Spam evades SpamCop parsing and Bayesian analysis

[hok]

I do not filter incoming e-mail for spam but have been reporting spam via SpamCop for years. I have seen a surge of spamvertised URL, drug(s) and stock symbol in an image inline with HTML e-mail to evade SpamCop parsing for spamvertised URL as well as Bayesian analysis that scores individual e-mail for certain words to identify spam for filtering.

I further noted another way to evade SpamCop parsing for spamvertised URL that is "replace "*" with "." or remove space in spamvertised URL, for example, http://www.22rx*com (Important! Replace "*" with ".") or http://www.22rx. com (Important! remove blank space).

At first, I manually reported those spamvertised URL and noted most reported spamvertised URL got their web site shut down within few days. However, as this type of spam by image or mangled URL surge, I no longer can manually handle them. Any suggestion to have those web sites by spamvertised URL shut down at least semi-automatically like just reporting to SpamCop?

[Miss Betsy]

If you read the last post in My Canadian Pharmacy Topic, it will point you to a place where there is more information than is on this forum.

Spamcop's primary purpose is to report the source of spam. IIRC, there is a blocklist based, at least in part, of spamvertised sites found in spamcop reported spam. However, official spamcop does not seem to be interested in making the reporting of spamvertised sites any easier so discussion in this forum is generally complaints and suggestions on how to improve spamcop reporting and explanations of the primary purpose of spamcop and philosophy on why it is not worthwhile to report spamvertised sites.

Miss Betsy

[dra007]

If you really want to go after spamadvertised domains try something along http://www.knujon.com/

PS. On a happy note several sites I reported to them in the interim are pending shutdown...

Site Instances First Time Last Time Status

aeacqwhinese.com 1 2/23/2007 2/23/2007 Suspension Pending

canbfuntodate.com 13 2/20/2007 2/22/2007 Suspension Pending

dustsalvable.com 1 2/21/2007 2/21/2007 Suspension Pending

fermeryhe.com 1 2/21/2007 2/21/2007 Suspension Pending

fgesy.com 1 2/20/2007 2/20/2007 Suspension Pending

fowostensibly.com 1 2/22/2007 2/22/2007 Suspension Pending

hukld.com 2 2/24/2007 2/26/2007 Suspension Pending

isodromegi.com 1 2/21/2007 2/21/2007 Suspension Pending

moperotes.com 4 2/21/2007 2/22/2007 Suspension Pending

pebrinegn.com 1 2/23/2007 2/23/2007 Suspension Pending

serabstractedness.com 1 2/21/2007 2/21/2007 Suspension Pending

topilljudged.com 3 2/21/2007 2/21/2007 Suspension Pending

Let's see how many actually do vanish....(keeping my fingers crossed)...

[hok]

If you really want to go after spamadvertised domains try something along http://www.knujon.com/

I have signed up with and reported spam to KnujOn in addition to SpamCop since your reply. Unfortunately, I found KnujOn just like SpamCop cannot process spam advertised URL in image. Furthermore, KnujOn appears to me that they do not process domain name ends with *.hk. Followings are my latest KnujOn report:

