DrGaellon Posted August 14, 2004 Share Posted August 14, 2004 This morning I noted that emails I forwarded to my submit.XXXX[at]spamcop.net address were being reported to 'routes1[at]routes.spamcop.net' and to no other addresses. What is that about? Link to comment Share on other sites More sharing options...
dbiel Posted August 14, 2004 Share Posted August 14, 2004 Will have to wait for someone with specific information about the routes address but as far as why it is not going anywhere else, we will need more information from you. How are your reporting spam and how are your preference set up. Reporting as a mole yields one result, Reporting with address munged yields another result, Reporting without munging yields another result, Quick reporting yields yet another result. (this would not apply here due to the "submit" address). Link to comment Share on other sites More sharing options...
Wazoo Posted August 14, 2004 Share Posted August 14, 2004 A tracking URL would have allowed for a more specific answer. Lacking that data, I'll just repeat the generic answer offered up over in the newsgroups .... From back on 6 Aug 04 ... From time to time and for various reasons you may encounter reporting addresses that are "internal" to SpamCop. Some of these addresses are <name>[at]admin.spamcop.net and some are, more recently, [at]routes.spamcop.net. Some of these special addresses are further procmailed to not publicly known addresses at ISPs. You may see these addresses come and go or they may remain for quite a while. You should not draw any particular or paranoid conclusions from seeing them :-) Ellen Link to comment Share on other sites More sharing options...
newhorizon Posted September 22, 2004 Share Posted September 22, 2004 Some of these special addresses are further procmailed to not publicly known addresses at ISPs. Maybe I'm not fully understanding, but let me ask: why conceal ISP abuse addresses behind these [at]routes.spamcop.net addresses? Link to comment Share on other sites More sharing options...
Wazoo Posted September 22, 2004 Share Posted September 22, 2004 Please re-read Ellen's comments. "not publicly known" kind of suggests something to me ... in the past, such addresses included specific staff folks at an ISP, just as an example .... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted September 22, 2004 Share Posted September 22, 2004 An ISP can use special handling of spamcop reports because they know they are in a specific format and know all the needed data is available in the message. Maybe they place a higher priority on the spamcop reports. Maybe they have an automatic ticketing system that parses the information and brings any IP with more than 1 spamcop report to the attention of someone who knows what to do with that information. The ISP wants reports sent only from spamcop to be received at this address so they are not mixed in with mom and pop forwarding the body (with no headers) making their job harder. I'm sure the abuse addresses also get a fair share of their own spam, I know the one I monitor sure does. Basically, an ISP has asked spamcop to provide reports in a specific path. Spamcop is trying to help that ISP, who went out of their way to create that path, to follow their wishes. These are the ISP's who will probably do something about their problem. Link to comment Share on other sites More sharing options...
newhorizon Posted September 22, 2004 Share Posted September 22, 2004 Ah, gotchya. Good reason. Historically, I've found SpamCop useful not only for sending abuse reports, but for simply determining an externally-valid abuse address (by typing ONLY the IP address or the domain name into SC's text box). With SC sometimes using non-public addresses only, this usefulness seems to be fading. I guess I'll stick to http://www.abuse.net/lookup.phtml (but it doesn't allow IP addresses). No need to reply - just kvetching. Link to comment Share on other sites More sharing options...
Wazoo Posted September 22, 2004 Share Posted September 22, 2004 Note that generally, a reputable ISP will usually include an abuse type address within the WHOIS registration data. Some sources for doing an on-line WHOIS look-up are found within the FAQ here under the "other places" section if you don't have this function available .... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.