Jump to content

not getting report confirmation


dra007

Recommended Posts

I am no longer getting confirmation e-mails from spamcop when I forward the spam as attached files. Why is this happening? I am wondering if a virus/worm redirects the reports I send by e-mail. As soon as I forward the report I get bounces from unknown e-mails which report the same spam I just sent to spamcop.

Link to comment
Share on other sites

Should have noticed that you had made two posts before replying to the first one.

There are several posts recently about people not receiving confirmation emails. There are various reasons for that. Have you looked to see if you have Unreported spam on the web site? Are you an email customer? or reporting only?

Miss Betsy

Link to comment
Share on other sites

I am reporting on a daily basis, this problem has started yesterday, what seems odd is that my reports do not seem to make it to spamcop, when I log on to the site I do not show un-reported spam for the stuff I forwarded since yesterday. Instead I get bounces with similar contents from unknown users reporting the same spam content.

Link to comment
Share on other sites

I get bounces with similar contents from unknown users

I'm having a hard time guessing at just what you might actually mean here. How about posting the headers of one of these bounces so we can see where you're getting this "unknown user" description.

Link to comment
Share on other sites

Your authorization code is invalid. Please obtain a new authorization code

If I'm reading and guessing xcorrectly, I'm thinking that what you need to do is delete all your previous SpamCop cookies, then accept a new one at the first login with thie "new" authorization code / page.

Perhaps this is also what dra007 means by "unknown users" ..???

Link to comment
Share on other sites

this is an example, I have never sent e-mails to those adds:

Hi. This is the qmail-send program at email04.aon.at.

I'm afraid I wasn't able to deliver your message to the following addresses.

This is a permanent error; I've given up. Sorry it didn't work out.

<hdz[at]aon.at>:

The users mailfolder is over the allowed quota (size).

--- Below this line is a copy of the message.

Return-Path: <ads5[at]imap.pitt.edu>

Received: (qmail 68646 invoked from network); 18 Mar 2004 17:54:59 -0000

Received: from unknown ([172.18.5.84]) (envelope-sender <>)

by qmail4.highway.telekom.at (qmail-ldap-1.03) with QMQP

for <>; 18 Mar 2004 17:54:59 -0000

Received: (qmail 427730 invoked from network); 18 Mar 2004 17:54:58 -0000

Received: from cable-212.76.251.31.coditel.net ([212.76.251.31]) (envelope-sender <ads5[at]imap.pitt.edu>)

by qmail6rs.highway.telekom.at (qmail-ldap-1.03) with SMTP

for <hdors[at]aon.at>; 18 Mar 2004 17:54:58 -0000

Received: from [212.61.8.38]

by cable-212.76.251.31.coditel.net

for <hdors[at]aon.at>; Thu, 18 Mar 2004 17:49:31 +0000

Message-ID: <j-o1i$y6-tbg-rc0ea--uag$c[at]i9w.m63ft>

From: "Luisa Jamison" <ads5[at]imap.pitt.edu>

Reply-To: "Luisa Jamison" <ads5[at]imap.pitt.edu>

To: hdors[at]aon.at

Subject: Are you uncomfortable with the s1ze of your manhood? e

Date: Thu, 18 Mar 04 17:49:31 GMT

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="3.__ADEDD..E18._5B5D8E"

X-Priority: 3

X-MSMail-Priority: Normal

--3.__ADEDD..E18._5B5D8E

Content-Type: text/html;

Content-Transfer-Encoding: quoted-printable

</style>

</head>

<body>

<p align=3D"center"> </p>

<p align=3D"center"><span class=3D"style5"><span style=3D"background-color=

: #FF0000">Our NaturalGain+ Penis Enlargement Pills

Will Expand, Lengthen And Enlarge Your Penis 3+ Inches. 100% Satisfaction =

Guaranteed! Or Your Money Back! </span> </span><br>

<span class=3D"style2">

<br>

<span class=3D"style8">

<img style=3D"FLOAT: left; MARGIN-RIGHT: 10px" src=3D"http://www.natural-h=

erbs.info/images/bottle4.jpg" width=3D"92" height=3D"170"><b><font

color=3D=

"#000080">=FFFFFFBB</font></b></span><b><font color=3D"#000080">

</font></b>

</span><b><font color=3D"#000080"><span class=3D"style5">Gain 3+ Full Inch=

es In Length. </span>

<span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span><span class=3D"style5">

