Jump to content

SpamCop Glossary Archive


Wazoo

Recommended Posts

From that description, my interpretation of the purpose of a honeypot is to study spammer techniques.  Most of the configuration, etc.  is above my head so I never read any dialogue about honeypots carefully, but I think there is more prupose to it than that.

Miss Betsy

37514[/snapback]

The definition I originally used was a direct quote from TechEncyclopedia the following is the definition taken from The Jargon File

honey pot: n.

1. A box designed to attract crackers so that they can be observed in action. It is usually well isolated from the rest of the network, but has extensive logging (usually network layer, on a different machine). Different from an iron box in that its purpose is to attract, not merely observe. Sometimes, it is also a defensive network security tactic — you set up an easy-to-crack box so that your real servers don't get messed with. The concept was presented in Cheswick & Bellovin's book Firewalls and Internet Security.

2. A mail server that acts as an open relay when a single message is attempted to send through it, but discards or diverts for examination messages that are detected to be part of a spam run.

Link to comment
Share on other sites

  • Replies 180
  • Created
  • Last Reply
Sometimes, it is also a defensive network security tactic — you set up an easy-to-crack box so that your real servers don't get messed with.

That's maybe the part I remember. Also, because it 'attracts' I think the operators of the honey pot may 'do' something which is not advantegous to the spammer, but I don't have a clue what.

Miss Betsy

Link to comment
Share on other sites

That's maybe the part I remember.  Also, because it 'attracts' I think the operators of the honey pot may 'do' something which is not advantegous to the spammer, but I don't have a clue what.

37521[/snapback]

I think you might be referring to "tarpitting", basically making an open relay IP respond slowly to slow down the spammers attempt at spewing quickly.
Link to comment
Share on other sites

I am working on a new glossary entry but need some help filling in the blanks

<a name="Acronyms"></a>Acronyms & Text Messaging Shorthand

The following link is to NetLingo's extensive List of Acronyms & Text Messaging Shorthand

Acronyms have always been an integral part of computer culture, and they have since spawned a new language on the Internet. Commonly thought of as a series of letters that make up a "word" there is a distinction between acronyms and shorthand.

Online enthusiasts, primarily millennials, are learning that shorthand are in fact called acronyms, but this is incorrect. The difference between acronyms and shorthand is that with acronyms, you pronounce the letters as a new word (for example, FUBAR is pronounced "foo-bar" and RADAR is pronounced "ray-dar"). In contrast, shorthand pronunciations are always to say the letters one-by-one and not pronounce it as a word (for example, FYI is pronounced "F-Y-I" and BRB is pronounced "B-R-B"). The difference between shorthand and an initialism (or abbreviation) is that the latter refers to the shortening of a word itself, for example "esp" for "especially." The online practice is to refer to any shorthand or abbreviation as an acronym.

Examples commonly used in the SpamCop Forums include:

<a name="BOFH"></a>BOFH - Bastard Operator From Hell

<a name="BTW"></a>BTW - By The Way

<a name="IIRC"></a>IIRC - If I Remember Correctly or If I Recall Correctly

<a name="IIUC"></a>IIUC - If I Understand Correctly

<a name="IIWY"></a>IIWY - If It Was You

<a name="ITYM"></a>ITYM - I Think You Mean

<a name="PITA"></a>PITA - Pain In The Ass

<a name="TPTB"></a>TPTB - The Powers That Be

<a name="TTFN"></a>TTFN - Ta Ta For Now

URI - Uniform Resource Identifiers

tinw - there is no we

tinu - there is no us

Alternate reference source: Internet slang From Wikipedia, the free encyclopedia.

NOTE: this has been edited several times as information was made avaiable.

Thanks to all who assisted in providing the info.

Link to comment
Share on other sites

I regret to inform you that while working with the glossary, the lower portion of the glossary some how got deleted. Did not notice it until I scrolled down to the end and found it missing. Unfortunately my backups are not as current as they should be, some of the information will have to be recreated, specificly the refereces to additional resources.

Sorry for the inconvience. I will attempt to correct it as soon as possible, but it may take a few days to do so.

Link to comment
Share on other sites

In trying to restore the glossary I have discovered how the deletion occurred.

It seems that I have exceeded the maximum character count for an individual post. Will need to get some input from Wazoo before continuing.

The two options I see include;

1) increasing the maximum size of the post. (may not be possible)

2) breaking the glossary into multiple sections which would be as follows;

Main section: includes everything except the individual entries

Several entry sections split up based on the alphabet which I believe that I would start off with 3 to allow for growth.

I will wait for input form Wazoo.

Link to comment
Share on other sites

My backup from 06:14 EST -0500:

