Receiving Zendesk request after spamcop report

[nav2spamcop]

Can anyone tell me is this legitimate? It's apparently in response to a SpamCop report I submitted. Am I supposed to reply directly to Cloudflare Abuse?

Thanks.

 

Your report (#15211355) has been received. Note -- When responding please make sure to keep #15211355 in the subject line.

Thank you for your report.

Cloudflare offers network service solutions including pass-through security services, a content distribution network (CDN) and registrar services. Due to the pass-through nature of our services, our IP addresses appear in WHOIS and DNS records for websites using Cloudflare. Cloudflare does not generally serve as a hosting provider, does not organize or alter content, and does not have the ability to remove content hosted by others.

To ensure the prompt processing of your abuse report we request that you please submit your abuse report through Cloudflare's abuse reporting web form at:

https://www.cloudflare.com/abuse/

Regards,
Cloudflare Trust & Safety

This email is a service from Cloudflare. Delivered by Zendesk

[2NVLMG-E1GLV]

[gnarlymarley]

Looks kind of familiar, but I don't remember where I saw one of those replies. Seems like it might be legitimate. Might be related to this old post.

https://forum.spamcop.net/topic/45897-abusecloudflarecom-ignoring-spam-reports/

[Lking]

1 hour ago, nav2spamcop said:

Can anyone tell me is this legitimate?

Look carefully at the header. If you submitted a spam report resulting in report #15211355, the report received by cloudflare includes a SpamCop return email address including the report number.

IF the real cloudflare responded to the report using that email, or did a reply TO: their email would have gone to spamcop.

SpamCop would then forward cloudflare's response to you (who submitted the original spam) so you could respond if you want too.

This process provides you with any response from those that receive spam reports you generate -- AND keeps your email address hidden from the spammers/host/ISP. Looking at the header/raw data you should be able to tell if the email you received came from SpamCop.

This action is controlled by your preferences selected on https://www.spamcop.net/mcgi?action=showadvanced

IMHO there is one draw back to this procedure. IF/when you respond to the sender (cloudflare) you will reveal you email address/identify. There is no pass through back from you, through SpamCop, to whoever received the report (cloudflare).  On the other hand, if the reply is from the spammer, or ISP you think is supporting the spammer, there is no point. If you decide that those that received the report are a responsible party, there should not be a problem revealing your email. (On the other hand, it really doesn't make any difference, the spammer already has your email address.) In the last ~18 yrs I have had been using the same email address. Every one and their brother knows what it is (Norton finds my email everywhere). In spite of the visibility and activision, mostly I have a ho-hum level of daily spam; I have no filtering so I can see everything sent to my domain and sort them in FireFox. There have been three DOS attacks on my email address.

[petzl]

1 hour ago, Lking said:

Look carefully at the header. If you submitted a spam report resulting in report #15211355, the report received by cloudflare includes a SpamCop return email address including the report number.

IF the real cloudflare responded to the report using that email, or did a reply TO: their email would have gone to spamcop.

SpamCop would then forward cloudflare's response to you (who submitted the original spam) so you could respond if you want too.

This process provides you with any response from those that receive spam reports you generate -- AND keeps your email address hidden from the spammers/host/ISP. Looking at the header/raw data you should be able to tell if the email you received came from SpamCop.

This action is controlled by your preferences selected on https://www.spamcop.net/mcgi?action=showadvanced

IMHO there is one draw back to this procedure. IF/when you respond to the sender (cloudflare) you will reveal you email address/identify. There is no pass through back from you, through SpamCop, to whoever received the report (cloudflare).  On the other hand, if the reply is from the spammer, or ISP you think is supporting the spammer, there is no point. If you decide that those that received the report are a responsible party, there should not be a problem revealing your email. (On the other hand, it really doesn't make any difference, the spammer already has your email address.) In the last ~18 yrs I have had been using the same email address. Every one and their brother knows what it is (Norton finds my email everywhere). In spite of the visibility and activision, mostly I have a ho-hum level of daily spam; I have no filtering so I can see everything sent to my domain and sort them in FireFox. There have been three DOS attacks on my email address.

 

[petzl]

8 minutes ago, petzl said:

 

https://www.cloudflare.com/trust-hub/abuse-approach/ 
is how cloudfare reply I were reporting a website where registrar is not known.
Probably free account week?
Claimed I would get a $49 refund.
Name:        superfit.vip
IP:        172.67.162.13,         104.21.41.75 |
suggested they reset password. Do a zero charge credit card check, device owner scan their device.

 
 

Edited August 1, 2023 by petzl

[nav2spamcop]

A BIG thanks to everyone who replied!   It does appear to have come through spamcop to (xxxxx###@msgid.spamcop.net).

I won't respond, as it looks like Cloudflare is just irresponsible, based upon the replies here and their disclaimer that "Cloudflare does not generally serve as a hosting provider, does not organize or alter content, and does not have the ability to remove content hosted by others."  They divest themselves of all responsiblity.

Petzl - you are absolutely prolific and extremely helpful.

Thanks.

[Lking]

13 hours ago, nav2spamcop said:

It does appear to have come through spamcop to (xxxxx###@msgid.spamcop.net).

You are correct.

[Hanco]

On 8/1/2023 at 9:58 AM, nav2spamcop said:

"Cloudflare does not generally serve as a hosting provider, does not organize or alter content, and does not have the ability to remove content hosted by others."  They divest themselves of all responsiblity.

They do divest of responsibility but it is accurate.

They are a “pass thru” and are used by spammers who host some of their gazillions of redirect websites behind the “cover” of a Cloudflare IP address.

There are legitimate reasons to use the services of Cloudflare.

I have actually found Cloudflare to be pretty good at dropping their service from scammer/spammer websites. They’re pretty decent in my experience. I can’t speak for everyone of course :)

[nav2spamcop]

Thanks Hanco.   I've been told Cloudflare is used for hosting copyrighted material for illegal downloading/torrenting.  What are the legitimate reasons to use them, in your experience?

 

[ninth]

 

I reckon all these big companies that have been operating for some time are legit but are overwhelmed with spam and they are increasingly automating their systems. My recent experience with multiple cloud reports is they take several weeks to respond asking for more info if I still have the problem. They deny responsibility when the hosting checker result is that they are the host. It is irrelevant they have no access to the spammers server and cannot dictate what is sent out because they must investigate complaints and warn or stop hosting repeat offenders by law. Luckily there are alternative ways to fight spam as we often discuss on this forum.

[nav2spamcop]

Thanks for weighing in Ninth.  I decided it's best to not reply directly to Cloudflare.  If they're responsive, they've got all the info they need already from Spamcop!