Clydesdale Posted March 18, 2007 Share Posted March 18, 2007 Hello, I apologize if this has been discussed already. I did a **quick** search and couldn't find anything. I send pretty much every spam that I get to SpamCop and have been looking at the SpamCop Blocking List, then SenderBase report, for most of the spam that I report. I may be completely wrong here but it seems to me that there are quite a few spam houses that have figured out how to completely bypass SpamCop. They simply rotate through a block of spam server IP addresses, changing to the new address when the old one is being blocked. This may not be proof but here's an example. I reported/looked up IP 184.108.40.206 (reporting addresses = anti-spam[at]ns.chinanet.cn.net, postmaster[at]wh.hb.cn, spam_hb[at]public.wh.hb.cn, and abuse_hb[at]public.wh.hb.cn). Then I check the BlockList. The BlockList result is: "220.127.116.11 not listed in bl.spamcop.net" So I do a SenderBase lookup and get the below: address hostname DNS Verified Daily Magnitude Monthly Magnitude 18.104.22.168 22.214.171.124.broad.jh.zj.dynamic.163data.com.cn Y 0.0 4.1 126.96.36.199 188.8.131.52.broad.fz.fj.dynamic.163data.com.cn 0.0 3.9 184.108.40.206 220.127.116.11.broad.yz.js.dynamic.163data.com.cn 0.0 3.8 18.104.22.168 22.214.171.124.broad.fz.fj.dynamic.163data.com.cn Y 0.0 3.8 126.96.36.199 188.8.131.52.broad.yz.js.dynamic.163data.com.cn 4.5 3.7 184.108.40.206 220.127.116.11.broad.fz.fj.dynamic.163data.com.cn 0.0 3.7 18.104.22.168 22.214.171.124.broad.xw.sh.dynamic.163data.com.cn 0.0 3.7 126.96.36.199 188.8.131.52.broad.qz.fj.dynamic.163data.com.cn Y 0.0 3.6 184.108.40.206 242.215.61.59.broad.qz.fj.dynamic.163data.com.cn Y 0.0 3.6 220.127.116.11 18.104.22.168.broad.sz.js.dynamic.163data.com.cn 0.0 3.6 22.214.171.124 126.96.36.199.broad.sz.js.dynamic.163data.com.cn 0.0 3.6 188.8.131.52 184.108.40.206.broad.xw.sh.dynamic.163data.com.cn 3.1 3.6 220.127.116.11 18.104.22.168.broad.sz.js.dynamic.163data.com.cn 0.0 3.6 22.214.171.124 126.96.36.199.broad.wh.hb.dynamic.163data.com.cn 0.0 3.6 188.8.131.52 184.108.40.206.broad.xw.sh.dynamic.163data.com.cn 0.0 3.5 220.127.116.11 18.104.22.168.broad.ha.js.dynamic.163data.com.cn 4.2 3.5 22.214.171.124 126.96.36.199.broad.xz.js.dynamic.163data.com.cn 0.0 3.5 188.8.131.52 184.108.40.206.broad.qz.fj.dynamic.163data.com.cn Y 4.4 3.5 220.127.116.11 18.104.22.168.broad.fz.fj.dynamic.163data.com.cn 0.0 3.5 22.214.171.124 126.96.36.199.broad.qz.fj.dynamic.163data.com.cn Y 3.3 3.5 . . . (It goes on and on) Since the average Monthly Magnitude of all of these servers is between 3.5 and 3.6 yet many have a Daily Magnitude of 0.0 or 4.X, it looks like they are simply bypassing SpamCop's algorithm. Is this the case? I want to keep reporting spam but am starting to feel like the professional spam houses have defeated SpamCop's methods. Please tell me that this isn't true, or that SpamCop will lengthen the time for automatic removal so that spam houses can't so easily bypass SpamCop's removal algorithm. Sincerely, Steve Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.