SpamCop Glossary in Alphabetical Order<br />last edit 10 December 2005<br /><br />Note: additions, corrections, suggestions, etc are encouraged and will be merged into this consolidated glossary after allowing amply time for comment. Please post your comments in this thread. After they have been consolidated they will be moved to the archive <span style='color:blue'><a href='http://forum.spamcop.net/forums/index.php?showtopic=2530' target='_blank'><span style='color:blue'>SpamCop Glossary Archive, Historical record of changes and posts</span></a></span> Click on the link to jump to Archive. For terms not included in this glossary please see the entry <a href="#GlossaryInfo"><span style='color:blue'>Additional Glossary Sources</span></a> found at the conclusion of this glossary.<br /><br /><a href="#a"><u>A</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#b"><u>B</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#c"><u>C</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#d"><u>D</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#e"><u>E</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#f"><u>F</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#g"><u>G</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#h"><u>H</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#i"><u>I</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#j"><u>J</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#k"><u>K</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#l"><u>L</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#m"><u>M</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#n"><u>N</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#o"><u>O</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#p"><u>P</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#q"><u>Q</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#r"><u>R</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#s"><u>S</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#t"><u>T</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#u"><u>U</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#v"><u>V</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#w"><u>W</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#x"><u>X</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#y"><u>Y</u></a>,<span style='font-size:14pt;line-height:100%'> </span><a href="#z"><u>Z</u></a>,<span style='font-size:14pt;line-height:100%'> </span> <br /><br /><span style='color:purple'>Clicking on any of the index items below will jump you to that entry below. Using the browser's back button will return you to the index.</span><br /><li><a href="#devnulling">/dev/null'ing</a><br /><a name="a"></a><li><a href="#Acronyms">Acronyms</a><br /><a name="b"></a><li><a href="#Blowback">Backscatter</a><br /><li><a href="#Bitbucket">Bit Bucket</a><br /><li><a href="#Blackhole">Blackhole</a><br /><li><a href="#Blowback">Blowback</a><br /><li><a href="#BOFH">BOFH</a><br /><li><a href="#Bounce">Bounce</a><br /><li><a href="#BTW">BTW</a><br /><a name="c"></a><li><a href="#CR">C/R</a><br /><li><a href="#Cache">Cache</a><br /><li><a href="#Cartooney">Cartooney</a><br /><li><a href="#CR">Challenge Response</a><br /><li><a href="#CM">Chain Mail</a><br /><li><a href="#CID">cid:</a><br /><li><a href="#CF">Content Filter</a><br /><li><a href="#CID">Content-ID:</a><br /><a name="d"></a><li><a href="#DN">Domain Name</a><br /><li><a href="#DNSbl">DNSbl</a><br /><a name="e"></a><a name="f"></a><a name="g"></a><a name="h"></a><li><a href="#HTTP">HTTP</a><br /><li><a href="#honeypot">Honeypot</a><br /><a name="i"></a><li><a href="#IIRC">IIRC</a><br /><li><a href="#IIUC">IIUC</a><br /><li><a href="#IIWY">IIWY</a><br /><li><a href="#ITYM">ITYM</a><br /><li><a href="#InnocentBystander">Innocent Bystander</a><br /><li><a href="#IP">IP</a><br /><li><a href="#IPA">IP Address</a><br /><li><a href="#ISP">ISP</a><br /><a name="j"></a><li><a href="#Jargon">Jargon</a><br /><li><a href="#Joe">Joe Job</a><br /><a name="k"></a><a name="l"></a><a name="m"></a><li><a href="#MHC">Mail-Host Configuration</a><br /><li><a href="#Man">Manual Report</a><br /><li><a href="#Blowback">Misdirected Bounces</a><br /><li><a href="#Mung">Mung / Munge</a><br /><li><a href="#MX">MX Record</a><br /><a name="n"></a><a name="o"></a><li><a href="#Mung">Obfuscate</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#OpenRelayReport">Open Relay Report</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#OpenRelayTesting">Open Relay Testing System(s) Report</a><br /><a name="p"></a><li><a href="#Phish">Phish / Phishing</a><br /><li><a href="#PITA">PITA</a><br /><li><a href="#Proxy">Proxy</a><br /><a name="q"></a><li><a href="#Quarantine">Quarantine</a><br /><li><a href="#Quick Reporting">Quick Reporting</a><br /><a name="r"></a><li><a href="#rDNS">rDNS</a><br /><li><a href="#RFC">RFC</a><br /><li><a href="#Report">Report</a><br /><li><a href="#ReportEmailAddress">Report Email Address</a><br /><li><a href="#ReportHistory">Report History</a><br /><li><a href="#ReportID">Report ID</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540&view=findpost&p=30357">Report Types</a><br /><li><a href="#ReportURL">Report URL</a><br /><li><a href="#RTFF">RTFF</a><br /><li><a href="#RTFM">RTFM</a><br /><a name="s"></a><li><a href="#SMTP">SMTP</a><br /><li><a href="#SMTP Reject">SMTP Reject</a><br /><li><a href="#SPAMhormel">spam</a><br /><li><a href="#spam">spam</a><br /><li><a href="#SpamCop">SpamCop</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#SpamSourceReport">spam Source Report</a><br /><li><a href="#Strap">Spamtrap</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#SpamvertizedURLReport">Spamvertized URL Report</a><br /><a name="t"></a><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#ThirdPartySourceReport">Third Party Source Report</a><br /><li><a href="#TPTB">TPTB</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#ThirdPartyURLReport">Third Party URL Report</a><br /><li><a href="#TURL">Tracking URL</a><br /><li><a href="#TTFN">TTFN</a><br /><a name="u"></a><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#UserDefinedRecipientReport">User Defined Recipient Report</a><br /><li><a href="http://forum.spamcop.net/forums/index.php?showtopic=4540#UserNotificationReport">User Notification Report</a><br /><li><a href="#UsingLRC">Using last resort contacts</a><br /><a name="v"></a><li><a href="#Vacation Responders">Vacation Responders</a><br /><li><a href="#VER">VER - Very Easy Reporting</a><br /><li><a href="#Voicemail">Voicemail</a><br /><a name="w"></a><li><a href="#Web-Bug">Web-Bug</a><br /><li><a href="#WHOIS">WHOIS</a><br /><li><a href="#Worm Poop">Worm Poop</a><br /><a name="x"></a><a name="y"></a><a name="z"></a><br /><span style='color:purple'>Clicking on any of the index items above will jump you to that entry below. Using the browser's back button will return you to the index.</span><br /><br />A special thanks to Wazoo for getting the index to work.<br /><br /><a name="devnulling"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>/dev/null'ing</b></span></span><br />The act of vaporizing a file (sending it to the Unix null device, used as a data sink, or "bit bucket") <br />SpamCop uses email addresses addressed to xxxx[at]devnull.spamcop.net to discard messages that have been generated after they have been statically recorded where the intended recipient has historically bounced similar messages or has requested that they no longer be sent.<br />for more information see <a href='http://forum.spamcop.net/forums/index.php?showtopic=4430' target='_blank'>http://forum.spamcop.net/forums/index.php?showtopic=4430</a><br /><br /><a name="Acronyms"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Acronyms & Text Messaging Shorthand</b></span></span><br />The following link is to NetLingo's extensive <a href='http://www.netlingo.com/emailsh.cfm' target='_blank'><span style='color:blue'>List of Acronyms & Text Messaging Shorthand</span></a><br />Acronyms have always been an integral part of computer culture, and they have since spawned a new language on the Internet. Commonly thought of as a series of letters that make up a "word" there is a distinction between acronyms and shorthand. <br /><br />Online enthusiasts, primarily millennials, are learning that shorthand are in fact called acronyms, but this is incorrect. The difference between acronyms and shorthand is that with acronyms, you pronounce the letters as a new word (for example, FUBAR is pronounced "foo-bar" and RADAR is pronounced "ray-dar"). In contrast, shorthand pronunciations are always to say the letters one-by-one and not pronounce it as a word (for example, FYI is pronounced "F-Y-I" and BRB is pronounced "B-R-B"). The difference between shorthand and an initialism (or abbreviation) is that the latter refers to the shortening of a word itself, for example "esp" for "especially." The online practice is to refer to any shorthand or abbreviation as an acronym.<br /><br />Examples commonly used in the SpamCop Forums include:<br /><a name="BOFH"></a>BOFH - Bastard Operator From Hell <br /><a name="BTW"></a>BTW - By The Way<br /><a name="IIRC"></a>IIRC - If I Remember Correctly or If I Recall Correctly<br /><a name="IIUC"></a>IIUC - If I Understand Correctly <br /><a name="IIWY"></a>IIWY - If It Was You <br /><a name="ITYM"></a>ITYM - I Think You Mean<br /><a name="PITA"></a>PITA - Pain In The Ass<br /><a name="TPTB"></a>TPTB - The Powers That Be<br /><a name="TTFN"></a>TTFN - Ta Ta For Now<br />URI - <br />tinw -<br /><br />Alternate reference source: <a href='http://en.wikipedia.org/wiki/Internet_slang' target='_blank'><span style='color:blue'>Internet slang</span></a> From Wikipedia, the free encyclopedia.<br /><br /><a name="Bitbucket"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Bit Bucket</b></span></span><br />The universal data sink (originally, the mythical receptacle used to catch bits when they fall off the end of a register during a shift instruction). Discarded, lost, or destroyed data is said to have gone to the bit bucket. On Unix, often used for /dev/null. Sometimes amplified as the Great Bit Bucket in the Sky.