axxx007 Posted April 9, 2005 Posted April 9, 2005 Is it me, or is anyone else getting really irritated with not only recieving spam, but with recieving spam that is upwatds of 290kb per message!!!
DavidT Posted April 9, 2005 Posted April 9, 2005 The spam in my Held Mail folder usually runs from about 1.5K to 20K...once in a while, one will go over the 50K SC parser limit, but it's very rare. Perhaps you could post a Tracking URL on one of those? DT
Wazoo Posted April 9, 2005 Posted April 9, 2005 Does it help if I describe your 290k spew as; A couple of lines of text, a URL, and a graphic? Actual spam is a three section HTML job, a plain text advertising rexr section, the URL being a Base-64 encoded java scri_pt routine to stich together the URL for display, and then the included graphic. Sources seem to be the never-ending pool of compromised end-user systems, either cable or DSL connections. I must say, apparently no discrimination involved either, IPs are from all around the world. That there were 6 of these in one account a few days ago from ComCast IP blocks that lead to another post elsewhere that only the first (manual*) complaint made it through, the remainder getting a bounced/rejected message due to the "abuse" InBox being "full" was probably just a coincidence <g> No, I'd have to say you were just special in receiving spam like these <g> * Manual because the SpamCop parser doesn't do the java scri_pt decoding, as a free reporter, I can't add complaint targets, and have noted that some of the complaint targets are those self-same idiotic ISPs that "refuse" SpamCop reports .....
axxx007 Posted April 10, 2005 Author Posted April 10, 2005 Thanks for this info....it is useful. No, I'd have to say you were just special in receiving spam like these <g> I am special I do appreciate the info. I just find it hard to think that these huge spams are going about....the wasted bandwidth!!
glang1@hotmail.com Posted April 12, 2005 Posted April 12, 2005 Recently I have been getting spams that have base64 encoded attachments with the Spamvertized website URL scripted in such a fashion that SpamCop is NOT able to parse it. I have added an decoded example. <HTML><HEAD> <scri_pt LANGUAGE="java scri_pt"><!-- var a= "http://" var b= "www." var c= "ext" var d= "reme" var e= "di" var f= "etnet." var g= "com" var h= a+b+c+d+e+f+g function redirect () { setTimeout("go_now()",1000); } function go_now () { window.location.href = h; } //--></scri_pt> </HEAD> <BODY onLoad="redirect()"> <H1>Please stand by.. Loading Your Herbal PenisEnlarge Website</H1> <BR> *****Welcome***** </BODY></HTML> How is it best to report this type of spam so the URL gets reported?
StevenUnderwood Posted April 12, 2005 Posted April 12, 2005 hotmail.com,Apr 12 2005, 04:00 PM]Recently I have been getting spams that have base64 encoded attachments with the Spamvertized website URL scripted in such a fashion that SpamCop is NOT able to parse it. I have added an decoded example. How is it best to report this type of spam so the URL gets reported? 26467[/snapback] Since spamcop will not touch java scri_pt, the best way would be to manually LART it. Spamcop comes up with: Reporting addresses: network[at]hljtele.com postmaster[at]hljtele.com
Wazoo Posted April 12, 2005 Posted April 12, 2005 glang1's posting was merged into this Topic as it's the same spam being talked about.
glang1@hotmail.com Posted April 13, 2005 Posted April 13, 2005 Since spamcop will not touch java scri_pt, the best way would be to manually LART it. Spamcop comes up with: Reporting addresses: network[at]hljtele.com postmaster[at]hljtele.com 26469[/snapback] Thanks Steven. It is a pain to have to decode this spew in order to report it. Sure wish SpamCop could just take care of it. I usually report my spam through the web interface where you just paste the whole spam message into a box. Is it kosher to decode these java scripted URL's and add them to the rest of the spam message? thanks, George
Wazoo Posted April 13, 2005 Posted April 13, 2005 Rules, guidance, policies ... the reason a FAQ exists .... http://www.spamcop.net/fom-serve/cache/125.html http://www.spamcop.net/fom-serve/cache/283.html Perhaps even reading one of my previous posts in this very Topic would suggest the answer?
Recommended Posts
Archived
This topic is now archived and is closed to further replies.