Baboon Posted August 27, 2004 Share Posted August 27, 2004 I get a lot of spam with alternative email addresses in the body or the Reply-To: field. For example for (un)subscribing to more spam or for replying to a scammer. I would like to report such addresses as well, but it does not seem SpamCop gives the opportunity. The body is searched for URL's, but not for email addresses, and the Reply-To: field is not scanned at all. How do I go about reporting such email addresses? Link to comment Share on other sites More sharing options...
turetzsr Posted August 27, 2004 Share Posted August 27, 2004 I get a lot of spam with alternative email addresses in the body or the Reply-To: field. For example for (un)subscribing to more spam or for replying to a scammer. I would like to report such addresses as well, but it does not seem SpamCop gives the opportunity. The body is searched for URL's, but not for email addresses, and the Reply-To: field is not scanned at all. 15914[/snapback] ...There's a good reason for that: fields like "Reply-to:" and "From:" are easily (and frequently) forged, so sending e-mail to those addresses is as often as not going to result in annoying an innocent bystander. Another likely scenario is that they are addresses that are there for the purpose of "tricking" you into replying so that it will clue the spammers into the fact that your e-mail address is a valid one and that you do, in fact, "read" spam e-mails, which could result in your receiving even more spam than you do currently! How do I go about reporting such email addresses?15914[/snapback] ...You can use the SpamCop parser to generate the spam reports to the appropriate addresses and before you send them, click the button labeled "Preview reports," copy a report into a new e-mail, then copy in the "Reply-to" address. However: you should be sure to remove any indication that the message was generated by SpamCop -- it should clearly be "your" complaint, not SpamCop's. ...Again, though, I strongly advise that you take great care to verify that the "Reply-to" address is not either an innocent bystander or one that is likely to result in your receiving even more spam. Link to comment Share on other sites More sharing options...
Merlyn Posted August 27, 2004 Share Posted August 27, 2004 Why would you want to report the "from" or "replyTo" addresses? You know they are fake don't you? Link to comment Share on other sites More sharing options...
turetzsr Posted August 27, 2004 Share Posted August 27, 2004 Why would you want to report the "from" or "replyTo" addresses? You know they are fake don't you? 15916[/snapback] ...Merlyn: you just had to go and restate simply and clearly in 18 words what it took me, in a wonderful, complex and somewhat stilted way, almost 100 words to say! <big g> Link to comment Share on other sites More sharing options...
Merlyn Posted August 27, 2004 Share Posted August 27, 2004 The guy in the .spamcop newsgroup this morning was the best one Sometimes you have to do things with as few words as possible. Many seeking help do not like to read a lot. Juat havin' some fun Link to comment Share on other sites More sharing options...
Wazoo Posted August 27, 2004 Share Posted August 27, 2004 ...You can use the SpamCop parser to generate the spam reports to the appropriate addresses and before you send them, click the button labeled "Preview reports," copy a report into a new e-mail, then copy in the "Reply-to" address. I'm going to have to go look, it might not actually exist these days. Anyway, somewhere, Julian made it quite clear that generating a "manual" response was something one did on their own. Including the SpamCop parse/report was very much frowned on, guessing that he didn't want a "bad" report (as so strongly hinted at here) as being caused, agreed to, or certified by SpamCop .... If it's "your" complaint, then it should clearly be "your" complaint .... Link to comment Share on other sites More sharing options...
Wazoo Posted August 27, 2004 Share Posted August 27, 2004 The guy in the .spamcop newsgroup this morning was the best one Debated over whether I should attribute the quoting of that one over here, decided that it most definitely stood on its own ... but agree ....only partially matched by the idiot that wanted a copy of the full spam he/she'd reported earlier today, stating that a copy couldn't be found (via the Report ID), then including the entire spam from a copy sent to another of his/her accounts for tracking purposes ... strange day, for sure <g> ... Link to comment Share on other sites More sharing options...
turetzsr Posted August 27, 2004 Share Posted August 27, 2004 ...You can use the SpamCop parser to generate the spam reports to the appropriate addresses and before you send them, click the button labeled "Preview reports," copy a report into a new e-mail, then copy in the "Reply-to" address.I'm going to have to go look, it might not actually exist these days. Anyway, somewhere, Julian made it quite clear that generating a "manual" response was something one did on their own. Including the SpamCop parse/report was very much frowned on, guessing that he didn't want a "bad" report (as so strongly hinted at here) as being caused, agreed to, or certified by SpamCop .... If it's "your" complaint, then it should clearly be "your" complaint ....15925[/snapback] ...Thanks for the excellent point, Wazoo. I'll now go back and edit my reply to reflect this. Link to comment Share on other sites More sharing options...
