hucker Posted June 9, 2005 Share Posted June 9, 2005 See tracking URL: http://www.spamcop.net/sc?id=z773205413zf8...2e27820b906a1ez I was told this by spamcop: Re: 85.155.34.210 (Administrator of network where email originates) To: abuse#auna.es<at>devnull.spamcop.net (Notes) Why are reports not going to abuse<at>auna.es? Link to comment Share on other sites More sharing options...
Wazoo Posted June 9, 2005 Share Posted June 9, 2005 Per data found within the parse of your Tracking URL data (with Full Technical Details turned on); Tracking message source: 85.155.34.210: Routing details for 85.155.34.210 [refresh/show] Cached whois for 85.155.34.210 : abuse[at]auna.es Using abuse net on abuse[at]auna.es abuse net auna.es = abuse[at]auna.es Using best contacts abuse[at]auna.es abuse[at]auna.es refuses SpamCop reports Using abuse#auna.es[at]devnull.spamcop.net for statistical tracking. Whuch means that the report does feed the SpamCopDNSBL, but that's it. If you want to talk to these folks directly, look up "Manual Report" ... Jeff G. did up an entry in the Glossary, found via a link in the Forum FAQ ... Link to comment Share on other sites More sharing options...
hucker Posted June 9, 2005 Author Share Posted June 9, 2005 Per data found within the parse of your Tracking URL data (with Full Technical Details turned on); abuse[at]auna.es refuses SpamCop reports 29087[/snapback] Oops, didn't realise the non-technical version omitted that information. Out of interest, why do some places refuse spamcop reports? I know bt.net do, and I asked them, but guess what - no reply. Maybe I was a little too rude about their spam record :-) Link to comment Share on other sites More sharing options...
Wazoo Posted June 9, 2005 Share Posted June 9, 2005 Let's start with cluelessness ... spammer sends out 1,000,000 spam e-mails. 750,000 of them actually get delivered to an InBox. 730,000 of them are deleted. 5,000 of them find gullible idiots that are impressed with the 'good deal' ...14,000 of them make to InBoxes that aren't aren't actually/actively checked by the person that set them up. (maybe spamtraps, maybe just a crap address used for filling in blanks with garbage data ...) 1,000 make it to the InBox of a SpamCop user and they get reported. ISP has an employee that all of a sudden notices that 'he' is being spammed by some lowlife called SpamCop ... follows the links, finds out that all he/she has to do is click on a link, and all that e-mail stops. Problem resolved. Then one can move to mis-configured servers, resulting in the wrong target being identified as a complaint target. Rather than fix the real problem, ISP Admin goes to posting in NANAE about what a piece of garbage the SpamCop toolset is, blocks the incoming 'crap' from SpamCop ... problem resolved (until that server finds its way onto other BLs, which then forces the configuration to be corrected ... but no retraction of the 'SpamCop is garbage' posts is offered of course <g>) Then you've got the ISP that is charging the spammer 10 to 20 times the normal rate for an account. So knowing full well what's going on, why do they need reports about that activity? Just a few possible/probable excuses/reasons why SpamCop complaints are refused. Link to comment Share on other sites More sharing options...
Jeff G. Posted June 9, 2005 Share Posted June 9, 2005 In such a case, the reporter should seek the ISP's upstream, which from here appears to be Teleglobe.net. However, please be warned that you will get lots of mail if you send to abuse<at>teleglobe.net and ask for receipts. Link to comment Share on other sites More sharing options...
hucker Posted June 10, 2005 Author Share Posted June 10, 2005 How do you find an upstream provider? What do you mean by "I'll get loads of mail"? And "ask for receipts"? Another thought - why does spamcop allow ISPs to opt out of receiving abuse reports? Spamcop is merely a tool to allow users to send reports without all the hard work. In fact there could even be an option so that the abuse report would be sent directly from me, using my SMTP server, so spamcop had nothing to do with it (apart from preparing the report for me). Link to comment Share on other sites More sharing options...
petzl Posted June 12, 2005 Share Posted June 12, 2005 How do you find an upstream provider? What do you mean by "I'll get loads of mail"? And "ask for receipts"? Another thought - why does spamcop allow ISPs to opt out of receiving abuse reports? Spamcop is merely a tool to allow users to send reports without all the hard work. In fact there could even be an option so that the abuse report would be sent directly from me, using my SMTP server, so spamcop had nothing to do with it (apart from preparing the report for me). 29137[/snapback] (1) When an email is sent to confirm sender receives it a "read receipt" is included with email. As to getting lots of email some investigation is done where further evidence may be required (2) Usually refusing SpamCop reports is done because of cluelessness or not wanting to offend their "nice paying customers" This mainly means they won't respond to personal abuse reports either In email subject line of my personal abuse reports to such losers, I simply would put (In this case) "PERMANENT EMAIL BLOCK FOR IP RANGE 85.155.32.0 to 85.155.38.255" which is ALL of "CABLEMODEM-AUNA-CANARIAS" network. Don't know if if helps probably not, often/always such companies find themselves being added to more and more blocklists. The good bit is they sometimes think its you who have initiated their problems of being added to blocklists (in reality it's themselves) Link to comment Share on other sites More sharing options...
hucker Posted June 12, 2005 Author Share Posted June 12, 2005 About the receipts - I've found they never work. For example I don't honour them - if you email me and ask for a receipt you will never get one. Also it relies on the email clients at both ends being compatible. Where I used to work I had two email addresses (the company one and my personal one). Rather than read both, I set the company one to forward to my personal one, then delete the message. This resulted in everyone asking for a receipt getting a message back saying "the user deleted the message without opening it", which really pissed off the control freaks :-) So how do I find the upstream provider? And who manages the blocklists? Link to comment Share on other sites More sharing options...
Jeff G. Posted June 12, 2005 Share Posted June 12, 2005 How do you find an upstream provider?29137[/snapback] Please see the following URLs: http://forum.spamcop.net/forums/index.php?...indpost&p=26158 http://news.spamcop.net/pipermail/spamcop-...ril/004701.html Link to comment Share on other sites More sharing options...
Jeff G. Posted June 12, 2005 Share Posted June 12, 2005 What do you mean by "I'll get loads of mail"? And "ask for receipts"?29137[/snapback] In the past, when I've checked OE's "Tools / Options / Receipts / Requesting Read Receipts / Request a read receipt for all sent messages." Checkbox and then sent an abuse report to abuse<at>teleglobe.net, I have gotten back many receipts because that address actually leads to a privately-administered distribution list. The relevant Header Line is "Disposition-Notification-To:". Link to comment Share on other sites More sharing options...
hucker Posted June 12, 2005 Author Share Posted June 12, 2005 Oh a traceroute - of course. But does everyone have an upstream? BT for example (www.bt.net), the biggest phone company in the UK, does not take spamcop reports. If I trace to it from here (plusnet), it hops straight from plusnet to bt.net. Perhaps plusnet uses bt.net as an upstream? There must be a page somewhere that lets you find an upstream (simply!). Link to comment Share on other sites More sharing options...
Jeff G. Posted June 12, 2005 Share Posted June 12, 2005 There must be a page somewhere that lets you find an upstream (simply!).29173[/snapback] Sorry, it's just not that simple. Many networks are multi-homed (that is, they have multiple upstreams announcing their presence on the Internet using BGP or another routing protocol). Also, some networks have peering agreements with other networks, which agreements seem to be excepted from TOSs, AUPs, and/or enforcement of them. For instance, ChinaNet has multiple upstreams and/or peers that refuse to do anything about the rampant network abuse being committed and condoned by ChinaNet and its customers every minute of every day. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.