efa Posted January 17, 2007 Share Posted January 17, 2007 Hi, seems spamcop reporting system cannot find the admin email from whois of IP address 83.95.183.76, when it is: "csirt[at]csirt.dk" as reported in remarks. This is the tracking url: http://www.spamcop.net/sc?id=z1194767162z4...1a93f9c0ba48fez Link to comment Share on other sites More sharing options...
StevenUnderwood Posted January 17, 2007 Share Posted January 17, 2007 Hi, seems spamcop reporting system cannot find the admin email from whois of IP address 83.95.183.76, when it is: "csirt[at]csirt.dk" as reported in remarks. This is the tracking url: http://www.spamcop.net/sc?id=z1194767162z4...1a93f9c0ba48fez By my understanding, their information is not configured in the standard way (how is a program going to find that address?). If you contact the deputies, they might decide to manually alter this one. The host could also fix their entry or register with abuse.net. Also note the possibilities at the bottom of the page if you simply enter that IP address into the parser: No valid email addresses found, sorry! There are several possible reasons for this: The site involved may not want reports from SpamCop. SpamCop administrators may have decided to stop sending reports to the site to prevent listwashing. SpamCop uses internal routeing to contact this site, only knows about the internal method and so cannot provide an externally-valid email address. There may be no working email address to receive reports. Link to comment Share on other sites More sharing options...
efa Posted January 17, 2007 Author Share Posted January 17, 2007 If you contact the deputies, they might decide to manually alter this one. The host could also fix their entry or register with abuse.net. I manual write a complaint to the reported email, but I wish spamcop report for me in the future. I dont know how to ask to fix the entry or use abuse.net Link to comment Share on other sites More sharing options...
turetzsr Posted January 17, 2007 Share Posted January 17, 2007 I manual write a complaint to the reported email, but I wish spamcop report for me in the future....As StevenUnderwood indicated in his reply, you will have to write the SpamCop Deputies to ask them to manually alter the abuse address for this IP. There is no way to insure that they will be both willing and able to do this, however.I dont know how to ask to fix the entry or use abuse.net...The admin(s) of the IP will have to do that. You may ask them to do so -- I would suggest writing them at the e-mail address you found (csirt[at]csirt.dk). Again, there is no way to insure that they will be both willing and able to do this. ...Good luck! Link to comment Share on other sites More sharing options...
Farelf Posted January 17, 2007 Share Posted January 17, 2007 ...This is the tracking url: http://www.spamcop.net/sc?id=z1194767162z4...1a93f9c0ba48fez Pending report cancelled - it is not wise to post a pending report in public. All the (same) detail is available in the cancelled report - it is just you would have to submit the spam again if you wish to report, which seems not likely. Link to comment Share on other sites More sharing options...
Farelf Posted January 17, 2007 Share Posted January 17, 2007 ... there is no way to insure that they will be both willing and able to do this.Unless they have some concern about a possible rfc-ignorant listing. I restrict submitting for rfc-ignorant listing to those cases where there is a non-compliant abuse address, it bounces any single attempt to report to it and the postmaster[at] address subsequently bounces also. Others may be more tolerant - or less. Link to comment Share on other sites More sharing options...
Miss Betsy Posted January 17, 2007 Share Posted January 17, 2007 If the ISP in question is so incompetent to allow abuse and postmaster addresses to bounce, then there probably is no point to sending them a report. However, even reports that go to dev null /are/ added to the blocklist, so there is still a good reason for reporting them. Miss Betsy Link to comment Share on other sites More sharing options...
efa Posted January 18, 2007 Author Share Posted January 18, 2007 their information is not configured in the standard way Which is the standard way? What is the reference RFC number? thanks Link to comment Share on other sites More sharing options...
Farelf Posted January 18, 2007 Share Posted January 18, 2007 If the ISP in question is so incompetent to allow abuse and postmaster addresses to bounce, then there probably is no point to sending them a report.Nor is the prospect of rfc-ignorant listing likely worry them but at least once (if) they are listed other internet users can use that datum to shun them and/or stop wasting time on them. There again (to demonstrate a modicum of charity) they may simply have missed the changes that have affected the internet, operating in their own little corner of it. Poor efa must be wondering what on earth is going on, given ...I dont know how to ask to fix the entry or use abuse.netThe suggestion is (for you) to ask csirt to set up an abuse[at] address per RFC2142 (as discussed at abuse.rfc-ignorant.org listing policy) and then for them to submit details to abuse.net. That is for system managers, they are the only ones who can do it. They should also update their database entry at the Ripe Database which feeds the whois queries (IIUC - if I understand correctly). They should do this because spam has come from their netspace and they should be concerned to stop that. If they don't, their legitimate email customers may later be inconvenienced. Which is the standard way? What is the reference RFC number? My response posted before I saw this - I think these are answered by the above. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.