<br /><br /><a name="Blackhole"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Blackhole</b></span></span><br />This is a system where suspected spam is accepted by the mail server or user and silently deleted. Neither the sender or the receiver is notified.<br /><span style='font-size:8pt;line-height:100%'><br /></span>This seems to be preferred by many companies as it means that none of their potential customers will see a rejection message, and by many users as they can not tell if a spam filter deleted the message or some other computer glitch deleted it before it got to their server. When coupled with a whitelisting system where any outgoing e-mail address is whitelisted for a response, the error rate can be almost invisible to the senders and the receivers.<br /><span style='font-size:8pt;line-height:100%'><br /></span>As with the quarantine method, it is a more expensive method than using DNSbls.<br /><br /><a name="Blowback"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Blowback, Backscatter, Misdirected Bounces</b></span></span><br />Delayed bounces, virus notices, out-of-office messages and other forms of auto-responses that are frequently mis-directed, basing their targets on data found within forged header lines. In the past, these types of notifications were a nicety. However, as the spammers have once again used a "feature" of something developed under the "trusted users" model to aid in delivering their spew, this activity of e-mail servers has moved into the "bad"zone. More desirable these days is the non-deliverable e-mail will be handled at the time of attempted delivery, such that any rejection notice required is supplied to the sending server, rather than a possible innocent third-party.<br />See also: <br /><a href='http://www.spamcop.net/fom-serve/cache/329.html' target='_blank'>http://www.spamcop.net/fom-serve/cache/329.html</a> <br /><a href='http://spamlinks.net/prevent-secure-backscatter.htm' target='_blank'>http://spamlinks.net/prevent-secure-backscatter.htm</a><br /><br /><a name="Bounce"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Bounce</b></span></span><br />Used by some as a description of undelivered e-mail.<br />More accurately it refers to a mail message that a mail server generates to indicate a mail message is not delivered.<br />RFCs allow a receiving mail server to generate a bounce, but that is no longer a good practice as for spam or viruses which are now between 50 to 70 percent of incoming e-mail, that bounce will go to some innocent victim, like you.<br />The preferred practice is for the receiving mail server to issue an SMTP reject code if it can not deliver the e-mail, and then the sending mail server will generate a bounce.<br />Since spam and most recent viruses are not sent through real mail servers, no bounce message will be generated for them.<br /><br /><a name="Cache"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Cache</b></span></span><br />A cache (pronounced cash) or buffer is basically a local copy or storage area that provides speedy access to stuff that is normally stored elsewhere. Computers cache and buffer information inside and outside their CPUs, in RAM, and on Hard Disks. In the interest of speed and reduced redundant network traffic and load, the Parser caches DNS, WHOIS and abuse.net lookup results (more info on them below) Information about how long the Parser caches those lookup results is confidential, as exact numbers might give the spammers ideas.<br /><br /><a name="Cartooney"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Cartooney</b></span></span><br />The term cartooney refers to the baseless legal threats or the nonexistent lawyers often made by spammers in their attempts to be removed from mail filters. The word can be used either as an adjective or a noun; i.e., "The spammer made cartooney threats" or "The spammer sent me a cartooney".<br /><br /><a name="CR"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>C/R or Challenge Response</b></span></span><br />A service that issues a challenge to make sure that a human is sending a mail.<br />When they challenge spam and viruses, they bother innocent people. <br />If they use SMTP rejects, then only real senders will get the challenges.<br />Generally an expensive method of spam control, and spammers can easily get around the challenge if they care to by redirecting the challenge to a porn site and promising free porn to the humans that visit the site and answer the challenge.<br /><br />A challenge response system that does not use SMTP rejects is prone to sending e-mail to spamtraps which will cause other mail servers to refuse the challenges.<br />The only way that a challenge response system that does not use SMTP rejects to avoid hitting spam traps is if it makes sure that it never issues a challenge to a forged address in a spam or a virus. And of course if it knew how to do that, it would not need to issue a challenge.<br /><br /><a name="CM"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Chain Mail</b></span></span><br />A typical chain letter consists of a message that attempts to induce the recipient to make a number of copies of the letter and then pass them on to two or more new recipients. A chain letter can be considered a type of meme, a self-replicating piece of information that uses a human host to distribute copies of itself. Common methods used by chain letters include emotionally manipulative stories, get-rich-quick pyramid schemes, and the exploitation of superstition to threaten the recipient with. See also <a href='http://en.wikipedia.org/wiki/Chain_letter' target='_blank'>http://en.wikipedia.org/wiki/Chain_letter</a><br /><br /><a name="CF"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Content Filter</b></span></span><br />A content filter is one that looks at the contents of a message and tries to guess if it is spam or a real e-mail.<br /><br />Generally content filters are not vary accurate, and as they require that the mail server allow the transfer of the body of the message, they are more expensive to operate than using DNSbls.<br /><br />Generally to make up for the inaccuracies in content filters, they are accompanied by a quarantine area to check for errors. <br /><br />The accuracy of content filters can be greatly enhanced by using conservative DNSbls to keep the bulk of the spam out of the mail server, and then using aggressive DNSbls or fail strict rDNS checks to determine if the content filter should examine the message.<br /><br />Of the content filter checks, the one that shows the most accuracy is to look up the I.P. address that any web link in the e-mail references, and check it against a DNSbl. But you only want to do that check on e-mail that fails one of the aggressive tests, or you may miss legitimate mail discussing spam and how to fight it.<br /><br /><a name="CID"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Content-ID: / cid:</b></span></span><br />The Uniform Resource Locator (URL) schemes, "cid:" and "mid:" allow references to messages and the body parts of messages. For example, within a single multipart message, one HTML body part might include embedded references to other parts of the same message. (extracted from <a href='http://www.ietf.org/rfc/rfc2111.txt' target='_blank'>http://www.ietf.org/rfc/rfc2111.txt</a> )<br /><br /><a name="DNSbl"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>DNSbl</b></span></span><br />DNS based blocking system. A DNS server keeps track of I.P.s that meet the listing service's criteria. Also known as BLOCKING LISTS and BLACKHOLE lists.<br /><br />Mail servers and other network servers can reference them to reject mail or connections, or to decided if they need to examine them further. They also can be used to indicate trusted I.P. addresses to accept mail or connections.<br /><br />There are many DNSbls with different criteria.<br />The spamcop.net DNSbl lists I.P. addresses that spam has been reported to originate from. It is aggressive, and may list real mail servers.<br />Some list only I.P. addresses that have been shown to be compromised and abused by spammers. Others list I.P. addresses that are known to be controlled by spammers.<br />These are known as conservative DNSbls.<br /><br />And some list I.P. addresses that are DHCP assigned. These are known as Dyanmic list and sometimes DIALUP lists. Many mail servers will not accept e-mail from these addresses.<br /><br />There are also DNSbls that list all I.P. addresses for specific ISP's and countries.<br />Use of conservative DNSbls can block over 80% of the incoming spam usually with out any real e-mail being rejected unless the sender's mail server has a severe security problem. Adding a good DHCP blocking list to that can eliminate most of the remaining spam with a very small chance of rejecting a real e-mail.<br /><br />An aggressive DNSbl can be used to indicate if additional tests should be done on an incoming e-mail to see if it is spam or real e-mail.