Site Instances First Time Last Time Status

100freemb.com 1 3/17/2007 3/17/2007

3timescash.com 1 3/27/2007 3/27/2007

4softsolutions.info 1 3/25/2007 3/25/2007

aaopc.net 17 3/12/2007 3/29/2007

acchengxin.net 2 3/15/2007 3/23/2007 Suspension Pending

aldd.net 1 3/12/2007 3/12/2007

almostabletobe.com 1 3/19/2007 3/19/2007

apartmentliz.com 3 3/23/2007 3/29/2007 Suspension Pending

arcabit.com 1 3/27/2007 3/27/2007

bbt.com 1 3/17/2007 3/17/2007

bearkjkdjmazing.com 1 3/27/2007 3/27/2007 Suspension Pending

bettyr.com 1 3/27/2007 3/27/2007

bgdfg.com 10 3/23/2007 3/26/2007 Suspension Pending

biggaish.com 1 3/18/2007 3/18/2007 Suspension Pending

bigtelevizor.com 1 3/21/2007 3/21/2007

bittyurl.com 1 3/25/2007 3/25/2007

bizzrefaction.com 1 3/15/2007 3/15/2007 Suspension Pending

bophydroplane.com 1 3/13/2007 3/13/2007 Suspension Pending

bxazeyad.com 2 3/21/2007 3/21/2007

capitalone.com 4 3/17/2007 3/19/2007

cellpeuismells.com 1 3/17/2007 3/17/2007 Suspension Pending

ceribella.com 1 3/21/2007 3/21/2007 Suspended

clewvuy.com 2 3/26/2007 3/26/2007 Suspension Pending

click-url.com 1 3/18/2007 3/18/2007 Suspended

coincir.com 2 3/11/2007 3/12/2007

cyclodetrinton.org 1 3/12/2007 3/12/2007

deelioo.com 1 3/27/2007 3/27/2007

deferrt.com 16 3/23/2007 3/29/2007

demainnio.com 1 3/11/2007 3/11/2007

denimuu.com 1 3/21/2007 3/21/2007

derwanderlust.com 2 3/15/2007 3/18/2007 Suspension Pending

diammol.com 1 3/12/2007 3/12/2007

dolirokert.com 4 3/12/2007 3/15/2007

draftibolt.com 1 3/29/2007 3/29/2007

dresfrrtme.com 1 3/29/2007 3/29/2007

dualjkjakvdz.com 1 3/24/2007 3/24/2007 Suspension Pending

easyhost4all.info 1 3/25/2007 3/25/2007

ebanking-services.com 1 3/29/2007 3/29/2007

egutalok.com 2 3/24/2007 3/24/2007

einnews.com 1 3/18/2007 3/18/2007

electiff.com 1 3/29/2007 3/29/2007

emailruningslow.info 1 3/13/2007 3/13/2007

endlessdex.com 3 3/26/2007 3/27/2007 Suspension Pending

eurythmyver.com 1 3/27/2007 3/27/2007 Suspension Pending

ev15k.com 1 3/26/2007 3/26/2007

exmolestation.com 1 3/11/2007 3/11/2007 Suspension Pending

fegiaoo.com 1 3/16/2007 3/16/2007

fiertgos.com 1 3/27/2007 3/27/2007

finaletopi.info 1 3/17/2007 3/17/2007

fixastir.net 2 3/17/2007 3/17/2007

flaminrjdnmftgingo.com 1 3/25/2007 3/25/2007 Suspension Pending

fogfoolhardness.com 1 3/15/2007 3/15/2007 Suspension Pending

fortacort.com 1 3/20/2007 3/20/2007 Suspension Pending

freenate.com 1 3/13/2007 3/13/2007 Suspension Pending

funhooknups.com 14 3/12/2007 3/15/2007 Suspension Pending

gaselierluw.com 1 3/25/2007 3/25/2007 Suspension Pending

gefruing.com 1 3/27/2007 3/27/2007

getsomedates.com 11 3/24/2007 3/27/2007 Suspension Pending

gintinshoes.org 1 3/12/2007 3/12/2007

gkyfg.com 35 3/15/2007 3/27/2007 Suspension Pending

goodhookupfun.com 9 3/15/2007 3/22/2007 Suspension Pending

greatmatchings.com 1 3/12/2007 3/12/2007

gtfvb.com 1 3/29/2007 3/29/2007

hotnetlove.com 1 3/24/2007 3/24/2007

huyyui.com 1 3/29/2007 3/29/2007

icortray.com 2 3/19/2007 3/19/2007

ifoundoutfromthisall.com 1 3/26/2007 3/26/2007

