Jump to content

Don't generate abuse message against reporter


rdorsch

Recommended Posts

This topic was discussed already on 

and Lking proposed to open a feature request here.

 

The issue is:

  • I received spam and reported it to spamcop:
    Submitted: 14.5.2020, 17:40:25 +0200: 
    =?UTF-8?B?6L+Q6YCB5bu66K6uIDMwLzUvMjAyMA==?=
    7058512602 ( http://www.bokomoko.de/ ) To: abuse@netcup.de
    7058512598 ( 185.222.58.117 ) To: complain@rootlayer.net
  • Apparently, the (Chinese?) spam contained my own domain: www.bokomoko.de
    image.thumb.png.ab9ef14bc41c15c157167bb5a26c071b.png
  • Unfortunately, I did not notice this in the generated report and confirmed that.

Since I received in the past days multiple of these emails and I deselected my own domain (except on the first spam I received), I suggest that spamcop handles this situation better. As an immediate measure, my wife suggested to stop reporting spam to spamcop, if that has the risk that our email server gets shutdown in the middle of Corona home schooling.

Feature request is:

  • Spamcop should support per reporter whitelists for domains which should never be reported to spamcop
  • If the effort for this is too high: Never generate abuse reports for the domains referenced in the body of the spam mail, if the match the spam destination domain 
  • If the effort for this is too high: Make the default to not generate abuse reports for domains referenced in the body of the spam email to reduce false positives 

If there is further information I can provide, please let me know.

Link to comment
Share on other sites

  • rdorsch changed the title to Don't generate abuse message against reporter
  • 3 weeks later...

Hello rdorsch,

I am certain you are not the first one to report his own domain, and probably won't be the last.

there is a reason why spamcop "kind-of" suggests not to report linked websites in the spam body, as spammers inject addresses of several "innocent" websites/domains, and you were the unfortunate recipient of such a spam.

also, links in spams are not "counted" as spam origins and thus not blocked (AFAICR) but that does not necessarily mean that if the domain's upstream IP listed abuse desk receives a "complaint"/report that they won't act upon it.

currently I see that the abuse desk is "/dev/nul"ed reports are disabled for contabo punkt DE which means that the link will not be sent to the abuse desk in case you forget to uncheck the box ;)

Ich hoffe dies hilft!

Gruss aus den Staaten nach Deutschland

Link to comment
Share on other sites

  • 1 month later...

I've run into this as well, so I have a ScriptMonkey scri_pt that gives me an alert to scrutinise carefully if my email or hosting providers are one of the recipients

Link to comment
Share on other sites

  • 3 years later...

Second this...  I am now frequently getting emails that attempt to spoof my provider or Cpanel into thinking there is a admin problem I need to click on to fix.   
Most don't have credible or viable links in them, but some are "better" than others, and another just got by me.   

I recently changed providers, hopefully the staff at the new provider is more savvy.

Dave.

Link to comment
Share on other sites

Is it better that you are alerted to spammers illegally impersonating you...when I see this in addition to sending report to SC I let the legit business know? As far as the new feature request to default to not sending any reports regarding links in the body, that does not suit the rest of us and best to save and use the info in the report to your advantage but not submit it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...