<br />Also see <a href="#rDNS">rDNS</a><br /><br /><a name="DN"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Domain Name</b></span></span><br />Domain names have an important role in Internet traffic. They provide a straightforward basis for contact with computers, websites and electronic mailboxes belonging to companies, other organizations and private individuals. Using a domain name, an Internet user can, for example, find the site belonging to a company and thus obtain information, view the company’s catalogue, place an advertisement, perform a financial transaction, place an order or whatever. In short, domain names make the Internet usable. <br /><br />Domain names are derived from the unique numbers that all computers on the Internet have. These numbers are known as IP (Internet Protocol) addresses and consist of figures only. Unfortunately, long numbers aren’t very easy to remember, so it was decided to use a system whereby you can have a name that corresponds to an IP address. The Internet uses what are known as ‘domain name servers’ to look up the numbers (IP addresses) that these names correspond to. Every domain name is made up of at least two elements. The last element of the name is called the top-level domain. Country code top-level domain names refer to countries; so, for example, there is ‘.nl’ for the Netherlands, ‘.be’ for Belgium and ‘.de’ for Germany (Deutschland). <br /><br />Not all top-level domain names relate to countries, however. The most commonly seen top=level domains were agreed upon as an aid to identify the type of site you were going to visit. These include ‘.com’ for commercial, ‘.org’ for organization, '.edu' for educational, ‘.net’ for network, '.gov' for government. Recent additions include '.info' for informational and '.biz' for business. However, it must be noted that spammers and hucksters have managed to further muddy the waters that these 'identifying' names were supposed to represent.<br /><br />The item in front of the top-level domain name is usually the company/personal/entity name of the folks behind the web-site.<br /><br />The "www:" in front of all of this is also (mostly) a convenience, letting the user know that this is a web site normally accessed via a web-browser using HTTP (HyperText Transfer Protocol) .. You may also see "ftp:" (File Transfer Protocol) or "news:" (Network News Transfer Protocol)<br /><br />Items seen between the first "protocol" bit and the company/personal/entity name is basically there to guide to to a certain/specific area that is hosted by the folks behind the name. Items seen after the Top-level Domain name (separated by a "/") will take you to a specific web-page on that hosted web-site.<br /><br /><a name="HTTP"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>HTTP</b></span></span><br />HyperText Transfer Protocol - The protocol for moving hypertext files across the Internet. Requires a HTTP client program on one end, and an HTTP server program on the other end. HTTP is the most important protocol used in the World Wide Web .<br /><br /><a name="InnocentBystander"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Innocent Bystander </b>(IB)</span></span><br />An Innocent Bystander (IB) is a URL or URI that is present in spam but is not authorized for such use by its owner.<br /><br />Spammers will put 'innocent' URLs in their spam to make it look legitimate, for instance references to news articles or government web pages. Other examples include the mandatory advertising placed at the bottom of email messages in footers by free webmail companies and by antivirus software*. In the case of <a href='http://forum.spamcop.net/forums/index.php?showtopic=4473Phish' target='_blank'>phishing</a> email, nearly all links will be stolen from the Innocent Bystander.<br /><br />An attempted Report of a URL or URI that is marked as an Innocent Bystander will be met with "ISP does not wish to receive report regarding [the Innocent Bystander]" and possibly "ISP does not wish to receive reports regarding [the Innocent Bystander] - no date available".<br /><br />Please see <a href='http://www.spamcop.net/fom-serve/cache/117.html' target='_blank'>Once I close a spammer's account, how can I prevent others reporting it?</a> for how an ISP can mark a URL as an Innocent Bystander.<br /><br />*Opinion: It is understood that free webmail companies need to recoup their investments via footer advertising. However, paid antivirus software companies' and paid ISPs are attempting to double-dip (unless they make it very clear in advance to their customers that their prices are significantly lower due to their footer advertising schemes, and give their customers options to pay higher prices for advertising-free products).<br /><br /><a name="IPA"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>IP Address</b></span></span><br />Each device connected to a network, be it a LAN (Local Area Network), a WAN (Wide Area Network), or the Internet has an assigned unique IP (Internet Protocol) Address which identifies that specific device to the rest of the network. For example, <a href='http://www.ed-phys.fr/htbin/ipaddress' target='_blank'><span style='color:blue'>Show me my IP Address</span></a> will take a look at "your" computer and list the address of "your" system. (if you are using a modem to dial into your ISP, this number will likely change at every connection ... cable and DSL modems may have the same address for quite a while) Your ISP has a pool of IP Addresses, some are used to provide their customers with a unique address when on-line, others the ISP use themselves for things like running an e-mail server to handle all the incoming/outgoing e-mail for their customers. (NOTE: the above is very simplified. If/when all the other techy stuff gets added, this block will be revisited and a bunch of items will be added, like "See TCP/IP, Network Protocols, Proxy, etc.)<br /><br />For more info;<br /><a href='http://computer.howstuffworks.com/question549.htm' target='_blank'>http://computer.howstuffworks.com/question549.htm</a><br /><a href='http://www.webopedia.com/TERM/I/IP_address.html' target='_blank'>http://www.webopedia.com/TERM/I/IP_address.html</a><br /><br /><a name="ISP"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>ISP</b></span></span><br />Internet Service Provider .... the company you are giving your money to that lets you then connect to the Internet, send and receive e-mail, interact with some strange people, check the weather without having to get out of bed .. all those important things <g><br /><br /><a name="Jargon"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Jargon</b></span></span><br />Definition 2 of the noun "jargon" <a href='http://www.m-w.com/dictionary/jargon' target='_blank'>per Merriam-Webster</a> is "the technical terminology or characteristic idiom of a special activity or group". In the case of this Glossary (which attempts to explain SpamCop Jargon), the special activity is spam-fighting via SpamCop, and the group is spam-fighters or anti-spammers who use SpamCop. For more generic computer or hacker jargon, please see <a href='http://www.catb.org/~esr/jargon/html/index.html' target='_blank'>The Jargon File</a>.<br /><br /><a name="Joe"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Joe Job</b></span></span><br />1. A "joe job" is a spam run forged to appear to come from another innocent party, with the intention of generating complaints about the victim and damaging their reputation. <br />2. A Joe job is an e-mail spam designed to tarnish the reputation of an innocent third party. Despite having existed since at least 1996, Joe jobs are uncommon compared to other types of spam because they provide no commercial benefit to the Joe jobber.<br />3. A "joe job" is something far above and distinct from the all too typical spammer construct of a <span style='color:blue'>"From" Address Forgery</span><br />For more info:<br /><a href='http://forum.spamcop.net/forums/index.php?showtopic=203' target='_blank'>Why am I getting all these bounces?</a><br /><a href='http://spamlinks.net/faqs-joejob.htm' target='_blank'>http://spamlinks.net/faqs-joejob.htm</a><br /><a href='http://en.wikipedia.org/wiki/Joe_jobs' target='_blank'>http://en.wikipedia.org/wiki/Joe_jobs</a><br /><br /><a name="MHC"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Mail-Host Configuration</b></span></span><br />Procedure of "training" the SpamCop parser to identify the mail-hosts / e-mail servers that "your" e-mail travels through on its way to your InBox. The primary purposes of configuring your account is to help identify some spammer forgery and manipulation of the spam headers to point to innocent ISPs and to help prevent folks from reporting themselves or their own ISPs. Nothing is foolproof, blindly trusting any tool is silly, so the requirement that you verify the parser analysis and report targets is still a mandatory part of the agreement between you and SpamCop. It has been stated that performing this configuration on your account will be mandatory at some time in the future.<br /><br /><a name="Man"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Manual Report</b></span></span><br />A Manual Report is a Report that you construct and send by hand. Manual Reports should be sent for cases where you can't or shouldn't send a SpamCop Report. These cases include, but are not limited to:<ul><li>Network Abuse that is not spam</li><li>Viruses</li><li>Worms</li><li>Worm Poop</li><li>Bounces</li><li>Double Bounces</li><li>Attempts to Relay, Hack, and Crack</li><li>Newsgroup Posts that violate a Newsgroup Charter but have BI<20</li><li>URLs that the Parser refuses to find because of its strict adherence to standards</li><li>URLs that the Parser refuses to deal with because there are too many (please don't report unclickable URLs)</li><li>URLs that the Parser refuses to deal with because they are in java scri_pt</li><li>Extra reporting addresses that the Parser refuses to let you add (it's limited to four), such as those found on Marjolein's <a href='http://banspam.javawoman.com/report3.html' target='_blank'>spam Reporting Addresses</a> page, <a href='http://www.abuse.net' target='_blank'>the Network Abuse Clearinghouse</a>, NANAE, spam-L, and elsewhere</li><li>Email Addresses that you know derive benefit from spam (such as those used in 419 Advance Fee Fraud spam emails and in spam emails that do not contain even one URL)</li><li>Phone Numbers that you know derive benefit from spam (such as those used in diploma mill spam emails and in spam emails that do not contain even one URL), if you can figure out where to send the Report</li><li>Violations of any TOS (Terms Of Service or local equivalent), AUP (Authorized or Acceptable Use or Usage Policy or local equivalent), Rule, Law, Internet Standard, RFC (Request For Comments), and/or BCP (Best Common Practice)</li><li>Anything else that a SpamCop Admin or Deputy states shouldn't be reported through SpamCop</li></ul>Although you may use the SpamCop Parser to identify where to send your Manual Report, "SpamCop" should not appear in that Report, except possibly in the Headers because you received the email through your SpamCop Email System account. Manual Reports should include a minimum of facts and explanation of facts, unless you know the recipients need more, and should be polite. If you have the time to do the research, it helps to quote the chapter and verse (specific Section or Subsection) of the TOS/AUP, Internet Standard(s), and/or RFC(s) that you think is/are being violated. When complaining about commercial use of an MSN Hotmail or Yahoo! account, for instance, I have found the phrases 'in violation of the Term "Unless otherwise specified, the MSN Sites/Services are for your personal and non-commercial use" of your "MSN Terms of Use" per your page <a href='http://privacy.msn.com/tou/' target='_blank'>http://privacy.msn.com/tou/'</a> and 'exploiting that customer's Yahoo! I.D. and Email portions of your Service for commercial purposes in violation of Term 10 of your Yahoo! Terms of Service at <a href='http://docs.yahoo.com/info/terms/' target='_blank'>http://docs.yahoo.com/info/terms/'</a> and quoting of whois results to be helpful in expediting the desired results.