Jump to content

Spamcop says "No date" -- why?


Recommended Posts

I'm trying to report a "work at home" spam (probably money mule recruiting). Spamcop refuses to report it saying there's no date. Actually there is a Date: header, but with a date in the future. My guess is that's confusing spamcop.

If I look at the unsubmitted report, it doesn't show that message any more.

Why is Spamcop trusting the easily forgeable Date: header? The only definitive time is in the last trusted Received; header

Here's the headers:


Delivered-To: xxx
Received: by with SMTP id 96csp1236652otn;
        Thu, 23 Mar 2017 23:31:53 -0700 (PDT)
X-Received: by with SMTP id v1mr6839450qtb.166.1490337113378;
        Thu, 23 Mar 2017 23:31:53 -0700 (PDT)
Return-Path: <wsvz657ttt@sneakemail.com>
Received: from sneak2.sneakemail.com (sneak2.sneakemail.com. [])
        by mx.google.com with ESMTP id 6si1010792qke.169.2017.
        for <jonathanrynd@gmail.com>;
        Thu, 23 Mar 2017 23:31:53 -0700 (PDT)
Received-SPF: pass (google.com: domain of wsvz657ttt@sneakemail.com designates as permitted sender) client-ip=;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of wsvz657ttt@sneakemail.com designates as permitted sender) smtp.mailfrom=wsvz657ttt@sneakemail.com
Received: from by sneak2.sneakemail.com with SMTP; 24 Mar 2017 06:36:50 -0000
Received: by LITEMAIL51.bigfoot.com (LiteMail v3.03(LITEMAIL51)) with SMTP id 1703232330_LITEMAIL51_7016201_1521331;	Thu, 23 Mar 2017 23:31:50 -0700
Received: from []:16931 [ident-empty]	by litemail22.bigfoot.net with TPROXY id 1490337048.8956	abuse-to abuse@bigfoot.com
From: "o.kunkel-at-vallotech.ch |bigfoot jrr7/send to gmail|" <wsvz657ttt@sneakemail.com>
To: xxx
Date: 24 Mar 2017 19:13:59 +0600
MIME-Version: 1.0
Subject: 5490
Message-ID: <58D52137.1928.989BE7@o.kunkel.vallotech.ch>
Priority: normal
X-Mailer: Pegasus Mail for Windows (4.52)
Content-Type: multipart/alternative; boundary="Alt-Boundary-96327.0718144"
X-Sneakemail-Label: bigfoot jrr7
X-Sneakemail-Address: gfcpuhg02@sneakemail.com
X-Sneakemail-Tag: send to gmail
X-Sneakemail-From: <o.kunkel@vallotech.ch>
X-Sneakemail-Is-Sneakemail: yes
X-Sneakemail-Folder-Path: /Desktop


Link to comment
Share on other sites

Of course a Tracking URL would have been nice, so everyone could see what the parser did.

Also that would have avoided revealing your email address(es) in the TO:  and Delivered-To: lines. (your welcome).

The parser is not interested in the Date: line in the header, which can easily forged by the spammer.  If you look at the first Received: lines (just above the From: line) you will see it does not have a date.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...