MIG Posted January 16, 2019 Share Posted January 16, 2019 Does anyone know if, we post to v5 parser, entire source data or modified source data?🤔 Cheers. Link to comment Share on other sites More sharing options...
Lking Posted January 16, 2019 Share Posted January 16, 2019 With changes, I would suggest submitting unmodified data to see how the new parser works. Without new examples there is no way how it works. Link to comment Share on other sites More sharing options...
MIG Posted January 16, 2019 Author Share Posted January 16, 2019 1 hour ago, Lking said: With changes, I would suggest submitting unmodified data to see how the new parser works. Without new examples there is no way how it works. Hello Lking, thanks for replying. I have submitted both modified & unmodified data, end result, different, hence my question. I've asked this question on other's posts, provided examples, no-one responded, hence this post - leading me to cogitate, which method is more accurate, more likely to produce the best outcome, i.e, get notifications sent to those responsible that will really pay attention & take action? No modified source data, i.e 1st {Received) not removed: https://www.spamcop.net/sc?id=z6513927819z5a333033d60c15fe7dcbe967cc9c5977z Modified source data, i.e 1st {Received) removed: https://www.spamcop.net/sc?id=z6513928242zd136d1f1635704ba07e5ae7794f427e6z & a v5 general ?, do you know if there's any available v5 information/changes faq available please? If so where? Please! Link to comment Share on other sites More sharing options...
RobiBue Posted January 17, 2019 Share Posted January 17, 2019 5 hours ago, MIG said: Hello Lking, thanks for replying. I have submitted both modified & unmodified data, end result, different, hence my question. I've asked this question on other's posts, provided examples, no-one responded, hence this post - leading me to cogitate, which method is more accurate, more likely to produce the best outcome, i.e, get notifications sent to those responsible that will really pay attention & take action? No modified source data, i.e 1st {Received) not removed: https://www.spamcop.net/sc?id=z6513927819z5a333033d60c15fe7dcbe967cc9c5977z Modified source data, i.e 1st {Received) removed: https://www.spamcop.net/sc?id=z6513928242zd136d1f1635704ba07e5ae7794f427e6z & a v5 general ?, do you know if there's any available v5 information/changes faq available please? If so where? Please! I do wish as well, that parser changes could/would be posted, but that's up to Cisco/Talos to decide if a changelog or list of fixes wouldn't compromise their secrecy in security and vulnerability holes that they want to keep hidden from us mere mortals. That said/vented, see my latest post here: Link to comment Share on other sites More sharing options...
MIG Posted January 17, 2019 Author Share Posted January 17, 2019 3 hours ago, RobiBue said: I do wish as well, that parser changes could/would be posted, but that's up to Cisco/Talos to decide if a changelog or list of fixes wouldn't compromise their secrecy in security and vulnerability holes that they want to keep hidden from us mere mortals. Hi RobiBue, I was thinking the exact same thing earlier today! It's a valid reason for keeping mum 3 hours ago, RobiBue said: That said/vented, see my latest post here: & your rationale/explanation provided on klappa's "Something wrong with Outlook reporting" post is deadly, as in perfect! Thanks Link to comment Share on other sites More sharing options...
Lking Posted January 17, 2019 Share Posted January 17, 2019 13 hours ago, RobiBue said: list of fixes wouldn't compromise their secrecy in security and vulnerability holes that they want to keep hidden from us mere mortals. Not sure "Us mere mortals" is the issue. It is all the spammers and trolls of this forum that would be the issue. They do seem to find the holes well enough with out a menu. Link to comment Share on other sites More sharing options...
petzl Posted January 17, 2019 Share Posted January 17, 2019 If SpamCop can't parse do it yourself. Look for lineAuthentication-Results: spf=none (sender IP is 209.85.128.68) ANDReturn-Path: noreply.kimcilkempolenkentunenggerdukaroboyoanyaran3@buahdalamdada.me Received: from ubuntu-s-1vcpu-1gb-fra1-01 ([68.183.75.255]) So forward as attachment to network-abuse[AT]google.com All you put in forwarded message is Received 209.85.128.68 network-abuse[AT]google.com Source 68.183.75.255 abuse[AT]digitalocean.com digitalocean.com are known ratbags so also use their abuse page https://www.digitalocean.com/company/contact/#abuse Link to comment Share on other sites More sharing options...
MIG Posted January 18, 2019 Author Share Posted January 18, 2019 9 hours ago, petzl said: If SpamCop can't parse do it yourself. Look for lineAuthentication-Results: spf=none (sender IP is 209.85.128.68) ANDReturn-Path: noreply.kimcilkempolenkentunenggerdukaroboyoanyaran3@buahdalamdada.me Received: from ubuntu-s-1vcpu-1gb-fra1-01 ([68.183.75.255]) So forward as attachment to network-abuse[AT]google.com All you put in forwarded message is Received 209.85.128.68 network-abuse[AT]google.com Source 68.183.75.255 abuse[AT]digitalocean.com digitalocean.com are known ratbags so also use their abuse page https://www.digitalocean.com/company/contact/#abuse Thanks Petzel, Outlook.live mail cannot be forwarded as an attachment. It's not that SC can't parse the spam: with v5, my query was "do we still keep modifying/removing 1st "received" line, & the answer, from SCA & SCF is "yes". Link to comment Share on other sites More sharing options...
ANGEL Posted January 19, 2019 Share Posted January 19, 2019 On 1/18/2019 at 4:38 AM, Lking said: Not sure "Us mere mortals" is the issue. It is all the spammers and trolls of this forum that would be the issue. They do seem to find the holes well enough with out a menu. What's new in v5? The important stuff, a full suite of emojis,😀 yeah!!! Link to comment Share on other sites More sharing options...
lisati Posted January 22, 2019 Share Posted January 22, 2019 With the upgrade, I've noticed that the parser is coping better for processing spam arriving at gmail. For a while, I've had to perform an edit similar to that required for Outlook/Hotmail, and this now eems to be unnecessary. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.