Peter Smith Posted August 15, 2005 Share Posted August 15, 2005 I recieved an email today the subject of which was "SpamCop encountered errors". Which is odd, becasue I didn't submit any spam. Most odd. I looked at the headers of the message, and yes, it was a proper error report that actually orginated from SpamCop. How strange. The email that was being reported was absolutely, definitely spam. How curious. So, I looked at the headers of the message that was used to submit the spam to SpamCop (because SpamCop kindly includes them). The headers were: Return-Path: <passionate[at]nyffe.ch> Received: from sc-smtp2.eq.ironport.com (sc-smtp2.eq.ironport.com [192.168.18.82]) by sc-app2.eq.ironport.com (Postfix) with ESMTP id 3EF7751592B for <submit.removed-to-protect-me[at]spam.spamcop.net>; Mon, 15 Aug 2005 08:45:23 -0700 (PDT) Received: from 170.220.6.200.intelnet.net.gt (200.6.220.170) by sc-smtp2.eq.ironport.com with SMTP; 15 Aug 2005 08:45:24 -0700 Received: from [135.128.158.209] (port=7188 helo=[nastier]) by 170.220.6.200.intelnet.net.gt with esmtp id 5725344621Uranus90087 for submit.code-removed-to-protect me[at]spam.spamcop.net; Mon, 15 Aug 2005 09:45:29 -0600 Mime-Version: 1.0 (Apple Message framework v728) Content-Transfer-Encoding: 7bit Message-Id: <3611085545.106327[at]170.220.6.200.intelnet.net.gt> Content-Type: text/plain; charset=US-ASCII; format=flowed To: submit.code-removed-to-protect-me[at]spam.spamcop.net From: "Steve" <passionate[at]nyffe.ch> Subject: Company Spotlight For An Emerging Equity Date: Mon, 15 Aug 2005 09:45:28 -0600 X-Mailer: Apple Mail (2.728) Now I am sure I haven't revealed my submit address -- it was all in lower case, and I always use mixed case (because I copy it from the SpamCop page). So it seems like someone in Guatemala is using my SpamCop submission address to "bounce" spam back to me through SpamCop. How cunning! Is anyone else experiencing this? Have I interpreted events correctly? I wonder what could be done differently to prevent this? Kind regards Peter Link to comment Share on other sites More sharing options...
Peter Smith Posted August 15, 2005 Author Share Posted August 15, 2005 I've been back through my spam archive and I've noticed a few messges like this (from different sources, e.g. China). Basically, it seems a "fake" report is submited to SpamCop using a genuine Submit.xxxx[at]spam.spamcop.net address. But, the intention is to have the submission fail and be bounced back to a poor old user (e.g. me). Link to comment Share on other sites More sharing options...
Wazoo Posted August 15, 2005 Share Posted August 15, 2005 http://forum.spamcop.net/forums/index.php?showtopic=3206 http://forum.spamcop.net/forums/index.php?showtopic=3211 note sent upstream Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted August 15, 2005 Share Posted August 15, 2005 I recieved an email today the subject of which was "SpamCop encountered errors". Which is odd, becasue I didn't submit any spam. Most odd. I can change your 'submit' address if you want. Just send your username to me at service at admin.spamcop.net - Don D'Minion - SpamCop Admin - service at admin.spamcop.net http://www.spamcop.net/ Link to comment Share on other sites More sharing options...
StevenUnderwood Posted August 15, 2005 Share Posted August 15, 2005 I've been back through my spam archive and I've noticed a few messges like this (from different sources, e.g. China). Basically, it seems a "fake" report is submited to SpamCop using a genuine Submit.xxxx[at]spam.spamcop.net address. But, the intention is to have the submission fail and be bounced back to a poor old user (e.g. me). 31687[/snapback] Have you ever forwarded spam to your submit address as well as other addresses (ftc, etc.)? It is possible that a complaint got forwarded to your spammer who was able to get your submit address that way. Just recently I thought about this and I now use the bcc to submit my spam to spamcop via email if sending to another party as well. Might be a line to add to the FAQ on email reporting? Link to comment Share on other sites More sharing options...
Jeff G. Posted August 15, 2005 Share Posted August 15, 2005 I now use the bcc to submit my spam to spamcop via email if sending to another party as well. Might be a line to add to the FAQ on email reporting?31696[/snapback] Thanks, I'll think about that. Link to comment Share on other sites More sharing options...
Peter Smith Posted August 16, 2005 Author Share Posted August 16, 2005 I can change your 'submit' address if you want. Just send your username to me at service at admin.spamcop.net 31694[/snapback] Thanks for the offer, but I think the real problem is that some one is "generating" submit addresses. I wonder if there is any easy way for SpamCop to do a query on its database of emails rejected to see how big a problem it really is? Link to comment Share on other sites More sharing options...
swingspacers Posted August 16, 2005 Share Posted August 16, 2005 Nobody is generating submission codes. Your submission address somehow got compromised, was added to a spammer's list, and is now getting spammed. Let Don give you a new submit address and everything will be ok. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.