Increase Y=

our Penis

Width (Girth) By 20%.</span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Stop

Prema=

ture

Ejaculation!</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span

class=3D"style5">Produce St=

ronger, Rock

Hard Erections.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">100=

% Safe To Take,

With NO Side Effects.</span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Fast

Prior=

ity USPS

Shipping WorldWide.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">USPS

track=

ing numbers</span><span class=3D"style2">

<br>

</span><span class=3D"style8">=FFFFFFBB</span> <span

class=3D"style5">Doctor App=

roved And

Recommended</span><span class=3D"style2">.<br>

</span><span class=3D"style8">=FFFFFFBB</span><span class=3D"style5"> No

Pumps! =

No Surgery!

No Exercises! </span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">100=

% Money Back

Guarantee.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Get

Bottle=

Of

NaturalGain+ Worth Over $50 at no cost. </span><span class=3D"style2"><br>=

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Get a

&quo=

t;Male Help

E-Book" Worth Over $50 at no cost.</span></font></b></p>

<p align=3D"center"><font color=3D"#FF0000"><b><span class=3D"style8"><fon=

t size=3D"5">

<span style=3D"background-color:

#FFFFFF">=FFFFFFBB</span></font></span><span st=

yle=3D"background-color: #FFFFFF"><font size=3D"5">

</font></span> <font size=3D"5">

<span style=3D"background-color: #FFFFFF">We are so sure our product will =

work, we are prepared to give you a 100% money

back guarantee incase it doesn't.  Who else offers you that kind of

guarantee?</span></font></b></font></p>

<p align=3D"center"><font size=3D"6" color=3D"#000080">

<a href=3D"http://www.lindstrom.natural-herbs.info/cgi-bin/log/p1.cgi?i=

d=3Dpharm">CLICK HERE TO ENLARGE YOUR PENIS</a></font></p>

<p> </p>

</body>

</html>

--3.__ADEDD..E18._5B5D8E--

Link to comment
Share on other sites

this is another example, same spam that I get 20 times a day now bounced back to me:

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

Evdvmail[at]evdv.com

Return-path: ads5[at]imap.pitt.edu

Received: from pcp05919776pcs.derbrn01.mi.comcast.net ([68.40.160.211])

by kirk.evdv.com with Microsoft SMTPSVC(5.0.2195.5329); Thu,

18 Mar 2004 18:41:00 +0100

Received: from [4.14.164.200] by pcp05919776pcs.derbrn01.mi.comcast.net with

ESMTP id <051794-59639> for <evdv[at]evdv.com>; Thu, 18 Mar 2004 22:35:33 +0500

Date: Thu, 18 Mar 04 22:35:33 GMT

From: "Cecile Schulz" <ads5[at]imap.pitt.edu>

Subject: We have been helping MEN worldwide with... vlncx sq tsdvb

To: evdv[at]evdv.com

Reply-to: "Cecile Schulz" <ads5[at]imap.pitt.edu>

Message-id: <av54$158f4$h4241mn05$48-sr0v$75[at]os7gw5.r.t.sd4>

MIME-version: 1.0

X-Mailer: Internet Mail Service (5.5.2650.21)

Content-type: multipart/alternative;

boundary="Boundary_(ID_4rFj4abTdBRDww6sSJZb/Q)"

X-Priority: 3

X-MSMail-priority: Normal

X-OriginalArrivalTime: 18 Mar 2004 17:41:01.0224 (UTC)

FILETIME=[2DCCA280:01C40D10]

--Boundary_(ID_4rFj4abTdBRDww6sSJZb/Q)

Content-type: text/html;

Content-transfer-encoding: quoted-printable

</style>

</head>

<body>

<p align=3D"center"> </p>

<p align=3D"center"><span class=3D"style5"><span style=3D"background-color=

: #FF0000">Our NaturalGain+ Penis Enlargement Pills

Will Expand, Lengthen And Enlarge Your Penis 3+ Inches. 100% Satisfaction =

Guaranteed! Or Your Money Back! </span> </span><br>

<span class=3D"style2">

<br>

<span class=3D"style8">

<img style=3D"FLOAT: left; MARGIN-RIGHT: 10px" src=3D"http://www.natural-h=

erbs.info/images/bottle4.jpg" width=3D"92" height=3D"170"><b><font

color=3D=

"#000080">=FFFFFFBB</font></b></span><b><font color=3D"#000080">

</font></b>

</span><b><font color=3D"#000080"><span class=3D"style5">Gain 3+ Full Inch=

es In Length. </span>

<span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span><span class=3D"style5">

