Jump to content

Report Handling Options


Recommended Posts

I've been reporting spam via spamcop.net since March 05 and always wondered about the Report Options.

I chose the "mole" option because I send out my own cease and desist notification to the responsible IP sender, domain name owner and web host company and also cc uce[at]ftc.gov.

Then I Changed my settings to "Obscure identifying information" because I figure the only thing the mole option does is gather information....

What's the best thing to do or the most popular?

A. Obscure identifying information

B. Leave spam copies intact

C. Become a "mole" - Don't even send reports (mostly pointless)

Link to comment
Share on other sites

<snip>

What's the best thing to do or the most popular?

A. Obscure identifying information

B. Leave spam copies intact

C. Become a "mole" - Don't even send reports (mostly pointless)

29022[/snapback]

...My guess would be that the information necessary to determine the most popular set of options is available at most to only a select few and they're not likely to tell us. The "best thing" is in the eye of the beholder. FWIW, I elected A but not C. I'm not familiar with the reporting option you identified as "B."
Link to comment
Share on other sites

Technically, that's pretty hard to answer. As far as the last public data made available on 'mole reporting' please see the last post about it in the Announcements section.

Obscuring data - in general, the parser does as advertised, looks for and sattempts to remove 'your' data from the spam. In reality, this is usually seen in its best form as munging a bit of the Message-ID, the e-mail address found in the To: line and whereever else that data is found. However, if one was to actually analyze the whole picture, 'tracking' bits can be anywhere in the spam ... third line, four words in has 2 spaces, the URL constructs with attached data, the various misspelling of certain words, on and on ... so in reality, the munging of one e-mail address may account for squat.

Some ISPs play the "for legal reasons" game on 'needing' an unmunged copy ... in some cases that have actually gone to trial, this is believable. However, you'll note just how few cases have gone to trial. Other ISPs play the 'we need your address' when playing the listwashing game with their pet spammer (i.e., they pass that address on to the spammer and advise 'no more e-mail here as they complain')

In the old days, one could end up feedng a spammer directly .. resulting in some kind of retribution, especially if the spammer lost his/her accounts over the issue. In general, those days are long gone.

What method is most popular - not a clue ... here's a recent post from one that might have an idea, (but as stated, she's not going to provide hard data <g>)

"Blammo"  wrote in message

news:Xns966E3EB739B76blammo[at]216.154.195.61...

> On 07 Jun 2005 Ellen entered spamcop and left

> news:d8432a$66b$1[at]news.spamcop.net:

>

> > ... who have never learned to, or needed to learn to, read headers.

>

> I just don't understand how you can be a spam reporter and not know a

> little about reading headers.

There are lots of people with nice clean boring headers stamped by their ISP

or company mailserver who just report spam and while I am sure they are

mildly cognizant about headers they have never scrutinized them in detail.

While I am not going to state the number, I do know how many SC users report

spam weekly -- let me just say that if even 1/10th of them showed up here or

in the forums we would never be able to wade thru the posts :-)

> > So let's cut them a tiny little bit of slack.

>

> I don't know why, they should know what their server's (or spamcop's)

> Received headers look like, at the very least.

> I guess if one can use the Spamcop mail service and never send any reports

> (none of their spam ever gets reported), then I can give them some slack.

And yes there are also lots of filtered email users who actually never

report spam.

Ellen

Truth be told, I really don't use the SpamCop toolset myself for reporting that much, primarily for analyzing other folks' issues, verifying that the same decision points had been made in my analysis, or analyzing what had me baffled ... My reporting practices are much more severe than the parser allows/does. The only 'retribution' for my unmunged reports in the last few years was the recent temination of a 8-9 year old HotMail account, based on some idiot scanning down far enough to see my address included in a bounce message to a Hoastmaster account at Microsoft (found in a WHOIS record) and made the determination that the complaint (actually about the abuse of the webTV-SpamCop newsgroup feed) was about "my" HotMail account. The obviously off-shore 'support' staff there is simply beyond clueless, but that's another story ....

Link to comment
Share on other sites

What's the best thing to do or the most popular?

A. Obscure identifying information

B. Leave spam copies intact

C. Become a "mole" - Don't even send reports (mostly pointless)

29022[/snapback]

C is better than nothing, in that it feeds the SCBL. I used to do A, but it took way too much time, so a couple of years ago I switched to B because it takes less time and, as a service provider (of sorts), I would want to see unmunged data if I received a SpamCop Report.
Link to comment
Share on other sites

Thanks folks,

Just curious really. I use the Reporting tool because I hope it contributes (somehow) to the reduction of spam, or at least peeves a few off. I'm not too worried about obscuring my data because in the last 4rs I've only received spam on one out of 10+ addresses by keeping them off websites, subscribtions, etc. (until recently because of a moment of stupidity).

Also, I like to check my research against SC's Reporting tool before sending out my own "cease and desist" emails to the upstream providers, web host companies, and the rare, Real email address belonging to a spammer.

I recently put a disposable email address from SpamMotel.com on a blog to see how long a bot would pick it up... less than a month. :lol:

Is that entrapment?

-

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...