<br /><br /><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Misdirected Bounces</b></span></span> see <a href="#Blowback">Blowback</a><br /><br /><a name="Mung"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Mung / Munge / Obfuscate</b></span></span><br />Mung (or munge) is computer jargon for "to make repeated changes which individually may be reversible, yet which ultimately result in an unintentional irreversible destruction of large portions of the original item." It was created in 1958 at the Tech Model Railroad Club, at the Massachusetts Institute of Technology. In 1960, the backronym "Mash Until No Good" was created to describe Mung, and a while after that it was revised to "Mung Until No Good"—making it one of the few recursive acronyms.<br /><br />Mung originally had two main meanings: to make large-scale and irrevocable changes to a file and to destroy something. A person who vandalizes a Wiki page would not be munging that page because the changes could be reversed. In the early text-adventure game Zork, also known as Dungeon, the user could mung an object and thereby destroy it, making it impossible to finish the game if the object was an important item.<br /><br />The spam epidemics of the 1990s have created a new meaning for mung: to modify an e-mail address so that humans can readily reverse it but robots and address harvesters cannot.<br /><br />Mung also sometimes stands for Multipurpose Unilateral Nonsense Generator, which is a program that will take web pages and run algorithms on them to make them read as if said in a dialectical manner.<br />(extracted from <a href='http://en.wikipedia.org/wiki/Mung)' target='_blank'>http://en.wikipedia.org/wiki/Mung)</a><br /><br /><a name="MX"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>MX Record</b></span></span><br />MX stands for "<b>m</b>ail e<b>x</b>change" or Mail Server. MX is a type of DNS Resource Record, which tells SMTP Senders where to send email for a particular domain (specifically identifying a hostname, which must then have at least one A Record pointing to the IP Address(s) of the Mail Server(s)). "is not an MX for domainname" means that the Mail Server IP Address currently under review by the Parser is not listed in any A Record for any hostname in any MX Record for domainname, and that it therefore is not a registered Mail Server for domainname. Please see <a href='http://www.rfc-editor.org/rfc/rfc974.txt' target='_blank'>RFC 974 MAIL ROUTING AND THE DOMAIN SYSTEM</a> for more information on the use of MX Records.<br /><br /><a name="Phish"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Phish / Phishing</b></span></span><br />The practice of sending bogus e-mails that try to trick people into revealing private and / or financial information for purposes of identity theft. AOL needs your password, e-bay is going to close your account if you don't verify your data in the next 12 hours, CitiBank needs your data to verify their records, fantastic opportunities to get a mortgage at a discount with no credit check involved, you are the 1,000th visitor to this web page, on and on, obviously idiotic ploys to get "you" to fill in the blanks.<br /><br /><a name="Proxy"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Proxy</b></span></span><ul><li>A software agent that acts on behalf of a user. Typical proxies accept a connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.<br /><a href='http://www.atharmahboob.com/courses/security/glossary/glossary-firewall.htm' target='_blank'>http://www.atharmahboob.com/courses/securi...ry-firewall.htm</a></li><li>An intermediary program which acts as both a server and a client for the purpose of making requests on behalf of other clients. Requests are serviced internally or by passing them, with possible translation, on to other servers. A proxy must interpret and, if necessary, rewrite a request message before forwarding it. Proxies are often used as client-side portals through network firewalls and as helper applications for handling requests via protocols not implemented by the user agent.<br /><a href='http://www.freesoft.org/CIE/RFC/1945/3.htm' target='_blank'>http://www.freesoft.org/CIE/RFC/1945/3.htm</a></li></ul>As defined above, a proxy can be a good thing. As such, open and abusable proxies fell into the list of things 'good' about the 'net' that spammers learned to abuse. These days, with spammers and virus writers teaming up, open/abusable proxies are no longer only something set up by an ISP/Hosting service, unfortunately cropping up around the world on home/end user computers. Folks, install and update anti-virus and anti spyware tools, get that firewall installed. Learn to use them all.<br /><br /><a name="Quarantine"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Quarantine</b></span></span><br />A place that a mail server or mail program will put suspected spam. Generally if there is a high amount of spam in the quarantine area, real message will get lost, or be delayed.<br /><br />Note that if the mail was rejected instead of quarantined, the sender would have received a bounce generated by their mail server, so would know that the mail was not delivered, so would have been able to make arrangements to get a time critical message.<br /><br />Ironically, the tagging / quarantine systems are put in because of fear of rejecting a real mail message, but by not issuing an SMTP reject, they introduce human error, and are probably more likely to cause a time critical message to be lost or delayed.<br /><br /><a name="Quick Reporting"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Quick Reporting</b></span></span><br />Mode of reporting in that ONLY the source of the spam is tracked and reported. Items within the spam body are ignored. When it works, its great within this limited scale of reporting. However, if anything goes wrong, the lack of oversight has caused problems for some users. These problems led to the creation of the MailHost configuration to minimize these errors. However, just as a hammer has the capability of hitting one's thumb rather than the nail on occasion, the decision to use Quick-Reporting should only come after verifying that the spam submittals are parsed correctly .. specifically, that one is not trying to report themselves.<br />See also the Forum version of the SpamCop FAQ entry <a href='http://forum.spamcop.net/forums/index.php?showtopic=163' target='_blank'>What is Quick Reporting?</a><br /><br /><a name="rDNS"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>rDNS</b></span></span><br />Reverse DNS. The reverse DNS is a service that returns a name assigned to an I.P. address. <br />An I.P. address can be used by many domain names. The rDNS name is the true name, the rest are aliases, or "knick-names"<br /><br />Apparently there is a requirement that a mail server identify itself with it's rDNS assigned name when it attempts to deliver e-mail.<br />The receiving mail server can verify this name against the I.P. address to see if can trust the sending mail server. It is estimated by some internet posters that 80 percent of the incoming spam has bad rDNS data.<br /><br />Unfortunately there are still too many real mail servers with misconfigured rDNS for many mail servers to use this easy method of sorting out spam.<br /><br /><a name="Report"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Report</b></span></span><br />A SpamCop Report is an email sent to various administrators as suggested by the SpamCop Parsing and Reporting Service. Please see <a href='http://forum.spamcop.net/forums/index.php?showtopic=4540' target='_blank'>SpamCop Report Types</a> for details on the types of SpamCop Reports that Reporters have the option of sending, and <a href='http://www.spamcop.net/fom-serve/cache/338.html' target='_blank'>What does a SpamCop Report look like?</a> for details on what a SpamCop Report looks like.<br /><br /><a name="ReportEmailAddress"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Report Email Address</b></span></span><br />A Report Email Address is an email address that can be used by the Report's recipient to indirectly email the Reporter for some time after the submission of the Report, incorporates a Report ID, is used as the From Address on the actual Report, and looks kind of like 1466329110[at]reports.spamcop.net but with an [at]-sign in the middle (spam emailed to this address will be treated as such). A report email address could be used to spam you, so you should avoid revealing it.