inaglobe.com 2 3/24/2007 3/24/2007

invfilm.com 1 3/13/2007 3/13/2007

irete.info 4 3/13/2007 3/19/2007

ironshodam.com 2 3/19/2007 3/19/2007 Suspension Pending

isorelen.com 2 3/17/2007 3/17/2007

jailmatelc.com 1 3/17/2007 3/17/2007

jeksyg.com 2 3/19/2007 3/19/2007 Suspension Pending

kemooon.com 7 3/11/2007 3/15/2007

kikioemd.com 2 3/26/2007 3/27/2007

kikisodv.com 1 3/12/2007 3/12/2007

kikisood.com 1 3/15/2007 3/15/2007

kisgarniture.com 2 3/26/2007 3/26/2007 Suspension Pending

kistrian.net 1 3/18/2007 3/18/2007

lafbrek.com 1 3/21/2007 3/21/2007 Suspension Pending

letriaii.com 1 3/11/2007 3/11/2007

liumotk.com 1 3/17/2007 3/17/2007

lopoioo.com 1 3/13/2007 3/13/2007

luchuanil.com 3 3/17/2007 3/20/2007 Suspension Pending

mantipu.com 3 3/23/2007 3/25/2007

minitejkonata.com 2 3/22/2007 3/22/2007 Suspension Pending

misgoln.com 2 3/20/2007 3/21/2007

ml-st.com 1 3/18/2007 3/18/2007

myway.com 8 3/13/2007 3/26/2007

nakdu.net 3 3/17/2007 3/25/2007

nardolim.com 2 3/17/2007 3/17/2007

narrowme.com 3 3/21/2007 3/22/2007

newsfromrussia.com 1 3/24/2007 3/24/2007 Suspended

newslib.com 1 3/18/2007 3/18/2007

neycn.net 1 3/26/2007 3/26/2007

nezoe.net 1 3/22/2007 3/22/2007

nhsdf.com 10 3/14/2007 3/26/2007 Suspension Pending

nhyfg.com 1 3/29/2007 3/29/2007

nimfobard.com 1 3/17/2007 3/17/2007

nitroshaitan.com 2 3/13/2007 3/15/2007 Suspension Pending

okfinkjjkithen.com 1 3/25/2007 3/25/2007 Suspension Pending

onestepbehind.info 2 3/13/2007 3/13/2007

onlycghjguff.com 1 3/15/2007 3/15/2007 Suspension Pending

orderjjkraced.com 1 3/26/2007 3/26/2007 Suspension Pending

pcmannmtyanna.com 1 3/21/2007 3/21/2007 Suspension Pending

plusjkproduc.com 1 3/22/2007 3/22/2007 Suspension Pending

pointfeed.com 1 3/19/2007 3/19/2007

politoo.com 1 3/20/2007 3/20/2007

postdirect.com 1 3/18/2007 3/18/2007

preploys.net 1 3/17/2007 3/17/2007

promidet.com 3 3/18/2007 3/18/2007

pundicap.com 1 3/11/2007 3/11/2007

pundicap.net 2 3/13/2007 3/14/2007

qualiertttymes.com 1 3/12/2007 3/12/2007 Suspension Pending

qualitajdnmfytmes.com 1 3/25/2007 3/25/2007 Suspension Pending

querkuitsnsterr.com 1 3/21/2007 3/21/2007

quinkjkjcmean.com 1 3/27/2007 3/27/2007 Suspension Pending

realismcomb.info 1 3/17/2007 3/17/2007

repliadfqukon.com 1 3/21/2007 3/21/2007 Suspension Pending

repliaqukon.com 1 3/19/2007 3/19/2007 Suspension Pending

reunomelo.info 1 3/19/2007 3/19/2007

rightrehun.com 1 3/18/2007 3/18/2007 Suspension Pending

ringhalsel.com 2 3/13/2007 3/13/2007

rmoosoft.com 1 3/14/2007 3/14/2007

saidpaulclight.com 1 3/17/2007 3/17/2007

saveloan002.com 1 3/27/2007 3/27/2007

saveloan014.com 1 3/29/2007 3/29/2007

saverxx.org 1 3/29/2007 3/29/2007

scinesist.info 1 3/25/2007 3/25/2007

sdftubercle.com 5 3/12/2007 3/15/2007 Suspension Pending

secamonecj.com 1 3/19/2007 3/19/2007

seehuissier.com 1 3/16/2007 3/16/2007 Suspension Pending

seematerfamilias.com 1 3/23/2007 3/23/2007 Suspension Pending

sefhe.com 9 3/13/2007 3/27/2007

sexkyrtyhherre.com 1 3/17/2007 3/17/2007 Suspension Pending