Increase Y=

our Penis

Width (Girth) By 20%.</span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Stop

Prema=

ture

Ejaculation!</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span

class=3D"style5">Produce St=

ronger, Rock

Hard Erections.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">100=

% Safe To Take,

With NO Side Effects.</span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Fast

Prior=

ity USPS

Shipping WorldWide.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">USPS

track=

ing numbers</span><span class=3D"style2">

<br>

</span><span class=3D"style8">=FFFFFFBB</span> <span

class=3D"style5">Doctor App=

roved And

Recommended</span><span class=3D"style2">.<br>

</span><span class=3D"style8">=FFFFFFBB</span><span class=3D"style5"> No

Pumps! =

No Surgery!

No Exercises! </span><span class=3D"style2"><br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">100=

% Money Back

Guarantee.</span><span class=3D"style2"> <br>

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Get

Bottle=

Of

NaturalGain+ Worth Over $50 at no cost. </span><span class=3D"style2"><br>=

</span><span class=3D"style8">=FFFFFFBB</span> <span class=3D"style5">Get a

&quo=

t;Male Help

E-Book" Worth Over $50 at no cost.</span></font></b></p>

<p align=3D"center"><font color=3D"#FF0000"><b><span class=3D"style8"><fon=

t size=3D"5">

<span style=3D"background-color:

#FFFFFF">=FFFFFFBB</span></font></span><span st=

yle=3D"background-color: #FFFFFF"><font size=3D"5">

</font></span> <font size=3D"5">

<span style=3D"background-color: #FFFFFF">We are so sure our product will =

work, we are prepared to give you a 100% money

back guarantee incase it doesn't.  Who else offers you that kind of

guarantee?</span></font></b></font></p>

<p align=3D"center"><font size=3D"6" color=3D"#000080">

<a href=3D"http://www.ouagadougou.natural-herbs.info/cgi-bin/log/p1.cgi?i=

d=3Dpharm">CLICK HERE TO ENLARGE YOUR PENIS</a></font></p>

<p> </p>

</body>

</html>

--Boundary_(ID_4rFj4abTdBRDww6sSJZb/Q)--

Link to comment
Share on other sites

as far as the bounces go, please read http://forum.spamcop.net/forums/index.php?showtopic=203 to see if that at least partially answers that problem.

The report issue, odd, over in the newsgroups, someone just made the complaint that s/he's getting something like 20 response for every spam submittal ... kind of hard to balance these complaints of "no response" with that "overloaded with responses" <g>

Link to comment
Share on other sites

Return-path: ads5[at]imap.pitt.edu

Received: from pcp05919776pcs.derbrn01.mi.comcast.net ([68.40.160.211])

by kirk.evdv.com with Microsoft SMTPSVC(5.0.2195.5329); Thu,

18 Mar 2004 18:41:00 +0100

Received: from [4.14.164.200] by pcp05919776pcs.derbrn01.mi.comcast.net with

ESMTP id <051794-59639> for <evdv[at]evdv.com>; Thu, 18 Mar 2004 22:35:33 +0500

Date: Thu, 18 Mar 04 22:35:33 GMT

From: "Cecile Schulz" <ads5[at]imap.pitt.edu>

Subject: We have been helping MEN worldwide with... vlncx sq tsdvb

To: evdv[at]evdv.com

Reply-to: "Cecile Schulz" <ads5[at]imap.pitt.edu>

my name is not Cecile, and I do not use comcast.net, I have not bounced any mail since the 15, regardless this is the typical e-mail send to me 20-80 times a day.

Link to comment
Share on other sites

This is exactly what is being described to you.

A spammer sent the message to the user at evdv.com with your address (The name could be any text and is not relevant) forged in the From:, Reply-to:, and most importantly Return-path: headers.

