Jump to content

No reporting addresses found for 83.95.183.76, using devnull for tracking


efa
 Share

Recommended Posts

Hi,

seems spamcop reporting system cannot find the admin email from whois of IP address 83.95.183.76, when it is: "csirt[at]csirt.dk" as reported in remarks.

This is the tracking url:

http://www.spamcop.net/sc?id=z1194767162z4...1a93f9c0ba48fez

By my understanding, their information is not configured in the standard way (how is a program going to find that address?).

If you contact the deputies, they might decide to manually alter this one. The host could also fix their entry or register with abuse.net. Also note the possibilities at the bottom of the page if you simply enter that IP address into the parser:

No valid email addresses found, sorry!

There are several possible reasons for this:

The site involved may not want reports from SpamCop.

SpamCop administrators may have decided to stop sending reports to the site to prevent listwashing.

SpamCop uses internal routeing to contact this site, only knows about the internal method and so cannot provide an externally-valid email address.

There may be no working email address to receive reports.

Link to comment
Share on other sites

If you contact the deputies, they might decide to manually alter this one. The host could also fix their entry or register with abuse.net.

I manual write a complaint to the reported email, but I wish spamcop report for me in the future.

I dont know how to ask to fix the entry or use abuse.net

Link to comment
Share on other sites

I manual write a complaint to the reported email, but I wish spamcop report for me in the future.
...As StevenUnderwood indicated in his reply, you will have to write the SpamCop Deputies to ask them to manually alter the abuse address for this IP. There is no way to insure that they will be both willing and able to do this, however.
I dont know how to ask to fix the entry or use abuse.net
...The admin(s) of the IP will have to do that. You may ask them to do so -- I would suggest writing them at the e-mail address you found (csirt[at]csirt.dk). Again, there is no way to insure that they will be both willing and able to do this.

...Good luck!

Link to comment
Share on other sites

Pending report cancelled - it is not wise to post a pending report in public. All the (same) detail is available in the cancelled report - it is just you would have to submit the spam again if you wish to report, which seems not likely.
Link to comment
Share on other sites

... there is no way to insure that they will be both willing and able to do this.
Unless they have some concern about a possible rfc-ignorant listing. I restrict submitting for rfc-ignorant listing to those cases where there is a non-compliant abuse address, it bounces any single attempt to report to it and the postmaster[at] address subsequently bounces also. Others may be more tolerant - or less.
Link to comment
Share on other sites

If the ISP in question is so incompetent to allow abuse and postmaster addresses to bounce, then there probably is no point to sending them a report.
Nor is the prospect of rfc-ignorant listing likely worry them but at least once (if) they are listed other internet users can use that datum to shun them and/or stop wasting time on them. There again (to demonstrate a modicum of charity) they may simply have missed the changes that have affected the internet, operating in their own little corner of it.

Poor efa must be wondering what on earth is going on, given

...I dont know how to ask to fix the entry or use abuse.net
The suggestion is (for you) to ask csirt to set up an abuse[at] address per RFC2142 (as discussed at abuse.rfc-ignorant.org listing policy) and then for them to submit details to abuse.net. That is for system managers, they are the only ones who can do it. They should also update their database entry at the Ripe Database which feeds the whois queries (IIUC - if I understand correctly). They should do this because spam has come from their netspace and they should be concerned to stop that. If they don't, their legitimate email customers may later be inconvenienced.

Which is the standard way?

What is the reference RFC number?

My response posted before I saw this - I think these are answered by the above.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...