Spam pirate shut down my site

[healthdude]

My isp cihost.com shut down my site because a spammer pirated one of my pictures to save bandwidth. Does this happen all the time. cihost.com said they shut me down because spamcop sent them an email. Does anybody at spamcop analyze emails to determine where they originated, and to avoid reporting as spam sites that have been abused by the spammer. My site was shut down for doing nothing. I am happy to give a copy of the spam email and my site, but do not know if this is the appropriate channel, and couldn't find another place to post. I am sure isp's are shutting down lots of legitamate business's like my own because spam is not getting analyzed for pirated pictures, and pirating of return email adresses. Any help on this topic would be appreciated, plus how to clear my site's name would also be helpful. I am writing to hopefully save other legitamate sites from getting shut down from pirated pictures and emails, that the average person thinks is the spammer themselves. Thanks for any and all feedback. Let's learn how to fight spam without damaging legitamate business web sites. take care.

Doug

[Wazoo]

No, what you describe does not happen all the time. For instance, the SpamCop parsing tool does not go after "image" files / references / links. So just reading your first data set says that something is wrong.

Seconf item, evenif "we" were to take a wild guess that perhaps some spam reporter somehow added your ISP as an additional complaint target, it should have been apparent to your ISP what the real situation was.

The SpamCop tol does in fact track down the origins of an e-amil. This is exactly what it was designed to do. As far as analyzing the specific results, that is an item left to the spam reporter ... again, the SpamCop tool is just that, a tool. In fact, if a reporter is found to have done a major screwup, that user can be fined if a paying member, banned if a free user.

Yes, if you wanted any type of help / support / whatever, you would surely have to offer up some data for someone to take a look at. Particularly interesting is that you start by talking of stolen bandwidth but later on toss in return e-mail addresses ... those two items aren't in the same ball park ... further compounded by the fact that you posted this into an E-Mail support Forum .... again, if the issue was stolen bandwidth by a reference to an image, why did you choose this specific Forum and only add "e-mail" as a little tidbit in the trouble report?

[Jeff G.]

Moved due to content. Yes, evidence would be nice.

[john1000]

well i also had a bad expierience with spamcop about the "analyze emails "

a person signed up at my site and in the first week of his membership a mailing was send.

i never send any mailings cause thats not that funny with almost 2000 members.

it was just updated site info .

3 days later ive got a call from my host ,they received a mail from spamcop with the complaint.

iv also got the copy ,funny about that was that i could see in the header who did the complaint.

indeed ...that new member i mentioned.

so was it spam.....?...NO !

Was i allowed to send ....?...YES

Why is that...?

cause thats the rule on signup and its stated in the mail also.

So did spamcop checked....?....NO !

So i maild them back to say thanks for the bad work they did and if they realise that they were abused.

Never got a response...

[Wazoo]

If I'm understanding what you said, rather than a "thank you for the bad work" e-mail .... what you should have sent was the evidence that this "new user" had in fact "signed up" with your site, evidene that this sign-up did authorize you to send e-mail to this person, and evidence that the e-mail itself was not spam ....

at that point, your "new user" would have had some action taken against them by the powers that be in the SpamCop Admin for a false report. This ranges from a fine to an outright ban.

The catch is of course is that we're also making the assumption that there is no way someone can sign someone else up at your site.

[john1000]

well im not the bad person on this.

an example...

getting mails about xxxx enlargement 10 times a day is pure spam,getting a mail about some changes on the site isnt spam.

That the mail is send is written at the bottom of the mail.

And that they can stop receiving mail by terminating their account.

Point is,spamcop never verified if it was spam,that was the problem.

And i did maild the whole stuff back to spamcop,including the mail stuff...the whole package.

So you asumed i didnt but i did send it cause i was pissed off that they let them selfs be used like that,and more important....if my host thought this was more serious he would have ( maybe ) taken my website offline !

And for what ?

