Jump to content

Personal blacklist appears to be ineffective


amenex
 Share

Recommended Posts

After weeks of effort listing IP's and domains of spammers in my personal blacklist, I am finding that new spams from these sources continue to appear in my Inbox and are not being transferred to my Held Mail folder.

My intent is to dig these spams out of my Inbox, where they hide amongst legitimate emails, and to move them into my Held Mail folder, where I am willing to dig out the few legitimate emails that come from the black hat domains & IP addresses and to whitelist their senders.

However, many new spams continue to appear in my Inbox in spite of the listing of their domains and IP addresses in my Personal Blacklist.

Is there an activation box for my personal blacklist somewhere ?

amenex

Link to comment
Share on other sites

I see this as an issue/question about how to use tools provided for/in a SpamCop.net e-mail account. Therefore moving this from the "New feature Request" Forum section over to the "SpamCop E-mail System & Accounts" Forum section.

Has the SpamCop FAQ 'here' and/or the Wiki been looked at yet? Have any of the existing "filtering" Topics/Discussions in the SpamCop E-mail System & Accounts Forum section been perused at all yet?

Are you going to provide any kind of a sample of just what is being asked about? (Preferably a Tracking URL please)

Are you going to provide samples of just what you actually entering into your blacklist? (Personally, I hadn't heard of anyone plugging IP Addresses into that list ...?????) By "Domains of spammers" .. are you talking about the probable forged 'From:' e-mail addresses?

Have you looked at the recent addition of greylisting yet?

Link to comment
Share on other sites

Here's a tracking URL for a spam that only appeared in my Held Mail after I had placed its sender in my personal blacklist at least twice:

http://www.spamcop.net/sc?id=z1526205850zf...e34fac13e5f640z

I started this thread after making a search on the SpamCop forums & FAQ's for the term:

"personal blacklist." There was only one hit, irrelevant to my concern.

Whattaya mean, "... haven't heard of anyone plugging IP addresses into [the personal blacklist]" ? What's that list for, anyway ? I feel that I can be as draconian as I wish, even to listing partial IP addresses, in the hope of shifting blackhat stuff that somehow escapes my selection of _all_ (one exception) of the blacklists that SpamCop offers. That exception is the Spamhaus PBL which manages only to shift my own emails into Held Mail and no one else's.

Greylisting does not work for forwarded emails. We already discussed that.

When I find spam in my Inbox, I dig out _all_ the IP addresses and domain names that I can find associated with that spam, whether forged or not. I even dig out the spamvertised domains and _their_ ISP's. No one escapes my wrath. There has been no reduction in false positives and no increase in false negatives as yet.

amenex

Link to comment
Share on other sites

I started this thread after making a search on the SpamCop forums & FAQ's for the term:

"personal blacklist." There was only one hit, irrelevant to my concern.

I'm not all that enthralled with the search function here, so instead, I ran a phrase search on "personal blacklist" using this Google URL:

http://www.google.com/custom?domains=spamcop.net

It produces about 613 hits:

http://www.google.com/custom?hl=en&c2c...rch=spamcop.net

maybe some might be of use...maybe not. I haven't use the personal blacklist in a long time. However, I just added one of my own domains to my personal blacklist and sent a test message, which was properly routed into my Held mail folder. However, further testing using IP addresses did *not* work. First I added the IP assigned by my own provider, then I worked my way through their outbound IPs, including the one that actually hands the messages to the SC mail exchangers...no luck. I'd say that only domains and email addresses will work, which agrees with what is found here:

http://www.spamcop.net/fom-serve/cache/304.html

So, to summarize, domains, subdomains, email addresses and truncated email addresses all should be working OK, but not IP addresses.

I did find what looks to be a bug when adding items to my personal blacklist, in that a blank entry gets added at the very top of the list when I add to the list. This only happens once -- IOW, the system doesn't create multiple blank entries, but only one.

DT

Link to comment
Share on other sites

When I find spam in my Inbox, I dig out _all_ the IP addresses and domain names that I can find associated with that spam, whether forged or not. I even dig out the spamvertised domains and _their_ ISP's. No one escapes my wrath. There has been no reduction in false positives and no increase in false negatives as yet.

From the blacklist add page:

From here, you can add email addresses to your personal blacklist.

Mail from users whose email addresses match your blacklist will be blocked without checking any DNS blacklists. The email address checked is the envelope sender which is identified in the headers of the email as the Return-Path. This might be different from the From: address shown in the email.

IP addresses are not checked with the whitelist or blacklist.

The only 2 lines checked against these lists in the message you posted are:

Return-Path: <plastics[at]free2learnit.com>

From: "plastics trainings" <plastics[at]free2learnit.com>

Therefore if either: plastics[at]free2learnit.com or free2learnit.com are in your blacklist, then there is an issue.

FAQ about the Personal Blacklist and Whitelist : What headers are checked?

The following headers are checked against the whitelist

Envelope Sender aka Return Path

From:

Sender:

Link to comment
Share on other sites

  • 1 month later...

First, with regard to

FAQ about the Personal Blacklist and Whitelist : What headers are checked?, will *.cn work? :unsure: I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain.

Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)?

Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . .

Link to comment
Share on other sites

First, with regard to

FAQ about the Personal Blacklist and Whitelist : What headers are checked?, will *.cn work? :unsure: I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain.

Using the Google Search tool at the top of this page, I got;

Results 1 - 10 of about 297 from forum.spamcop.net for "personal blacklist". (0.39 seconds)

which included the link to;

http://forum.spamcop.net/forums/index.php?showtopic=1861

where the questions was;

Would anyone know how i can configure my personal blacklist to block anything with a .cz extension?

The answer is based on the FAQ data found at How do entries work?

In your example query, drop the asterisk and period.

Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)?

Easiest question would be .. Have you looked at the Configuration/Preferences/Options menus?

Then there's the Original/Official FAQ, the single-page-access-expanded version 'here', the Wiki for other data about various account actions, capabilities. It's the "other such rules" that stops me from throwing an answer here.

Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . .

"You' are responsible for the reports to go out and hwere they are tergeted to go. Thusly, there is no 'automatic' mode. As cose as you're going to get is Quick-Reporting, for which again I will point you to the Wiki and/or the FAQ 'here' (the Original/Official FAQ has no content on this)

Link to comment
Share on other sites

will *.cn work? :unsure: I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain.

Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)?

Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . .

1. Just put cn in blacklist and all emails ending in cn wil be blocked (The opposite is true if you put cn in whitelist. Then all mail ending in cn will go to inbox A Whitelist overrides a blacklist)

2. no

3 again putting cn (only not *.cn) will blacklist. Using VER will allow you to quickreport with simple click of a mouse, all spam in held folder in one go

Edited by petzl
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...