The actual sender probably bounced the message off of the comcast machine which is acting as a relay, possibly after being infected with a virus. The actual sender is probably NOT the IP in the previous line (4.14.164.200) but is being protected because of the relay.

When the message bounced for whatever reason (user does not exist, IP on some BL, etc.) it is returned to the address in the Return-path: field and ended up in your email box.

Usually, these will subside within a week or so.

Link to comment
Share on other sites

Most of my mails are going into a black hole as well. After several months of using it just fine, now my mails during the day are not being acknowledged, and do not show up as unsent reports. Some mails in the evening are getting through (in fact one just showed up right now).

The reports are not just getting delayed. I sent a bunch yesterday morning, got nothing, sent one yesterday evening, almost immediately got it back, sent a bunch this morning, again nothing more, then sent a few this evening, and immediately those went through.

I talked to a friend of mine and he's having a similar problem.

Link to comment
Share on other sites

There is a limit on how many spam you can send at one time if you are attaching several spam to one submission. It is something like 50 KB. If the individual spam add up to more than that, the submission just disappears.

Since there have several questions about this recently, it may not be that, but some other glitch.

Just thought I would mention it.

Miss Betsy

Link to comment
Share on other sites

the message bellow was blocked twice when I reported it manually, alarm, message taking too lon to report, same spam I have been getting 20-80 times a day and reporting for a month:

Obviously spammer is using my IP resources to send the spam to me, and as me. Yesterday the all my colleagues on this server were sent a virus by the same spammer, masquarading as our administrator.

SpamCop version 1.3.4 © SpamCop.net, Inc. 1998-2004 All Rights Reserved

spam Header

This page may be saved for future reference:

http://www.spamcop.net/sc?id=z360019584z13...a1e9c35e34c7ddz

Skip to Reports

Return-Path: <NPVPBIFONOQA[at]hotmail.com>

Received: from mb2i1.ns.pitt.edu (mb2i1.ns.pitt.edu [136.142.185.162])

by imap.srv.cis.pitt.edu with ESMTP (8.8.8/8.8.8/cisimap-7.2.2.4)

ID <KAA22638[at]imap.srv.cis.pitt.edu>;

Fri, 19 Mar 2004 10:22:52 -0500 (EST)

Received: from CONVERSION-DAEMON by pitt.edu (PMDF V5.2-32 #41462)

id <01L7WP1CBZ68004M2X[at]mb2i1.ns.pitt.edu>; Fri, 19 Mar 2004 10:20:35 EST

Received: from 136.142.185.164 ([220.64.24.124])

by pitt.edu (PMDF V5.2-32 #41462)

with SMTP id <01L7WP0E2WEI004L8I[at]mb2i1.ns.pitt.edu>; Fri,

19 Mar 2004 10:19:21 -0500 (EST)

Received: from 72.144.22.252 by 136.142.185.164; Fri, 19 Mar 2004 17:14:23 +0200

Date: Fri, 19 Mar 2004 14:14:23 -0100

From: Frederick Ouellette <NPVPBIFONOQA[at]hotmail.com>

Subject: Produce Stronger and Rock Hard Erections

To: x

Cc: x

Reply-to: Frederick Ouellette <NPVPBIFONOQA[at]hotmail.com>

Message-id: <JKGM____________LCHU[at]hotmail.com>

MIME-version: 1.0

Content-type: multipart/alternative;

boundary="Boundary_(ID_VCuYaY5Vsr+JerYKJ2Qt+g)"

X-Priority: 3

X-CS-IP: 111.139.250.22

View entire message

Parsing header:

Received: from mb2i1.ns.pitt.edu (mb2i1.ns.pitt.edu [136.142.185.162]) by imap.srv.cis.pitt.edu with ESMTP

(8.8.8/8.8.8/cisimap-7.2.2.4) ID <KAA22638[at]imap.srv.cis.pitt.edu>; Fri, 19 Mar 2004 10:22:52 -0500 (EST)

136.142.185.162 found

host 136.142.185.162 = mb2i1.ns.pitt.edu (cached)

host mb2i1.ns.pitt.edu (checking ip) = 136.142.185.162

Possible spammer: 136.142.185.162

ips are close enough

136.142.185.162 is close to an MX (136.142.185.164) for pitt.edu

136.142.185.162 is mx

Received line accepted

Received: from CONVERSION-DAEMON by pitt.edu (PMDF V5.2-32 #41462) id <01L7WP1CBZ68004M2X[at]mb2i1.ns.pitt.edu>; Fri,

