Is SC having a breakdown?

Ex_Brit · November 23, 2004

Ellen, it does appear that at least that "Mailto" thing is definitely not a SC problem, but as to the number of bounces, well that's anyone's guess. Incredimail is interpreting emails differently, at least as far as the "title=mailto" issue is concerned. The first example is Incredimail, the second is the same spam report in OE6 (Sorry SC, I had to report the same spam twice to test this..first from "Held Mail" the second from the same item in "Trash" at SC mail).

Processing spam: From: tcbeid[at]hushmail.com

Subject: render traffic cameras useless!

0: Received: from unknown (192.168.1.103) by blade1.cesmail.net with QMQP; 23 Nov 2004 09:42:59 -0000

Internal handoff at SpamCop

1: Received: from unknown (HELO 216.154.195.53) (218.19.7.234) by mailgate2.cesmail.net with SMTP; 23 Nov 2004 09:42:57 -0000

No unique hostname found for source: 218.19.7.234

SpamCop received mail from sending system 218.19.7.234

2: Received: from bluebill661.cusp.tcbeid[at]hushmail.com (eligible569.tcbeid[at]hushmail.com [218.19.7.234]) by smtp-stafford.straightway.tcbeid[at]hushmail.com (Postfix) with SMTP id 43TPT104O0O for <r2d2[at]cesmail.net>; Tue, 23 Nov 2004 22:44:35 -0200

No unique hostname found for source: 218.19.7.234

warning:Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust anything beyond this header

Tracking message source:218.19.7.234: Cached whois for 218.19.7.234 : ipadm[at]gddc.com.cn abuse[at]gddc.com.cn anti-spam[at]ns.chinanet.cn.net hostmaster[at]ns.chinanet.cn.net

Using abuse net on abuse[at]gddc.com.cn

ctsummary[at]special.abuse.net, abuse[at]gddc.com.cn," title="mailto:abuse net gddc.com.cn = ctsummary[at]special.abuse.net, abuse[at]gddc.com.cn,">abuse net gddc.com.cn = ctsummary[at]special.abuse.net, abuse[at]gddc.com.cn, anti-spam[at]ns.chinanet.cn.net

abuse net chinanet.cn.net = anti-spam[at]chinanet.cn.net, ctsummary[at]special.abuse.net, postmaster[at]chinanet.cn.net

Using best contacts ctsummary[at]special.abuse.net abuse[at]gddc.com.cn" title="mailto:abuse.net" title="mailto:ctsummary[at]special.abuse.net">ctsummary[at]special.abuse.net abuse[at]gddc.com.cn">abuse.net" title="mailto:ctsummary[at]special.abuse.net">ctsummary[at]special.abuse.net abuse[at]gddc.com.cn anti-spam[at]ns.chinanet.cn.net

ctsummary[at]special.abuse.net redirects to ct-abuse[at]sprint.net

ct-abuse[at]sprint.net redirects to ct-abuse[at]abuse.sprint.net" title="mailto:ct-abuse[at]sprint.net" title="mailto:ct-abuse[at]sprint.net">ct-abuse[at]sprint.net redirects to ct-abuse[at]abuse.sprint.net">mailto:ct-abuse[at]sprint.net" title="mailto:ct-abuse[at]sprint.net">ct-abuse[at]sprint.net redirects to ct-abuse[at]abuse.sprint.net

abuse[at]gddc.com.cn bounces (19 sent : 10 bounces)

warning:Using abuse#gddc.com.cn[at]devnull.spamcop.net for statistical tracking. anti-spam[at]ns.chinanet.cn.net bounces (102 sent : 23203 bounces)

warning:Using anti-spam#ns.chinanet.cn.net[at]devnull.spamcop.net for statistical tracking. warning:Yum, this spam is fresh! Message is 1 hours old

218.19.7.234 not listed in dnsbl.njabl.org

218.19.7.234 not listed in cbl.abuseat.org

218.19.7.234 listed in dnsbl.sorbs.net ( 127.0.0.10 )

/dev/null'ing report for anti-spam#ns.chinanet.cn.net[at]devnull.spamcop.net

spam report id 1297736844 sent to: ct-abuse[at]abuse.sprint.net

/dev/null'ing report for abuse#gddc.com.cn[at]devnull.spamcop.net

May be saved for future reference:

http://www.spamcop.net/sc?id=z695609148zcb...3f62f52aa37de8z

************************************************************

Processing spam: From: tcbeid[at]hushmail.com

Subject: render traffic cameras useless!