<br /><br /><a name="ReportHistory"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Report History</b></span></span><br />SpamCop Report History is an exclusive feature of the SpamCop Parsing and Reporting Service for Paid Reporters (both fuel-based and SpamCop Email System Customers). It shows the history of SpamCop Reports for a particular IP Address or URL. If it is applicable (the Reporter is authorized to view Report History and there is a History of Reports), a "<span style='color:blue'><u>[Report History]</u></span>" Link will appear in the Parser's output under either "host <i>IP Address</i> = <i>RDNS of IP Address</i>" or "<span style='color:brown'><b>Tracking link: <i>URL</i></b></span>", as appropriate. The Report History shows the following for each Report of a spam that implicated that particular IP Address or URL: Date/Time Submitted (grouped by spam); the Subject of the spam (in <i>italics</i>, grouped by spam); Report ID; "( <i>IP Address</i> )" or "( <i>URL</i> )" or "( )" or "( Forwarded spam )"; "To:", and the Email Address of the Report's Recipient (which may include devnull if the intended Recipient's Email Address bounces or refuses Reports, or may be "mole[at]devnull.spamcop.net" for a Mole Report (which is not actually sent)). A typical Report History can be found <a href='http://forum.spamcop.net/forums/index.php?act=findpost&pid=30399' target='_blank'>here</a>. "No recent reports, no history available" will be displayed as appropriate, meaning that no issueid has been assigned to that IP Address or URL. "<span style='color:red'>Cannot find spam reports for issueid = <i>issueid</i></span>" indicates a database error, in that the IP Address or URL has been assigned an issueid, but there are no Reports matching that issueid.<br /><br /><a name="ReportID"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Report ID</b></span></span><br />A SpamCop Report ID number is a unique number, as of this writing ten digits long like 1466329110, assigned by the SpamCop Parsing and Reporting System to a particular Report sent to a particular Administrator regarding a particular piece of a particular spam by a particular Reporter.<br /><br />Please note that the Report ID numbers are keyed to your reporting account, such that someone else's Report ID numbers are pretty much useless to you for discussing the actions of the SpamCop Parsing and Reporting Service and they could be used to spam you, so you should avoid revealing them. The Moderation Team suggests that you discuss a <a href="#TURL">Tracking URL</a> instead - for instructions on how to get one, please see <a href='http://forum.spamcop.net/forums/index.php?showtopic=4498' target='_blank'>FAQ Entry: Getting a Tracking URL from a Report ID</a>.<br /><br /><a name="ReportURL"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Report URL</b></span></span><br />A Report URL shows the headers for the spam reported using the associated Report ID and a "Parse" Link to a <a href="#TURL">Tracking URL</a> for that spam, and incorporates a Report ID, which can only be used by the associated Reporter or a SpamCop Admin. The Report URL is therefore useless for discussion in public fora, looks like <u>http://www.spamcop.net/mcgi?action=gettrack&reportid=1466329110</u> or <u>http://members.spamcop.net/mcgi?action=gettrack&reportid=1466329110</u> or <u>http://mailsc.spamcop.net/mcgi?action=gettrack&reportid=1466329110</u> (depending on which reporting website you use), and could be used to spam you, so you should avoid revealing any Report URL.<br /><br /><a name="RFC"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>RFC</b></span></span><br />RFC stands for Request For Comments, but are usually what results from after the comments are done about a subject. RFCs are the rules of the internet, and e-mail.<br /><br />Systems and users that do not comply with the RFCs can expect to have problems communicating on the internet.<br /><br /><a name="RTFF"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>RTFF</b></span></span><br />Read The Fine FAQ. Also, Read The F___ing FAQ in coarser circles. We currently recommend the <a href='http://forum.spamcop.net/forums/index.php?showtopic=2238' target='_blank'>SpamCop FAQ</a> (about SpamCop), the <a href='http://forum.spamcop.net/forums/index.php?showtopic=4351' target='_blank'>SpamCop Forum FAQ</a> (about these Forums), and the <a href='http://forum.spamcop.net/forums/index.php?showtopic=4473' target='_blank'>SpamCop Glossary</a> (this document). There is also the quaint old cache of the original FAQ-O-Matic <a href='http://www.spamcop.net/fom-serve/cache/1.html' target='_blank'>SpamCop.Net FAQ</a>, if you're into history, and the still-under-development <a href='http://forum.spamcop.net/forums/index.php?act=faq' target='_blank'>SC-FAQ</a>.<br /><br /><a name="RTFM"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>RTFM</b></span></span><br />Read The Fine Manual. Also, Read The F___ing Manual in coarser circles. As SpamCop doesn't have a Manual <i>per se</i>, please RTFF instead. <!--emo&:)--><img src='style_emoticons/default/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /><!--endemo--><br /><br /><a name="SMTP"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>SMTP</b></span></span><br />Simple Mail Transport Protocol. This is how E-MAIL is transferred on the Internet.<br /><br /><a name="SMTP Reject"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>SMTP Reject </b></span></span><br />This is where the receiving mail server refuses delivery with a code and a brief message to describe why.<br /><br />This is now the only non-abusive way for a receiving network to indicate that a message will not be delivered.<br /><br />A mail server that is the front end for other mail servers on a network now should have the ability to verify that the destination mail servers will accept the message, and this is possible with current technology for such complex systems.<br /><br /><a name="SPAMhormel"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>spam</b></span></span><br />Registered trade mark of Hormel Foods<br />see <a href='http://www.spam.com/ci/ci_in.htm' target='_blank'>spam and the Internet </a><br /><br /><a name="spam"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>spam</b></span></span><br />spam, in our web based usage, should never be spelled "spam" which is a registered trademark of Hormel Foods (see <a href='http://www.spam.com/hp/hp_lg.htm' target='_blank'>http://www.spam.com/hp/hp_lg.htm</a>) Additionally, unless grammar requires it spam should never be spelled "spam" as it is not a proper noun.<br /><br />What spam is NOT per SpamCop <a href='http://www.spamcop.net/fom-serve/cache/14.html' target='_blank'>On what type of email should I (not) use SpamCop?</a><br /><br /><a href='http://www.SpamRejection.com/whatisspam.htm' target='_blank'>spam Defined</a> link to spam Rejection Service by Integrated Data Processing, Inc.<br /><br />MAPS' <a href='http://www.mail-abuse.com/spam_def.html' target='_blank'>Definition of "spam"</a><br /><br />The Responsible Net Commerce Site's <a href='http://spam.abuse.net/overview/whatisspam.shtml' target='_blank'>What is spam?</a><br /><br />CAUCE's <a href='http://www.cauce.org/problem/about' target='_blank'>About Junk Email / UCE / spam</a><br /><br />Spamhaus's <a href='http://www.spamhaus.org/definition.html' target='_blank'>Definition of spam</a><br /><br />The SpamCon Foundation's <a href='http://spamcon.org/about/' target='_blank'>About SpamCon Foundation -- Summary</a><br /><br /><a name="SpamCop"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>SpamCop</b></span></span><br />SpamCop is a comprehensive service offering something for everyone in the fight against spam. In this case, COP stands for Citizen On Patrol. SpamCop Reporters patrol their mailboxes and report the spam inside. SpamCop has the following component Services and Systems:<ul><li><a href='http://forum.spamcop.net/forums/index.php?showtopic=2238#SCPRS' target='_blank'>Parsing & Reporting Service</a></li><li><a href='http://forum.spamcop.net/forums/index.php?showtopic=2238#SCESA' target='_blank'>Email System</a></li><li><a href='http://forum.spamcop.net/forums/index.php?showtopic=2238#SCBL' target='_blank'>Blocking List Service (SCBL)</a></li><li><a href='http://forum.spamcop.net/' target='_blank'>Forums</a></li><li><a href='http://forum.spamcop.net/forums/index.php?showtopic=2238' target='_blank'>Frequently Asked Questions (FAQ)</a></li><li><a href='http://forum.spamcop.net/forums/index.php?showtopic=4473' target='_blank'>Glossary</a></li><li><a href='http://news.spamcop.net/' target='_blank'>News</a></li></ul><a name="Strap"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>spam Trap</b></span> </span> or <span style='font-size:14pt;line-height:100%'> <span style='color:orange'><b> Spamtrap</b></span></span><br />An email address that is never used to send or receive email, created for the specific purpose of "trapping" spam. spam Traps are used by those who maintain blocklists to identify spamming sources.<br /><br />Spammers can discover spam Trap addresses through various means - the same ways that they use to get your email address. An email address that has been abandoned because of the amount of spam it receives is not considered a true spam Trap and should not be used for that purpose.<br /><br />The SCBL (SpamCop Blocking List) uses spam Traps to identify the IP addresses from which unsolicited email comes, and is programmed to recognize and discard confirmation emails sent to mistyped addresses. The SCBL's algorithm for listing IP addresses applies a heavier weight to spam Trap hits than to Reports and as a result, spam Traps can cause IP addresses to be listed much faster and for longer time periods than Reports. spam Trap hits do not generate Reports, and therefore do not show up in the Report History.<br /><br /><a name="TURL"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Tracking URL</b

