_the_receiver.__We_can't_be_able_to_wait_or_t?=
 =?UTF-8?Q?o_send_the_payment_with_your_email_address_alone_instead,?=
 =?UTF-8?Q?_we_hereby_need_your_information_to_where_we_will_be_sen?=
 =?UTF-8?Q?ding_the_funds._You_Can___Text_us_and_fill_below_Informat?=
 =?UTF-8?Q?ion_Or_contact_us_via_email.__(Receivers_name)..........?=
 =?UTF-8?Q?.._(Country)......................_._(_Address).........?=
 =?UTF-8?Q?............._.........._(Direct_Mobile_Phone_Number)...?=
 =?UTF-8?Q?.................._(Your_Age..........................._.?=
 =?UTF-8?Q?......_(ID_copy)............._..................__Note_t?=
 =?UTF-8?Q?hat_your_payment_files_will_be_returned_to_the_IMF_within?=
 =?UTF-8?Q?_2hours_if_we_did_not_hear_from_you_because_this_was_the?=
 =?UTF-8?Q?_instruction_given_to_us_by_the_IMF_office_here___in_Geor?=
 =?UTF-8?Q?gia,_USA._We_will_start_the_transfer_as_soon_as_we_recei?=
 =?UTF-8?Q?ve_your_information._You_are_hereby_warned_not_to_commun?=
 =?UTF-8?Q?icate_or_duplicate_this_message_for_any_reason___what_so?=
 =?UTF-8?Q?_ever_because_the_US_FBI_is_already_on_trace_of_the_crimi?=
 =?UTF-8?Q?nals_from_Africa.__THANKS,__Mr.ferdinand_Stone._Money_Gr?=
 =?UTF-8?Q?am_Money_Transfer_Office._Address:_2225_Osborne_Rd,_St_Ma?=
 =?UTF-8?Q?rys,_GA_31558,,_United_States._Hours:_Open_today_=C2=B7_8:00_?=
 =?UTF-8?Q?am_=E2=80=93_8:00_pm_OFFICE_TEL:_(90?=
 =?UTF-8?Q?9-589-1121)_for_Call_and_Text?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
References: <2021052873.1546385.1468190226377.JavaMail.yahoo.ref@mail.yahoo.com>



To me, it's quite frustrating to by paying for SpamCop, submitting such messages and then be told: No body text provided, check format of submission. spam must have body text. when in fact, what I submitted above is spam as per Wikipedia.

Posted

No one has ever said that these examples were not spam, they are.  the issue is what the parser does with the spam as submitted. A solution, so that the parser will process the spam successfully, has been provided above.

Quote

No where (except SpamCop) have I seen the definition of 'spam' to be unsolicited or undesired electronic messages that contains text within the body of the message.

I believe you are misinterpreting the message. To be a properly formed, the email header is followed by a blank line, followed by the body of the email (the definition of email assumes a body, the normal point of the email  ~ The email format is very old and does not take into account any spammy things.)  That has nothing to do with the definition of spam.  Wikipedia does not address, in the definition of spam, the definition of a properly formed email.  That is something the parser must take into consideration.  The message assumes what you submitted is a spam email.  Therefore, to be properly formatted, the spam (or any email) must follow the header, with a blank line, followed by the body of the email (spam).

Historically, due to all the different email applications for windows, unix, macs, and all the different webmail applications, AOL, Yahoo, google, and different implementation of the same mail application by different providers, in some cases, (outlook I believe) it is necessary to first cut/past in the spam header and then cut/past the spam body.  It is possible in these cases for the submitter to make an error when submitting a spam by not properly including both the spam header and the spam body.  The error message reflects that possibility, not one of an uncounted number of ways spammers try to get their trash through spam filters.

Posted

It has been a while, but I get messages with the message text in the subject every now and again. I suspect that it's partly due to badly configured mass mailers.

I received two earlier today. I didn't notice the lack of body until I'd submitted both by quick reporting, both forwarded as attachments to the one submission email. I was about to resubmit them manually when the notification that they'd been accepted and processed, without a sign of the need for doing the "No body" thing.

Posted

I too have seen a huge uptick in spams with a long subject (like 4KB) and no body lately.  If this is spammers' latest trick to get around SC reporting, it would be nice if SC could handle that.  I like the idea of prompting something to the effect of "No body in email - is that on purpose or did you screw up while submitting it?"  I submitted three of them today as attachments to an email, and still got the "missing body" error (so that's not a fix/workaround for the issue).  It's rather annoying to have to copy/paste/edit each spam manually.

Posted

As stated before in this thread this is NOT "spammers' latest trick to get around SC reporting "  This has been around sense at least 2008.

All reporting is voluntary.  If it is too annoying to report these spam, delete them.

Posted

I have been using SpamCop for several years now and it was only after receiving a large amount of this type of spam this week, did I bother to try and find out just why it could not be reported as spam per the error message that is given.

At the least, I would suggest revising your error message to LINK to a thread like this one for further instructions.  The current error message (No body text provided, check format of submission. spam must have body text.) makes no indication to the casual user that the spam can in fact be reported with a little tweaking.

While the instructions (i.e. Just add: "No text in body" after the header info) do allow one to report such spam, they seem to be in conflict with the statement (i.e. "Do not make any material changes to spam before submitting") found on the Material changes to spam page.  So until I read this thread, I had no idea there was an exception to that rule.  At least now 'I' know, but have to wonder how many others are unaware as I was about this for the past few years.

Thanxx to @Lking for mentioning it!

Posted

kolor:

Did you manually copy the From, Reply-To, Message-ID, Subject, etc., fields into the body? If so, that is not the correct method.

If the body is empty, just add a blank line and then a brief line of text such as "spam has no body".

Posted

The admonition not to make changes to spam is "don't make changes so that SC would find link it would not normally find."  So putting the oversized Subject: line in the body would do that, as Dave_L said.

Posted
4 hours ago, Dave_L said:

Did you manually copy the From, Reply-To, Message-ID, Subject, etc., fields into the body? If so, that is not the correct method.[/quote]

I use Thunderbird and choose Other Actions/View Source, then copy/paste the entire message.

Quote

If the body is empty, just add a blank line and then a brief line of text such as "spam has no body".

Yep, that's what I'm doing!  Works well.

Posted
18 minutes ago, adwade said:

I use Thunderbird and choose Other Actions/View Source, then copy/paste the entire message.

Thunderbird tip:

CTRL+U, CTRL+A, CTRL+C is a quick way of copying the message source to the clipboard.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...