edrach Posted June 14, 2004 Share Posted June 14, 2004 I recently received spam email which slipped past your filters so I submitted it by forwarding to the address for doing same. The autoreply did not recognize it as spam and returned an error message. This spam is unique in that both the to: and from: address are entered as my address; also the spam is either in Spanish or Portugeuse neither of which I speak. I've gotten a 2nd spam of the same nature (i.e. identical to: and from:) and would like to know how to submit it so that it gets reported and that similar spam doesn't make it past your filters and into my mailbox. Thanks otherwise for an excellent service. Copy of received spam below: SpamCop encountered errors while saving spam for processing: SpamCop could not find your spam message in this email: Return-Path: <edrach[at]spamcop.net> Received: from vmx1.spamcop.net (sc-smtp1.verio.ironport.com [192.168.12.81]) by sc-app1.verio.ironport.com (Postfix) with ESMTP id 69C5BA674BC for <submit.jsg1kds514l4tgf6[at]spam.spamcop.net>; Fri, 11 Jun 2004 13:39:06 -0700 (PDT) Received: from sccrmhc13.comcast.net (204.127.202.64) by vmx1.spamcop.net with ESMTP; 11 Jun 2004 13:39:05 -0700 Received: from homer4 (c-24-16-87-222.client.comcast.net[24.16.87.222]) by comcast.net (sccrmhc13) with SMTP id <200406112039050160081qfve>; Fri, 11 Jun 2004 20:39:05 +0000 Message-ID: <002401c44ff3$4ac5a2d0$6400a8c0[at]homer4> Reply-To: "Ed Rachner" <edrach[at]spamcop.net> From: "Ed Rachner" <edrach[at]spamcop.net> To: <submit.jSG1Kds514l4TGf6[at]spam.spamcop.net> Subject: Fw: Equipe! SERASA seu CPF/CGC consta pendencia financeira! Date: Fri, 11 Jun 2004 13:33:01 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0021_01C44FB8.9E098FA0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 This is a multi-part message in MIME format. ------=_NextPart_000_0021_01C44FB8.9E098FA0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable S E R A S ASomehow this managed to find its way past your filters. = Hopefully I submitted it correctly. --Ed-- ----- Original Message -----=20 From: edrach=20 To: edrach=20 Sent: Friday, June 11, 2004 9:36 AM Subject: Equipe! SERASA seu CPF/CGC consta pendencia financeira! O sistema SERASA est=E1 lhe comunicando que seu CPF consta no nosso = sistema por motivo de pendencia financeira! se voc=EA efetuou a regulariza=E7ao, favor desconsiderar.=20 veja abaixo o relato das pedencias. Para ver as pedencias e necessario baixar o arquivo de relatos = financeiro.=20 SRPF - Sistema Relato de Pendencias Financeiras. sistema SERASA compromisso com seu nome. equipe! SERASA ------------------------- diretor SERASA: Manoel Rocha> e-mail manoel_rocha[at]mandic.com.br ------=_NextPart_000_0021_01C44FB8.9E098FA0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE>S E R A S A</TITLE> <META http-equiv=3DContent-Language content=3Dpt-br> <META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR> <META content=3DFrontPage.Editor.Document name=3DProgId> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>Somehow this managed to find its way = past your=20 filters. Hopefully I submitted it correctly. --Ed--</FONT></DIV> <DIV style=3D"FONT: 10pt arial">----- Original Message -----=20 <DIV style=3D"BACKGROUND: #e4e4e4; font-color: black"><B>From:</B> <A=20 title=3Dedrach[at]spamcop.net href=3D"mailto:edrach[at]spamcop.net">edrach</A> = </DIV> <DIV><B>To:</B> <A title=3Dedrach[at]spamcop.net=20 href=3D"mailto:edrach[at]spamcop.net">edrach</A> </DIV> <DIV><B>Sent:</B> Friday, June 11, 2004 9:36 AM</DIV> <DIV><B>Subject:</B> Equipe! SERASA seu CPF/CGC consta pendencia=20 financeira!</DIV></DIV> <DIV><BR></DIV> <P><IMG height=3D46 src=3D"http://netcards.webcindario.com/serlogo.gif" = width=3D130=20 border=3D0><BR></P> <P>O sistema <FONT color=3D#0000ff>SERASA</FONT> est=E1 lhe = comunicando=20 que seu CPF consta no nosso sistema por motivo de pendencia = financeira!</P>se=20 voc=EA efetuou a regulariza=E7ao, favor desconsiderar.