Link to comment
Share on other sites

Continued:

<a name="TURL"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Tracking URL</b></span></span><br />When looking at the Report Page of the Parser Results, the top of the page contains these words (your reference number will be different);<br /><br /><span style='color:blue'>spam Header</span><br />This page may be saved for future reference:<br /><span style='color:purple'>http://www.spamcop.net/sc?id=z641303267z045b750a0c3cf8aa3bfef3b3d92488bfz<br />Skip to Reports</span><br /><br />This "future reference" URL is the "Tracking URL" .... As one of the IronPort "purchase" benefits has turned out to be the addition of some serious storage capabilities, the entire spam submittal is now stored (for some time). These days, things are made much easier when asking for some review, analysis, or assistance; simply copy this provided link and use it to point to the spam submittal in your query. This way, anyone looking to try to answer the query is looking at the spam submittal as the SpamCop parsing engine saw it, thus everyone is talking about the same data.<br /><br />Update: those lines in the parser output now read as;<br /><span style='color:blue'>spam Header</span><br />Here is your TRACKING URL - it may be saved for future reference:<br /><span style='color:purple'>http://www.spamcop.net/sc?id=z641303267z045b750a0c3cf8aa3bfef3b3d92488bfz<br />Skip to Reports</span><br /><br /><a name="UsingLRC"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>Using last resort contacts</b></span></span><br />When the Parser can't find any information about an IP Address's WHOIS listed contacts' domains in the <a href='http://www.abuse.net/' target='_blank'>abuse.net master database of reporting addresses</a>, cached or via direct lookup, it uses those contacts' email addresses as contacts of last resort. All responsible domain administrators should <a href='http://www.abuse.net/addnew.html' target='_blank'>register with abuse.net</a>.<br /><br /><a name="Vacation Responders"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Vacation Responders</b></span></span><br />A service that you can set on many mail servers to automatically let criminals know that they can steal your identify for a specific period of time with out fear of getting caught. It allows them to steal anything from your company that someone else thinks you are authorized to mail with out your signature.<br /><br />These criminals are also known to use voicemail vacation messages for this purpose.<br /><br /><a name="VER"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>VER - Very Easy Reporting</b></span></span><br />Web-based Quick Reporting, which is an exclusive feature of the SpamCop Parsing and Reporting System which only SpamCop Email System Customers may access at: <a href='http://mailsc.spamcop.net/reportheld?action=heldlog' target='_blank'>http://mailsc.spamcop.net/reportheld?action=heldlog</a><br />See also the Forum version of the SpamCop FAQ entry at <a href='http://forum.spamcop.net/forums/index.php?showtopic=5012' target='_blank'>What is VER (Very Easy Reporting)?</a><br /><br /><a name="Voicemail"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Voicemail</b></span></span><br />A service that you can get as an answering machine from the phone company instead of a standalone box.. Criminals are known to use vacation/out-of-office notices from these to successfully steal from companies.<br /><br /><a name="Web-Bug"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Web-Bug</b></span></span><br />Web-bugs are used by spammers to track if a human read the message. If you have your e-mail system set to plain text, they do not work.<br /><br /><a name="WHOIS"></a><span style='font-size:14pt;line-height:100%'><span style='color:orange'><b>WHOIS</b></span></span><br />WHOIS is a service and protocol defined by <a href='http://www.rfc-editor.org/rfc/rfc1032.txt' target='_blank'>RFC 1032 DOMAIN ADMINISTRATORS GUIDE</a>, <a href='http://www.rfc-editor.org/rfc/rfc954.txt' target='_blank'>RFC 954 NICNAME/WHOIS</a>, and their predecessors for providing information about allocated Domain Names and IP Addresses. When the Parser does lookup and finds a hit in the cache, it reports "Cached whois".<br /><br /><a name="Worm Poop"></a><span style='color:orange'><span style='font-size:14pt;line-height:100%'><b>Worm Poop</b></span></span><br />Viruses, worms, and anything that generates a mail message to the forged address in a worm or a virus.<br /><br />This included misconfigured virus scanners, vacation/out of office autoresponders, and mail servers that bounce undelivered mail instead of using SMTP rejects.<br /><br /><a name="GlossaryInfo"></a><span style='color:blue'><b><span style='font-size:12pt;line-height:100%'>Additional Sources for Glossary Information</b></span></span><br />The SpamCop Glossary is being limited to terms used within the SpamCop Forums. The following additional links provide far more information which may both help to better explain terms defined in the SpamCop Glossary as well as many more terms not included here. They are listed in no particualar order.<br /><br /><span style='color:orange'><b>NetLingo</b> </span>The Internet Dictionary<br /><a href='http://www.netlingo.com/' target='_blank'>http://www.netlingo.com/</a><br />NetLingo contains thousands of definitions that easily explain the Internet and the online world of business, technology, and communication. <br />Updated weekly with new terms, NetLingo is ranked #656 in Google's Top 1000 Web sites and reviewed in many publications. Our mission is to educate and entertain you, and keep you up-to-date.<br /><br /><span style='color:orange'><b>The Jargon File</b> </span><a href='http://www.catb.org/~esr/jargon/html/index.html' target='_blank'>http://www.catb.org/~esr/jargon/html/index.html</a><br />The Jargon File is a comprehensive compendium of hacker slang illuminating many aspects of hackish tradition, folklore, and humor.<br /><br /><span style='color:orange'><b>Wiktionary</b> </span><br /><a href='http://en.wikipedia.org/wiki/Wiktionary' target='_blank'>http://en.wikipedia.org/wiki/Wiktionary</a><br />Wiktionary is a sister project to <a href='http://en.wikipedia.org/wiki/Wikipedia' target='_blank'><span style='color:blue'>Wikipedia</span></a> intended to be a free wiki dictionary (including thesaurus and lexicon) in every language. <br />Wiktionary serves to:<br /><li>explain the meanings of words, terms and abbreviations <br /><li>act as a thesaurus by showing synonyms <br /><li>translate words from one language to another. <br /><br /><span style='color:orange'><b>TechEncyclopedia</b> </span>More than 20,000 IT terms <a href='http://www.techweb.com/encyclopedia/' target='_blank'>http://www.techweb.com/encyclopedia/</a><br />TechWeb – The Business Technology Network is a publication of CMP United Business Media<br /><br /><b><span style='color:blue'>Contributors:</span></b> <br />WB8TYW (aka John)<br />Wazoo<br />turetzsr (aka Steve T)<br />StevenUnderwood (aka Steven P. Underwood, DNRC)<br />Miss Betsy<br />Lking<br />Larry Kilgallen (ng member)<br />Jeff G.<br />Jank1887<br />dbiel<br /><br />(ng = SpamCop news groups. web addresses: <a href='http://news.spamcop.net' target='_blank'><span style='color:blue'>news.spamcop.net</span></a><br /><br />Note: additions, corrections