0: Received: from unknown (192.168.1.103) by blade1.cesmail.net with QMQP; 23 Nov 2004 09:42:59 -0000

Internal handoff at SpamCop

1: Received: from unknown (HELO 216.154.195.53) (218.19.7.234) by mailgate2.cesmail.net with SMTP; 23 Nov 2004 09:42:57 -0000

No unique hostname found for source: 218.19.7.234

SpamCop received mail from sending system 218.19.7.234

2: Received: from bluebill661.cusp.tcbeid[at]hushmail.com (eligible569.tcbeid[at]hushmail.com [218.19.7.234]) by smtp-stafford.straightway.tcbeid[at]hushmail.com (Postfix) with SMTP id 43TPT104O0O for <r2d2[at]cesmail.net>; Tue, 23 Nov 2004 22:44:35 -0200

No unique hostname found for source: 218.19.7.234

warning:Possible forgery. Supposed receiving system not associated with any of your mailhosts Will not trust anything beyond this header

Tracking message source:218.19.7.234: Cached whois for 218.19.7.234 : ipadm[at]gddc.com.cn abuse[at]gddc.com.cn anti-spam[at]ns.chinanet.cn.net hostmaster[at]ns.chinanet.cn.net

Using abuse net on abuse[at]gddc.com.cn

abuse net gddc.com.cn = ctsummary[at]special.abuse.net, abuse[at]gddc.com.cn, anti-spam[at]ns.chinanet.cn.net

abuse net chinanet.cn.net = anti-spam[at]chinanet.cn.net, ctsummary[at]special.abuse.net, postmaster[at]chinanet.cn.net

Using best contacts ctsummary[at]special.abuse.net abuse[at]gddc.com.cn anti-spam[at]ns.chinanet.cn.net

ctsummary[at]special.abuse.net redirects to ct-abuse[at]sprint.net

ct-abuse[at]sprint.net redirects to ct-abuse[at]abuse.sprint.net

abuse[at]gddc.com.cn bounces (19 sent : 10 bounces)

warning:Using abuse#gddc.com.cn[at]devnull.spamcop.net for statistical tracking. anti-spam[at]ns.chinanet.cn.net bounces (102 sent : 23203 bounces)

warning:Using anti-spam#ns.chinanet.cn.net[at]devnull.spamcop.net for statistical tracking. warning:Yum, this spam is fresh! Message is 1 hours old

218.19.7.234 not listed in dnsbl.njabl.org

218.19.7.234 not listed in cbl.abuseat.org

218.19.7.234 listed in dnsbl.sorbs.net ( 127.0.0.10 )

/dev/null'ing report for anti-spam#ns.chinanet.cn.net[at]devnull.spamcop.net

spam report id 1297713429 sent to: ct-abuse[at]abuse.sprint.net

/dev/null'ing report for abuse#gddc.com.cn[at]devnull.spamcop.net

May be saved for future reference:

http://www.spamcop.net/sc?id=z695593421zf8...aaf3fabce04914z

I think it's time we put this one to bed! :blink: :lol:

Wazoo · November 23, 2004

Crazy, in that using the provided Tracking URL to take a look at your "special" parser output, once again, the "problem" isn't seen on this display. Yep, it does seem to finally boil down to some certain "activation" caused by some character sequence in your e-amil app. Not that's it's a solution, but .... thanks for hanging in there and at least getting to this point.

Ex_Brit · November 23, 2004

Crazy, in that using the provided Tracking URL to take a look at your "special" parser output, once again, the "problem" isn't seen on this display. Yep, it does seem to finally boil down to some certain "activation" caused by some character sequence in your e-amil app. Not that's it's a solution, but .... thanks for hanging in there and at least getting to this point.

20465[/snapback]

Thanks Wazoo. It's been interesting at least.

Ellen · November 26, 2004

Ellen, it does appear that at least that "Mailto" thing is definitely not a SC problem, but as to the number of bounces, well that's anyone's guess. Incredimail is interpreting emails differently, at least as far as the "title=mailto" issue is concerned. The first example is Incredimail, the second is the same spam report in OE6 (Sorry SC, I had to report the same spam twice to test this..first from "Held Mail" the second from the same item in "Trash" at SC mail).
<snip>

I think it's time we put this one to bed!

20461[/snapback]

Hrmmm it looks like incredimail is somehow trying to reverse engineer the plain text message into some html'ish format -- how peculiar. Thanks for persevering with this, at least we now know (more or less) what is happening. So if you go back to using incredimail you can just eyeball around all the strange stuff :-)

Sign In

Is SC having a breakdown?

Recommended Posts

Ex_Brit

Link to comment

Share on other sites

Wazoo

Link to comment

Share on other sites

Ex_Brit

Link to comment

Share on other sites

Ellen

Link to comment

Share on other sites

Archived

Browse

Activity