[Wazoo]

No, I made no assumptions .. and I did start with "if I understand what you said"

What I keyed on and you just repeated was that you sent off an angry e-mail while you were very angry .. so to me there was a possibility that the needed data may not have been included in the angry rant ...

SpamCop is not the final judge on "is it spam" ... that's part of the agreement bwteen SpamCop and a user .. SpamCop is only a tool that performs some analysis on tracking down the source .. again, it's up to that user to make ths decision to actually Send: the reports. Youll see many instances reported of people getting hemselves placed on a block list because they reported themselves.

This where the fine / ban comes into play.

That your ISP saw that it was a bad report says good thing about your ISP.

But, I'll point out one statement that you didn't answer ... can someone sign someone else up at your site? Another possibility, someone wanted to sign up, but mis-typed their address? This is a possibility, in that who received and then complaigned about the specific e-mail may not actually have been the person that went to your site and pluuged in their e-mail address.

[john1000]

well im sure no mistakes are made,im running a phpnuke site and you cant just signup.

everybody is checked before,and after that approved,or denied.

the denied reason is mostly because of email addresses they use.

ive learned my lesson on this,no mails are send any more so that should rule out any danger from fake complaints to undermine my site.

im using the best tools around to check out the person behind spam and report everyone of them.

But is it a fair fight ?

How do you blacklist comcast ?

a large company like that ?

The law is weird,unfair,lazy and has to many black and grey areas.

[Wazoo]

How do you blacklist comcast ?

if you have access to your mail server, there are many blocking lists available ... there was just some disussion over in one of the SpamCop newsgroups about someone seeing that SPEWS had just expanded the range of blocked ComCast IP addresses ...

[john1000]

ha...ha...nice Wazoo but i wasnt talking about me blocking comcast cause i cant.

i get about 20 spammails a week from comcast clients,so im just wondering...since there are thousands more like myself.......how is it possible that comcast is still doing business ?

Well im waiting for some money that should be added to my paypal account and then i go for the spamcop paid stuff,i dont know why but perhaps i get smarter after that.

[Wazoo]

Ok, it was just a shot as far as your contorl <g>

i get about 20 spammails a week from comcast clients,so im just wondering...since there are thousands more like myself.......how is it possible that comcast is still doing business ?

because they've got millions of customers?

Recalling a period last fall when their Abuse and Postmaster accounts were bouncing mail due to a "mail box is full", and the message seemed to indicate that the abuse mailbox alone was over 9Gig worth of data ... so there were probably just a few more than the "thousand like us" that were trying to get someone's attention there <g>

[john1000]

wauw....must be some host...well just disconnect all their servers and 30% of all spam is gone.

or....ban the users from getting an internet connection.

im still busy mailing,ive got a spammer kicked out last week....that was fun.

but i wasnt the first who complained so he had it coming...

any tricks i should know...?

[AlphaCentauri]

It's true that spamcop looks for links, not images. But spammers may link to legitimate sites, either because they are advertising a product and wish to make it appear that they are a legitimate vendor (even if they are selling knock-offs) or as part of phishing in order to make their own link appear to be part of a legitimate organization like the government, a credit card company, or a bank.

Also, I have been getting spams recently that have many, many links in them. Each entire link begins and ends =between= two letters of a word in the message. So in the displayed message, there is nothing to click on, but in the raw code there appear to be lots of links. They are just random words the spammer turned into fake URL's, but he accidentally included some real URL's.

When I get those spams, instead of forwarding them, I copy and paste into the spamcop website window, then edit out the fake links before submitting (just unchecking the boxes didn't work; the spams were too long and the real link was so far down in the spams that spamcop discarded it with half the fake links). But I imagine a lot of people didn't look that closely and just submitted it with the fake links checked off.

Again, an ISP should be able to see that the site reported is not really being advertised (since there will be no highlighted text to click on a link).

But some ISP's seem to leave these functions to less skilled personnel. I tried reporting a virus-laden email to its source recently, and the ISP's rep tried to convince me it wasn't their problem because the (spoofed) return address was another ISP -- not recognizing his own IP number in the received-from line.