emanmb Posted October 25, 2007 Share Posted October 25, 2007 Lately I've been getting spams that have the site address in an image or they type it so it can't be read by Spamcop or Knujon. Something like "chinesewebsite . com". So my question is is it legal/ethical whatever to make that address readable to spamcop and knujon? It's a lot of work to make the 1st FWD to spamcop and then take the html and headers from that report, cancel it, and paste into the original spam, then add the web address the spammer is asking one to type in themselves. A lot of work.... but I hate them especially when they try to avoid being reported. Some days I have time on my hands to do this. anywho, is this allowed? thanks Link to comment Share on other sites More sharing options...
Farelf Posted October 25, 2007 Share Posted October 25, 2007 ...So my question is is it legal/ethical whatever to make that address readable to spamcop and knujon?...NOT for SpamCop - no. The cardinal rule is it is not permitted to "assist" the parser by making something readable which was not so in the original message. Chapter and verse at Material changes to spam which says in the relevant partSpamCop does what it does and doesn't do for a reason. Do not make any material changes to spam before submitting or parsing which may cause SpamCop to find a link, address or URL it normally would not, by design, find. ...There is nothing to stop you using the SC parsing tool to locate the reporting addresses for the "stealthed" site and sending your own "manual" report/LART - except you will be "exposing" a real address to whomsoever you send it (which does not worry some but I think you might want to know just who these people are before doing so yourself). Link to comment Share on other sites More sharing options...
emanmb Posted October 26, 2007 Author Share Posted October 26, 2007 thanks for the tips! Link to comment Share on other sites More sharing options...
ahoier Posted November 20, 2007 Share Posted November 20, 2007 Another point, a lot of times these spammed sites (let's call them domains....) are actually set up on fast-flux or round-robin botnets, in which there could be 20+ machines pointed at that domain at any time.... Refresh the SC parser page a couple times, you might find that the contact info of the spamvertized domain has changed Because SC found a new/different IP in the pool and grabbed those contact details instead. If you really want to take a jab at the spammers, grab the Complainterator tool from complainterator.com and complain directly the the registrars - the companies who allow these machines access to the Internet. But yea, I've been doing similar, I'll send off a "readable" address/forward to Knujon, and then submit the un-altered SC report as it was sent to me. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.