oldskoolflash Posted February 2, 2005 Share Posted February 2, 2005 Good morning all - I have been using spamcop for some time now and it is an excellent tool. As this is my first post, I would like to offer my gratitude to all those involved in the fight to reduce spam. I have been receiving 4-5 e-mails a day (presumably from the same spammer) originating from sina.com (a chinese network). Spamcop has pharsed the messages and used the address cfc_dcy[at]sina.com as the reporting address for the administrator hosting the website. I have not had one response to my reports, (automated or human) so I e-mailed the comments and suggestions address on the sina.com website (english[at]staff.sina.com.cn) and listed the specific sites being hosted. Frustratingly, I have not had a reply from them either and I am still getting numerous spam messages every day. Is there anything else I can do? Thank you. Link to comment Share on other sites More sharing options...
oldskoolflash Posted February 2, 2005 Author Share Posted February 2, 2005 BTW listed below is the Parsing result for a recent spam e-mail. Parsing input: http://m3d2u.com/2/?wid=200007 host m3d2u.com (checking ip) = 211.144.162.60 host 211.144.162.60 (getting name) no name Routing details for 211.144.162.60 [refresh/show] Cached whois for 211.144.162.60 : cfc_dcy[at]sina.com Using last resort contacts cfc_dcy[at]sina.com Statistics: 211.144.162.60 not listed in bl.spamcop.net More Information.. 211.144.162.60 not listed in dnsbl.njabl.org 211.144.162.60 not listed in dnsbl.njabl.org 211.144.162.60 not listed in cbl.abuseat.org 211.144.162.60 listed in dnsbl.sorbs.net ( 127.0.0.6 ) 211.144.162.60 not listed in relays.ordb.org. Reporting addresses: cfc_dcy[at]sina.com Link to comment Share on other sites More sharing options...
Miss Betsy Posted February 2, 2005 Share Posted February 2, 2005 Frustratingly, I have not had a reply from them either and I am still getting numerous spam messages every day. Is there anything else I can do? Get a good filter to filter them out so they aren't in your inbox and report them every day so they stay on the spamcop blocklist so that those who use the blocklist for filtering do not see them either. Eventually, the chinese admin will realize that being on blocklists is not a good idea and is costing him more money than he is getting from the spammers. Or maybe he won't, but those using blocklists won't be bothered. Miss Betsy Link to comment Share on other sites More sharing options...
oldskoolflash Posted February 2, 2005 Author Share Posted February 2, 2005 Thanks for your reply miss Betsy - I am already using a filter so the messages do not hit my inbox, it's just annoying when you report the spam and take the time to write e-mails and do not even get a reply from the isp! Mind you, after browsing this board it seems as though this is not uncommon and there are many unscrupulous isp's out there. Link to comment Share on other sites More sharing options...
Merlyn Posted February 2, 2005 Share Posted February 2, 2005 What do ya think about taking the time to forward them to the Chinese Embasy every time you received one. Make sure you are asking them for assistance and include the spam. Link to comment Share on other sites More sharing options...
petzl Posted February 3, 2005 Share Posted February 3, 2005 I also get a lot of spamvertised web site which spamcop sends to cfc_dcy<AT>sina.com When I do check those web sites shortly after, they are down (seems they do respond?) Try SpamDeputy (Click right mouse button and save to folder) which is a VERY good Windows tool for puting headers into and it then will often give alternate abuse addresseses (although not as good as SpamCop) It can do much much more like validate email addresses as well as website Link to comment Share on other sites More sharing options...
oldskoolflash Posted February 3, 2005 Author Share Posted February 3, 2005 Petzl - up until now I haven't bothered checking to see if the spamvertised websites are still in existance (don't like to give them the satisfaction of a hit). After you mentioned that sina remove the ofending sites quickly, I thought I would check some of the sites I have reported - As you said; most, but not all, are now down which would suggest that they are doing something, It's just a bit odd that they don't respond to polite communication? BTW thanks to all for your kind replies and suggestions PS - Slightly off-topic, but would I be right in saying that a spammer can code the link to their website so that they know which (unlucky) individual responds? i.e they link your e-mail to a page in their domain? Link to comment Share on other sites More sharing options...
Wazoo Posted February 3, 2005 Share Posted February 3, 2005 PS - Slightly off-topic, but would I be right in saying that a spammer can code the link to their website so that they know which (unlucky) individual responds? i.e they link your e-mail to a page in their domain? 1. The "net" works by controlling traffic to/from IP addresses. (see the FAQ here which contains a link to a Glossary started, which also has links to go elsewhere for more research) .. what data content, form, construct is 'shaped' by protocol ... 2. HTTP (Hyper-Text Transfer Protocol) is the magic behind clicking on a link and having your browser take you to another place. All kinds of data is being transferred to accomplish this magic. 3. There is a minimum of data needed for your computer to ask and the other computer to send the data needed to paint the web page on your screen. Most ISPs have some kind of logging going on so that things can be diagnosed, looked up, pin-pointed, etc. Most web-sites have some kind of logging gong on for some of those same reasons. 4. If spammer wants, he/she could send 100 spams to comcast accounts .. then take a look and see how many comcast users clicked on the link (again, based on looking at the IP addresses within the logs. 5. If one wants to get fancier, one could tailor specific web pages (and links) and see who hits what page. 6. Or as you query, append a bit of code to the URL, which is also passed in the handshaking, thus placed within the logs .... this goes back to understanding HTML, reading what's behind the displayed items, and thinking before you click. For example; http://www.spamcop.net looks like and is a straight up URL http://www.spamcop.net/76cbgrhfyu8 is a page that doesn't exist (I hope) ... but a straight up attempted connected would throw up an error at the receiving site (usually captured in an error log file) and giving you a 404 - web page not found display .. or this data might feed a piece of scri_pt that ends up telling your browser to go to another web page, again, all this is / can be captured in log files. More to what you asking is the passing of variables within the URL, such as .. (having to screw it up a bit so this application will let you 'see' it..) ht tp: // wwwspamcop.net?id$=idiotthatclicksthings [at] invalid.com usually actually written as; invalid.com]www.spamcop.net ...... notice what you "see" in this posting as compared to what you (should) see when you roll the mouse over this link and check what should be showing up somewhere in your browser that shows the "real" target ... (and noting that there are known exploits for this also ..) Now that we've given you and a host of idiot newbie / wannabe spammers a bit of education ...??? next question? <g> Link to comment Share on other sites More sharing options...
oldskoolflash Posted February 3, 2005 Author Share Posted February 3, 2005 Wazoo - many thanks for your reply. As you probably guessed, my knowledge of HTML is limited. It is interesing that my suspicions about the links were right, I suppose I was taking the correct action by just simply not visiting the offending websites in the first place! Thanks again for your detailed reply, i need to read it a few more times, but hopefully I'll learn something new Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.