silvejkjkbrand.com 1 3/26/2007 3/26/2007 Suspension Pending

singedki.com 1 3/13/2007 3/13/2007

slavirople.com 1 3/23/2007 3/23/2007

slavirople.net 1 3/19/2007 3/19/2007

snakenroll.com 1 3/15/2007 3/15/2007

softstudent.info 1 3/29/2007 3/29/2007

sospertubation.com 1 3/26/2007 3/26/2007 Suspension Pending

speedmort008.com 1 3/12/2007 3/12/2007 Suspension Pending

speedmort009.com 1 3/26/2007 3/26/2007 Suspension Pending

speedmort016.com 3 3/14/2007 3/16/2007 Suspension Pending

subbargeman.com 1 3/14/2007 3/14/2007 Suspension Pending

sumtrinton.org 1 3/12/2007 3/12/2007

suretopviag.com 1 3/18/2007 3/18/2007 Suspension Pending

suroot.com 1 3/23/2007 3/23/2007

taleoft.com 3 3/18/2007 3/19/2007

terttin.com 4 3/26/2007 3/29/2007

thedreamofunicorms.com 1 3/22/2007 3/22/2007 Suspension Pending

thelovelyfeel.com 3 3/18/2007 3/19/2007

tok2.com 1 3/20/2007 3/20/2007

trigonium.com 1 3/17/2007 3/17/2007

ungetrit.net 1 3/18/2007 3/18/2007

unstintingxer.com 1 3/24/2007 3/24/2007 Suspension Pending

useledjnmfaknfogood.com 1 3/27/2007 3/27/2007 Suspension Pending

useleknfogood.com 1 3/27/2007 3/27/2007 Suspension Pending

viagmule.com 1 3/17/2007 3/17/2007 Suspension Pending

viagrilos.com 1 3/18/2007 3/18/2007 Suspension Pending

vjfn.com 1 3/23/2007 3/23/2007

vubhortative.com 1 3/25/2007 3/25/2007 Suspension Pending

v-webmail.org 1 3/25/2007 3/25/2007

watccvbeqeasy.com 1 3/13/2007 3/13/2007 Suspension Pending

wegeniuu.com 1 3/13/2007 3/13/2007

wegizu.com 2 3/19/2007 3/19/2007 Suspension Pending

we-lovenasdq.com 1 3/26/2007 3/26/2007

werclew.com 1 3/19/2007 3/19/2007 Suspension Pending

werguideless.com 3 3/12/2007 3/13/2007 Suspension Pending

whatudidtomewait.com 1 3/25/2007 3/25/2007 Suspension Pending

whitekoler.com 1 3/29/2007 3/29/2007

xbaja.com 1 3/23/2007 3/23/2007

xdeaqytgu.net 1 3/13/2007 3/13/2007

yakewu001.com 1 3/19/2007 3/19/2007

yartemper.com 1 3/20/2007 3/20/2007

zippedurl.com 1 3/21/2007 3/21/2007

I would like to find an easy way to have those spam advertised URLs in image shut down, please continue to help!

[Wazoo]

I would like to find an easy way to have those spam advertised URLs in image shut down, please continue to help!

Spammers work like crazy to keep coming up with new ways to get around filters, blocks, complaints and such (see Software Development Life Cycle principles for spam ) but you want an 'easy' way to handle that spew ...??? The 'easy' answer would be to learn how to analyze these things and report them manually ....

[SargeAnt]

1) I tried right now some sites quoted here as "Suspension pending" (trying to ping them). And they all are still there - i.e. valid DNS names. So, does KnujOn do anything? and how could they possibly suspend sites which they do not own?

2) Well, as long as there are "Software Development Life Cycle principles for spam", there should by "Software Development Life Cycle principles for anti-spam", too

Yet parsing images for URLs is a harsh task, true. So there is little hope, right