19 Mar 2004 10:20:35 EST

Ignored

Received: from 136.142.185.164 ([220.64.24.124]) by pitt.edu (PMDF V5.2-32 #41462) with SMTP id

<01L7WP0E2WEI004L8I[at]mb2i1.ns.pitt.edu>; Fri, 19 Mar 2004 10:19:21 -0500 (EST)

220.64.24.124 found

host 220.64.24.124 (getting name) no name

136.142.185.162 not listed in dnsbl.njabl.org

136.142.185.162 not listed in cbl.abuseat.org

136.142.185.162 not listed in dnsbl.sorbs.net

136.142.185.162 is not an MX for imap.srv.cis.pitt.edu

ips are close enough

136.142.185.162 is close to an MX (136.142.185.164) for pitt.edu

Possible spammer: 220.64.24.124

host pitt.edu (checking ip) = 136.142.185.162

136.142.185.162 not listed in dnsbl.njabl.org

136.142.185.162 not listed in cbl.abuseat.org

136.142.185.162 not listed in dnsbl.sorbs.net

Chain test:pitt.edu =? mb2i1.ns.pitt.edu

host mb2i1.ns.pitt.edu (checking ip) = 136.142.185.162

ips are close enough

136.142.185.162 is close to an MX (136.142.185.164) for pitt.edu

136.142.185.162 is mx

pitt.edu and mb2i1.ns.pitt.edu have close IP addresses - chain verified

Possible relay: 136.142.185.162

136.142.185.162 not listed in relays.ordb.org.

136.142.185.162 has already been sent to relay testers

Received line accepted

Received: from 72.144.22.252 by 136.142.185.164; Fri, 19 Mar 2004 17:14:23 +0200

72.144.22.252 found

host 72.144.22.252 (getting name) no name

220.64.24.124 not listed in dnsbl.njabl.org

220.64.24.124 listed in cbl.abuseat.org ( 127.0.0.2 )

Open proxies untrusted as relays

Tracking message source: 220.64.24.124:

Routing details for 220.64.24.124

[refresh/show] Cached whois for 220.64.24.124 : 20001004[at]dreamx.net ip[at]dreamline.co.kr mackerel[at]dreamline.co.kr

Using last resort contacts 20001004[at]dreamx.net ip[at]dreamline.co.kr mackerel[at]dreamline.co.kr

Yum, this spam is fresh!

220.64.24.124 not listed in dnsbl.njabl.org

220.64.24.124 not listed in dnsbl.njabl.org

220.64.24.124 listed in cbl.abuseat.org ( 127.0.0.2 )

220.64.24.124 is an open proxy

220.64.24.124 not listed in plus.bondedsender.org

220.64.24.124 not listed in query.bondedsender.org

Finding links in message body

Recurse multipart:

Parsing HTML part

Resolving link obfuscation

http://zss4.info/p1/?id=sash

host 220.175.8.33 (getting name) no name

http://zss4.info/oz.html

host 220.175.8.33 (getting name) no name

Tracking link: http://zss4.info/p1/?id=sash

Resolves to 220.175.8.33

Tracking ip 220.175.8.33

Routing details for 220.175.8.33

[refresh/show] Cached whois for 220.175.8.33 : hostmaster[at]ns.chinanet.cn.net anti-spam[at]ns.chinanet.cn.net

yzxu[at]publicf.bta.net.cn

abuse net chinanet.cn.net = postmaster[at]chinanet.cn.net, anti-spam[at]chinanet.cn.net, ctsummary[at]special.abuse.net

abuse net chinanet.cn.net = postmaster[at]chinanet.cn.net, anti-spam[at]chinanet.cn.net, ctsummary[at]special.abuse.net

Using last resort contacts postmaster[at]chinanet.cn.net anti-spam[at]chinanet.cn.net ctsummary[at]special.abuse.net

yzxu[at]publicf.bta.net.cn

postmaster[at]chinanet.cn.net bounces (99 sent : 20164 bounces)

Using postmaster#chinanet.cn.net[at]devnull.spamcop.net for statistical tracking.

anti-spam[at]chinanet.cn.net bounces (142 sent : 100 bounces)

Using anti-spam#chinanet.cn.net[at]devnull.spamcop.net for statistical tracking.

yzxu[at]publicf.bta.net.cn bounces (1 sent : 99 bounces)

Using yzxu#publicf.bta.net.cn[at]devnull.spamcop.net for statistical tracking.

