memphomom Posted March 2, 2004 Share Posted March 2, 2004 I received a mail last night that is clearly spam but it's subject lead me to believe it was a bounce. I tried to report it anyway but SpamCop refuses it because it also thinks it is a bounce. How can I get this spam to someone who can see that it is spam so that it can be stopped? Thanks. Memphomom Link to comment Share on other sites More sharing options...
AlphaCentauri Posted March 2, 2004 Share Posted March 2, 2004 Go down to the original headers. Paste them only into the reporting window. When it returns its parsing, copy the addresses. Cancel the report, and forward the entire bounced email to the addresses spamcop would have reported to. Link to comment Share on other sites More sharing options...
turetzsr Posted March 2, 2004 Share Posted March 2, 2004 Hi, Memphomom! ...In addition to AlphaCentauri's excellent advice, please either: post this in news.spamcop.net/spamcop.spam newsgroup, if you are facile with NNTP forward the e-mail, with complete headers, to deputies <at> admin.spamcom.net (replace the " <at> " by an at sign, [at]) so that the SpamCop deputies can have a look at it. ...Good luck! Link to comment Share on other sites More sharing options...
alan_f Posted March 3, 2004 Share Posted March 3, 2004 FYI: I ran into the same problem -- I just posted the message to this forum as well (I noticed your posting after I had posted mine) and am forwarding it to the deputies for them to have a look. -Alan Link to comment Share on other sites More sharing options...
Jeff G. Posted March 3, 2004 Share Posted March 3, 2004 I don't think the Deputies can do anything about this, as it's a problem with the coding in the reporting system. Please forward any spam that SpamCop says is a bounce to "service at admin.spamcop.net". Thanks! Link to comment Share on other sites More sharing options...
Spambo Posted March 3, 2004 Share Posted March 3, 2004 Go down to the original headers. Paste them only into the reporting window. When it returns its parsing, copy the addresses. Cancel the report, and forward the entire bounced email to the addresses spamcop would have reported to. You shouldn't assume that the headers contained in the bounce are the "original headers" or are in any way valid. Spammers can (and do) create totally bogus bounces and the "bounce's" headers contain the proper place(s) to LART. The difficulty in determining which set of headers need to be analyzed is one of the reasons that SpamCop doesn't accept bounces for processing. Link to comment Share on other sites More sharing options...
Spambo Posted March 3, 2004 Share Posted March 3, 2004 FYI: I ran into the same problem -- I just posted the message to this forum as well (I noticed your posting after I had posted mine) and am forwarding it to the deputies for them to have a look. -Alan Bounces often contain two sets of headers - the typical email headers and another set in the message body and either set could be the one that the parser needs to analyze. This is especially true if only one or two bounces are arriving at your inbox. "Teaching" the parser to decide if the headers contained in the message body are real or a forgery could be quite problematic considering that a clever enough spammer [1] could make it difficult for even a knowledgable human to determine which set is "real". .o0O [1] I know, a "clever enough spammer" is an oxymoron and spammers can usually be described by droping the "oxy", but there are a few who can pull it off given the right circumstances and a little bit of planning. Link to comment Share on other sites More sharing options...
memphomom Posted March 3, 2004 Author Share Posted March 3, 2004 Thank you all for your advice. I forwarded the mail to both the deputies and service for review. I just wanted someone "in charge" to see it. Memphomom Link to comment Share on other sites More sharing options...
turetzsr Posted March 3, 2004 Share Posted March 3, 2004 I don't think the Deputies can do anything about this, as it's a problem with the coding in the reporting system. Please forward any spam that SpamCop says is a bounce to "service at admin.spamcop.net". Thanks! ...Thanks, JeffG. Perhaps I misunderstood Ellen's posts here and in the help ng to send such things to the deputies. I presumed that, although they themselves can't do anything about it, they provide "triage" for those who can. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.