Link to comment
Share on other sites

I regret to inform you that while working with the glossary, the lower portion of the glossary some how got deleted.  Did not notice it until I scrolled down to the end and found it missing.  Unfortunately my backups are not as current as they should be, some of the information will have to be recreated, specificly the refereces to additional resources.

37543[/snapback]

:wub::wub::wub: Thank you Jeff G. You are a life saver!!!!!!! :wub::wub::wub:

Your back up contains the portion that got lost.

The other changes that are not in your backup were retained in the original post, so it will be a simple matter of piecing all the pieces back together again after we decide which approach to take.

Thank you again!!!!!!!!!!!!!!!!!!!!!

:wub::wub::wub::wub::wub::wub:

Link to comment
Share on other sites

Thanks to Jeff G. life saving backup, the Glossary is usable.

I will be reworking it due to syntax differences between the backup and the original.

I have rethought the approach to be taken after linking the two sections together, it will allow for easier expansion if needed at a later date.

The new glossary will be broken into two sections, a front half and a back half.

Link to comment
Share on other sites

Thanks to Jeff G. forsight, the Glossary is now back and fully functional.

It is broken up into two parts with the split being between the letters O and P

Thanks again Jeff for your assistance.

Link to comment
Share on other sites

Suggested replacement:

/dev/null'ing

Sending something nowhere. SpamCop's parser sends a pseudo-Report to user#domain[at]devnull.spamcop.net (this is a pseudo-Report because it doesn't go anywhere, but it does get recorded in the statistics and can help keep an SCBL listing alive) when it doesn't want to send a Report to user[at]domain for some reason. Reasons include bouncing of previous Reports that were sent to user[at]domain, as well as SpamCop Deputy and SpamCop Admin intervention due to listwashing, ROKSO listing, obviously ignoring reports, passing reports to inappropriate places, etc.

The derivation of this term is the Unix Null Device /dev/null. Other terms for the same concept include vaporization, deletion, and sending something to a data sink, bit bucket, DOS's NUL:, trash can, or round file. For more info, please see Steps taken by the parser and Ellen's description of why Reports are turned off.

Moderator edit: added copy of original post below for archive records

/dev/null'ing

The act of vaporizing a file (sending it to the Unix null device, used as a data sink, or "bit bucket")

SpamCop uses email addresses addressed to xxxx[at]devnull.spamcop.net to discard messages that have been generated after they have been statically recorded where the intended recipient has historically bounced similar messages or has requested that they no longer be sent.

for more information see http://forum.spamcop.net/forums/index.php?showtopic=4430

Link to comment
Share on other sites

the Glossary is now back and fully functional.

It is broken up into two parts with the split being between the letters O and P

37557[/snapback]

Actually, it was only fully functional for people showing more than 22 Posts per page like dbiel. I have corrected for that by copying the second part to Linear Post #3 so that the links work for the default configuration of 15 Posts per page.
Link to comment
Share on other sites

Actually, it was only fully functional for people showing more than 22 Posts per page like dbiel.  I have corrected for that by copying the second part to Linear Post #3 so that the links work for the default configuration of 15 Posts per page.

37600[/snapback]

Thanks Jeff for finding and fixing that problem.

Did you save the data from post#3 or discard it? Since it was only housekeeping data it is no big loss if it was discarded.

Thank you again.

PS I have deleted the duplicate post that you used to copy the data from.

Link to comment
Share on other sites

Suggested replacement:

<a name="devnulling"></a>/dev/null'ing

Sending something nowhere.  SpamCop discards messages sent to devnull after they have been recorded in the SpamCop Blocklist statistics. The reasons that a report may be sent to devnull include bouncing of previous Reports that were sent to user[at]domain, ISP request that reports not be sent to that address, SpamCop Deputy and SpamCop Admin intervention due to listwashing, ROKSO listing, passing reports to inappropriate places, etc.

The derivation of this term is the Unix Null Device /dev/null.  Other terms for the same concept include vaporization, deletion, and sending something to a data sink, bit bucket, DOS's NUL:, trash can, or round file.  For more info, please see Steps taken by the parser and Ellen's description of why Reports are turned off.

37597[/snapback]

Link to comment
Share on other sites

Thanks Jeff for finding and fixing that problem.

37602[/snapback]

You're welcome.
Did you save the data from post#3 or discard it?  Since it was only housekeeping data it is no big loss if it was discarded.

Thank you again.

PS I have deleted the duplicate post that you used to copy the data from.

37602[/snapback]

Thanks. I left the original data from Linear Post #3 at the bottom of that Post as follows:
[Note from Jeff G.: the following is the original contents of this Post.]

The following have been merged into master glossary and all development posts merged into SpamCop Glossary Archive, Historical record of changes and posts:

Jargon

RTFF

RTFM

spam

I agree that the original data is not necessary any longer, but I do try not to deliberately delete/discard anyone else's stuff. :)
Link to comment
Share on other sites

December 12,2005 developement posts have been moved to the archives.

December 10,2005

The following have been merged/added into master glossary

IP

Acronyms & Text Messaging Shorthand

URI

URL

URN

Bit Bucket

BOFH

Cartooney

tinw

Note: developement posts will be moved to the archives as soon as I am able to work around the current post selection bug.

November 11, 2005

The following have been merged into master glossary and all development posts merged into SpamCop Glossary Archive, Historical record of changes and posts:

Jargon

RTFF

RTFM

spam

Link to comment
Share on other sites

...Did you forget something (like, the point you wanted to make about the text you were quoting)? Obviously, because you are a female and a volunteer, something went wrong with this post. :D <big g>

37651[/snapback]

I believe the point was simply of changing the name of recorded.

If you notice, the quote and jump back link is to/from a post by Jeff G. but the quote header has been changed to read

"QUOTE(Miss Betsy [at] Dec 12 2005)"

with a implied reference back to her topic in another forum

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.

×
×
  • Create New...