ewv Posted March 15, 2021 Posted March 15, 2021 What is a practical reporting address for cloudflare.com? My reports to abuse@cloudflare.com, the standard spamcop address, are ignored. In particular the infamous "Eric Jones" talkwithlead.com web formmail spammer has been hosted by cloudflare for years despite systematic reports several times a month. The spam routinely breaks through captcha deterrents and is recently connecting with a blank IP address to prevent reporting to the hosts it has always cycled through to avoid blocking. This spam is also found on web forums internationally. It has rotated among several different spamvertized domain names, including talkwithwebvisitor.com, talkwithwebvisitorS.com, talkwithwebcustomer, talkwithcustomer.com, and talkwithwebtraffic.com. It is a big spam operation which I once traced to the Trade World Corporation in Canada, with an 'F' Better Business Bureau rating and numerous complaints of credit card fraud. Why would an organization like Cloudflare continue to ignore spam reports about hosting an operation like this? Quote
gnarlymarley Posted March 15, 2021 Posted March 15, 2021 3 hours ago, ewv said: What is a practical reporting address for cloudflare.com? My reports to abuse@cloudflare.com, the standard spamcop address, are ignored. That is a good question. I did find an abuse form at https: //www.cloudflare.com/abuse/form, but I also searched and found some articles saying that the abuse email doesn't work for some time. It maybe that they have abandoned the abuse email. Quote
ewv Posted January 10, 2022 Author Posted January 10, 2022 There are a lot of articles denouncing cloudflare for this. Cloudflare deliberately ignores abuse reports, with the sophistry that it is a "content delivery network" (CDN) that does not "host" the spam. Cloudflare's CDN is a "reverse proxy" that hides hosts, including spamvertized hosts and other malware, behind its own IP addresses in the name of security. It publicly identifies itself as the host then denies that it is the host to avoid accountability. Spamcop should be blacklisting Cloudflare IP addresses that are claimed to both host and not host spam. Cloudflare also has a record of passing complaints directly to the source, exposing personal information that has resulted in harassment and threats. And so we have a "security" company that fronts for and protects spammers and worse. Clourflare bought Captcha, which has become progressively more of a nuisance and an obstacle to legitimate connections. It claims this is "security" protecting websites, while protecting the very same spammers who know how to get past Captcha to attack web formmail and forums. Cloudflare's security business model, a.k.a. racket, is to play both sides at the same time. The CEO is some kind of ideological anarchist who repeatedly insists publicly that he is protecting and passing through spam and more as "free speech" -- threats, harassment, and invasion of private property (your computer) are now "free speech". That sophistry defending spammers was rejected a long time ago for good reason, but Cloudflare gets away with it because it is big and has contracts with other large companies. It has become "too big to fail" as the excuse for not reining it in. Quote
petzl Posted January 11, 2022 Posted January 11, 2022 (edited) On 3/16/2021 at 5:23 AM, gnarlymarley said: That is a good question. I did find an abuse form at https: //www.cloudflare.com/abuse/form, but I also searched and found some articles saying that the abuse email doesn't work for some time. It maybe that they have abandoned the abuse email. found those above accepting abuse reports don't ignore registrar reports, were getting some spammer using Twitter (twitterdoesntcareaboutspamreports[AT]devnull.spamcop.net) as a URL relay, did respond/act to including abuse reports to their registrar! Edited January 11, 2022 by petzl Quote
john6528 Posted January 15, 2022 Posted January 15, 2022 Another one is 109.237.96.59. In fact when I send a report it responds by sending a massive amount of spam to me. So much so that I'm canceling that email. I went silent for awhile and it's spam died down. Then I reported one spam and In 10 minutes got 23 spams sent to me. As far as I can see this service isns't working very well. I need to cancel an email and start with a new one. JOhn Quote
petzl Posted January 15, 2022 Posted January 15, 2022 (edited) 51 minutes ago, john6528 said: Another one is 109.237.96.59. In fact when I send a report it responds by sending a massive amount of spam to me. So much so that I'm canceling that email. I went silent for awhile and it's spam died down. Then I reported one spam and In 10 minutes got 23 spams sent to me. As far as I can see this service isns't working very well. I need to cancel an email and start with a new one. JOhn Send a spam report tracking URL Cloudfare are not where to send abuse reports for 109.237.96.59? SpamCop sends correctly to abuse[AT]hostglobal[DOT]plus Go here for government reporting authoritieshttps://www.first.org/members/teams/ Edited January 15, 2022 by petzl Quote
gnarlymarley Posted January 16, 2022 Posted January 16, 2022 On 1/14/2022 at 7:59 PM, john6528 said: In fact when I send a report it responds by sending a massive amount of spam to me. So much so that I'm canceling that email. I went silent for awhile and it's spam died down. Then I reported one spam and In 10 minutes got 23 spams sent to me. When they would do that to me I would report all 23. They soon realized the only way to stop the reports was to stop spamming me. At times I have temporarily abandoned some accounts, but I still have most of my accounts so I can report the one spam each account gets every week. Quote
AmyLynn Posted January 23, 2022 Posted January 23, 2022 I find that when I get spam that goes to cloudlfare it's ALWAYS connected to namecheap. So I end up reporting to abuse@namecheap.com which spamcop doesn't. I do it myself and namecheap doesn't play games. They've deleted every domain. I have no idea why the two are connected on my end, but it's fun to get the emails from namecheap saying "We see the domain is blacklisted and we have taken action against the domain owner." It's gotten to the point I don't even do the whois. I just automatically send it to namecheap. It's as though they are linked or set in stone in the spammer handbook. So if you are sick of clouflare ignoring the reports like I was, don't give up reporting them on spamcop. That adds the domain to the blacklist, reporting it to namecheap too, they see that spamcop blacklisted it and close the domain. I wish spamcop would report to namecheap too but whatever. I kind of think they don't do it because of the replies they would be bombed with from namecheap. Quote
Hanco Posted May 24, 2022 Posted May 24, 2022 On 1/23/2022 at 11:17 AM, AmyLynn said: …I kind of think they don't do it because of the replies they would be bombed with from namecheap. Exactly. Especially the replies that are as frustrating as hell. The replies that there is nothing they can do as it is not blacklisted by any reliable blacklist so contacts the host instead. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.