Tracking link: http://zss4.info/oz.html

Resolves to 220.175.8.33

Tracking ip 220.175.8.33

Cached masters for 220.175.8.33: ctsummary[at]special.abuse.net anti-spam#chinanet.cn.net[at]devnull.spamcop.net

yzxu#publicf.bta.net.cn[at]devnull.spamcop.net postmaster#chinanet.cn.net[at]devnull.spamcop.net

Please make sure this email IS spam:

From: Frederick Ouellette <NPVPBIFONOQA[at]hotmail.com> (Produce Stronger and Rock Hard Erections)

--Boundary_(ID_VCuYaY5Vsr+JerYKJ2Qt+g)

Content-type: text/html;

View full message

Report spam to:

Re: 220.64.24.124 (Silent report about source of mail)

Re: http://zss4.info/oz.html (Silent report about spamvertisement)

Re: http://zss4.info/p1/?id=sash (Silent report about spamvertisement)

Link to comment
Share on other sites

the message below was blocked twice when I reported it manually, alarm, message taking too lon to report

The actual message you posted is from spamcop, confirming that your mole account sent a report about the spam with the Subject: Produce Stronger and Rock Hard Erections. If you are trying to report that message, you will be hearing from the deputies soon about losing your account.

While I do not have a mole account, it is very similar to the reports I get when I quick report my spam.

Obviously spammer is using my IP resources to send the spam to me, and as me.

The spammer is not using your IP to send spam to you. The spam is coming from 220.64.24.124 as stated in the parse you posted.

Tracking message source: 220.64.24.124:

Routing details for 220.64.24.124

Please ignore the names and email addresses in any spam as they are almost always forged as you have been told several times on this message board.

Yesterday the all my colleagues on this server were sent a virus by the same spammer, masquarading as our administrator.

If the virus can be traced back to the same IP (220.64.24.124) that would explain how the spam is coming through. That machine is infected with a virus that opens a hole for the spammers to use to send their spam.

It is possible that the virus picked up your addresses from the spam coming through that machine. This is simply a theory.

Link to comment
Share on other sites

dra007

Please stop posting the entire messages.

You do not understand how email and reporting works. Stop reporting spam until you understand.

Each server has an IP address.

An email that is sent gets the IP address of the server that sends it. The server does not check to see if the domain part of the email address (the part after the [at]) matches the IP address. Therefore a server with one IP address can send email that has lots of different email addresses xxx[at]domain.xxx

However, the server cannot hide its IP address. The receiving server does not check the email addresses either. The receiving server decides to receive email based on the IP address. Sometimes, the receiving server will also check to make sure that the email address that the email is going *to* really exists on their network. If not, they reject it.

Spammers have found ways to use other people's computers to send their spam. Then the receiving server thinks the email came from those computers, not the spammer.

NONE of the email you have described or shown comes from the IP address of your server.

The spammer is forging your email address as the sender. This happens to everyone who gets spam.

Viruses get the email addresses from lots of places. One recent virus sent virus email to all the domains they could find with "administrator" before the [at] What you received is that virus which lots and lots of people received.

Until you can understand the basics, there will be no point to answering your posts anymore.

Miss Betsy

Link to comment
Share on other sites

Thanks, that is why I am hre, trying to figure out how they work. I have got on a spammer list only recently so I was feeling like I was being targetted. I have been using the same e-mail address for >5years. It seems more than coincidental that I have been overwhelemed with abusive e-mails all of a sudden and any countermeasure I am attempting only results in more abuse.

Link to comment
Share on other sites

If you mean this Friday, 20-mar-2004, they should not be too old unless they were a couple days old when you submitted them. You have 3 full days (72 ours) from when your ISP received the message to hitting the report button.

To answer your question, I was seeing a few hour delay receiving the message, but it was atually ready to report hours before that.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...