Baboon Posted August 28, 2004 Author Share Posted August 28, 2004 Thanks guys. I do know the From address is usually faked in "normal" spam. The SOB's even sometimes put MY email address in the From field. The reply addresses I really really would like to report, and get closed, are those provided by 419 scammers, who obviously need those addresses to carry out their scams. As example yesterday, Friday, I reported a letter from a scammer who, in the body of the mail, suggested a yahoo.co.uk address for replying, even though the email was sent from a latinmail.com address. The origin address may have been closed after I reported it, but the address the victims are using has not been reported, as far as I know. What is your advice please? Should I just ignore it? Link to comment Share on other sites More sharing options...
Wazoo Posted August 28, 2004 Share Posted August 28, 2004 In the scenario you describe, (reading it as that the yahoo.uk address was the "only" point of possible spammer interaction) then yes, a manual report to Yahoo.co.uk is what I would do. Just package up the spam (complete) and copy it In-Line into a new e-mail to both abuse <at> yahoo.co.uk and a CC: copy to 419.fcd <at> usss.treas.gov and uce <at> ftc.gov (if you're in the U.S.) Link to comment Share on other sites More sharing options...
Baboon Posted August 29, 2004 Author Share Posted August 29, 2004 In the scenario you describe, (reading it as that the yahoo.uk address was the "only" point of possible spammer interaction) then yes, a manual report to Yahoo.co.uk is what I would do. Just package up the spam (complete) and copy it In-Line into a new e-mail to both abuse <at> yahoo.co.uk and a CC: copy to 419.fcd <at> usss.treas.gov and uce <at> ftc.gov (if you're in the U.S.) 15950[/snapback] Okay, I sent it to Yahoo as you suggested, and they have already taken action but would you do it with any domain? I get alot of those 419 letters, and the scammer usually wants me to write back using another email address than the originating. A quick browse through some old 419 letters reviel addresses, that can't be reported through SpamCop, from excite.com, iname.com, africamail.com, zwallet.com, fastermail.com and yahoo of cause. Is it safe for me to send manual reports to domains like these, or could they be hostile against spam reporters? BTW. If someone still doesn't know what kind of reply addresses I am talking about, I have attached an example without header. This was (apparently) sent from an atlas.cz email address, but as you can see, the "princess" wants us to use an fastermail.com address for replying. I have munged the user part of the address... > Good Day To You, > > We have an immediate Business Opportunity Proposal that involves the > sum of US30.5M (Thirty Million, Five Hundred Thousand United States > Dollars Only) Which we will like to invest under your custody. > > Please, do not hesitate to send me an e-mail, so as to discuss with > you the details of the transaction/the terms and condition of > regarding the business. Your urgent response will be highly > appreciated and will swiftly bring us to the commencement of the > transaction. > > we hope to conclude this transaction as quickly as possible. Do not > forget to contact me on the receipt of this mail through my private > email address at:xxxxxx.xxxxxx[at]fastermail.com > > And please, you have to maintain absolute confidentiality as regards > this pending transaction I urgently await your swift response. > Thanks and God bless you > > Yours faithfully, > Princess Stella Sigcau > Minister of Public Works, > Republic of South Africa. > Honesty and transparency,they are my best work tools and virtues. Link to comment Share on other sites More sharing options...
Miss Betsy Posted August 30, 2004 Share Posted August 30, 2004 I always report the 419 scams (if they are relatively recent - that's after yahoo abuse said that they didn't have that address - I figured that it had already been cancelled!) I usually look them up on Sam Spade; get the IP address; look them up on arin and if necessary, find the abuse address at abuse.net. You might be able to use the spamcop parser, but I don't trust my ability to explain how. I don't think that ISPs are in cahoots with 419 scammers because what they are doing is a real crime that could get the ISP arrested for aiding and abetting. Therefore, it is safe to report them. I say, "Please cancel this address to protect the gullible." Miss Betsy Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.