=20 <P class=3DMsoNormal>veja abaixo o relato das pedencias.</P> <P class=3DMsoNormal>Para ver as pedencias e necessario baixar o arquivo = de=20 relatos financeiro. <BR><BR><A=20 href=3D"http://kkbuenomidiacia.vila.bol.com.br/umcartparavc.zip">SRPF - = Sistema=20 Relato de Pendencias Financeiras.</A><BR><BR>sistema SERASA compromisso = com seu=20 nome.<BR><BR>equipe! = SERASA<BR><BR><BR>-------------------------<BR>diretor=20 SERASA: Manoel Rocha><BR>e-mail = manoel_rocha[at]mandic.com.br</P></BODY></HTML> ------=_NextPart_000_0021_01C44FB8.9E098FA0-- The email which triggered this auto-response had the following headers: Return-Path: <edrach[at]spamcop.net> Received: from vmx1.spamcop.net (sc-smtp1.verio.ironport.com [192.168.12.81]) by sc-app1.verio.ironport.com (Postfix) with ESMTP id 69C5BA674BC for <submit.jsg1kds514l4tgf6[at]spam.spamcop.net>; Fri, 11 Jun 2004 13:39:06 -0700 (PDT) Received: from sccrmhc13.comcast.net (204.127.202.64) by vmx1.spamcop.net with ESMTP; 11 Jun 2004 13:39:05 -0700 Received: from homer4 (c-24-16-87-222.client.comcast.net[24.16.87.222]) by comcast.net (sccrmhc13) with SMTP id <200406112039050160081qfve>; Fri, 11 Jun 2004 20:39:05 +0000 Message-ID: <002401c44ff3$4ac5a2d0$6400a8c0[at]homer4> Reply-To: "Ed Rachner" <edrach[at]spamcop.net> From: "Ed Rachner" <edrach[at]spamcop.net> To: <submit.jSG1Kds514l4TGf6[at]spam.spamcop.net> Subject: Fw: Equipe! SERASA seu CPF/CGC consta pendencia financeira! Date: Fri, 11 Jun 2004 13:33:01 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0021_01C44FB8.9E098FA0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Link to comment Share on other sites More sharing options...
agsteele Posted June 14, 2004 Share Posted June 14, 2004 Hi Ed! Typically posting spam examples is discouraged except in the spamcop.spam newsgroup. However, as best I can tell, you haven't posted the actual headers of the original message. The headers you have provided look to be the headers you have generated forwarding the message to Spamcop for filtering. If anyone is going to be able to assist you I think you will need to provide the headers from the original message. I can't tell for sure but it also looks like you might have forwarded the message without including the full message headers. Perhaps a slip in choosing the forwarding options within your mail program. I don't use Outlook Express but if you get any more of this spam try re-submitting. Sadly this current example is out of time. Andrew Link to comment Share on other sites More sharing options...
edrach Posted June 16, 2004 Author Share Posted June 16, 2004 Andrew, thanks for the reply. Sorry, I wasn't aware of the "ettiquette" of not posting spam examples but wasn't sure of how to get my point across. Also, I'm not sure about having not sent the headers; I did forward the entire message from OE to the address given so I'm not sure how to address that problem. I'll ask my kid who's much more adept at this than I am (generally, I only know enough to keep myself out of trouble). What I did notice, and I suspect that this is how the spammer got through the filters, is that he put my email address in as the return address. I thought that was pertinent. I appreciate the clarification and will try to work out the details later. I did get one more piece of spam with my return address, but I held off on submitting it until I find how to properly forward it. ---Ed--- Link to comment Share on other sites More sharing options...
turetzsr Posted June 16, 2004 Share Posted June 16, 2004 Hi, edrach, ...Another bit of netiquette that would be good to bear in mind is that it is considered good practice to look through FAQs and use "Search" capabilities. Performing a Search (there's a link so labeled at the top of almost all screens in these fora) on "Express" for "SpamCop Discussions" I see several hits, including Miss Betsy's reply in thread "spam, new member". Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.