amenex Posted November 16, 2007 Share Posted November 16, 2007 After weeks of effort listing IP's and domains of spammers in my personal blacklist, I am finding that new spams from these sources continue to appear in my Inbox and are not being transferred to my Held Mail folder. My intent is to dig these spams out of my Inbox, where they hide amongst legitimate emails, and to move them into my Held Mail folder, where I am willing to dig out the few legitimate emails that come from the black hat domains & IP addresses and to whitelist their senders. However, many new spams continue to appear in my Inbox in spite of the listing of their domains and IP addresses in my Personal Blacklist. Is there an activation box for my personal blacklist somewhere ? amenex Link to comment Share on other sites More sharing options...
Wazoo Posted November 16, 2007 Share Posted November 16, 2007 I see this as an issue/question about how to use tools provided for/in a SpamCop.net e-mail account. Therefore moving this from the "New feature Request" Forum section over to the "SpamCop E-mail System & Accounts" Forum section. Has the SpamCop FAQ 'here' and/or the Wiki been looked at yet? Have any of the existing "filtering" Topics/Discussions in the SpamCop E-mail System & Accounts Forum section been perused at all yet? Are you going to provide any kind of a sample of just what is being asked about? (Preferably a Tracking URL please) Are you going to provide samples of just what you actually entering into your blacklist? (Personally, I hadn't heard of anyone plugging IP Addresses into that list ...?????) By "Domains of spammers" .. are you talking about the probable forged 'From:' e-mail addresses? Have you looked at the recent addition of greylisting yet? Link to comment Share on other sites More sharing options...
amenex Posted November 16, 2007 Author Share Posted November 16, 2007 Here's a tracking URL for a spam that only appeared in my Held Mail after I had placed its sender in my personal blacklist at least twice: http://www.spamcop.net/sc?id=z1526205850zf...e34fac13e5f640z I started this thread after making a search on the SpamCop forums & FAQ's for the term: "personal blacklist." There was only one hit, irrelevant to my concern. Whattaya mean, "... haven't heard of anyone plugging IP addresses into [the personal blacklist]" ? What's that list for, anyway ? I feel that I can be as draconian as I wish, even to listing partial IP addresses, in the hope of shifting blackhat stuff that somehow escapes my selection of _all_ (one exception) of the blacklists that SpamCop offers. That exception is the Spamhaus PBL which manages only to shift my own emails into Held Mail and no one else's. Greylisting does not work for forwarded emails. We already discussed that. When I find spam in my Inbox, I dig out _all_ the IP addresses and domain names that I can find associated with that spam, whether forged or not. I even dig out the spamvertised domains and _their_ ISP's. No one escapes my wrath. There has been no reduction in false positives and no increase in false negatives as yet. amenex Link to comment Share on other sites More sharing options...
DavidT Posted November 16, 2007 Share Posted November 16, 2007 I started this thread after making a search on the SpamCop forums & FAQ's for the term: "personal blacklist." There was only one hit, irrelevant to my concern. I'm not all that enthralled with the search function here, so instead, I ran a phrase search on "personal blacklist" using this Google URL: http://www.google.com/custom?domains=spamcop.net It produces about 613 hits: http://www.google.com/custom?hl=en&c2c...rch=spamcop.net maybe some might be of use...maybe not. I haven't use the personal blacklist in a long time. However, I just added one of my own domains to my personal blacklist and sent a test message, which was properly routed into my Held mail folder. However, further testing using IP addresses did *not* work. First I added the IP assigned by my own provider, then I worked my way through their outbound IPs, including the one that actually hands the messages to the SC mail exchangers...no luck. I'd say that only domains and email addresses will work, which agrees with what is found here: http://www.spamcop.net/fom-serve/cache/304.html So, to summarize, domains, subdomains, email addresses and truncated email addresses all should be working OK, but not IP addresses. I did find what looks to be a bug when adding items to my personal blacklist, in that a blank entry gets added at the very top of the list when I add to the list. This only happens once -- IOW, the system doesn't create multiple blank entries, but only one. DT Link to comment Share on other sites More sharing options...
StevenUnderwood Posted November 16, 2007 Share Posted November 16, 2007 When I find spam in my Inbox, I dig out _all_ the IP addresses and domain names that I can find associated with that spam, whether forged or not. I even dig out the spamvertised domains and _their_ ISP's. No one escapes my wrath. There has been no reduction in false positives and no increase in false negatives as yet. From the blacklist add page: From here, you can add email addresses to your personal blacklist. Mail from users whose email addresses match your blacklist will be blocked without checking any DNS blacklists. The email address checked is the envelope sender which is identified in the headers of the email as the Return-Path. This might be different from the From: address shown in the email. IP addresses are not checked with the whitelist or blacklist. The only 2 lines checked against these lists in the message you posted are: Return-Path: <plastics[at]free2learnit.com> From: "plastics trainings" <plastics[at]free2learnit.com> Therefore if either: plastics[at]free2learnit.com or free2learnit.com are in your blacklist, then there is an issue. FAQ about the Personal Blacklist and Whitelist : What headers are checked? The following headers are checked against the whitelist Envelope Sender aka Return Path From: Sender: Link to comment Share on other sites More sharing options...
svanslyck Posted January 2, 2008 Share Posted January 2, 2008 First, with regard to FAQ about the Personal Blacklist and Whitelist : What headers are checked?, will *.cn work? I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain. Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)? Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . . Link to comment Share on other sites More sharing options...
Wazoo Posted January 2, 2008 Share Posted January 2, 2008 First, with regard to FAQ about the Personal Blacklist and Whitelist : What headers are checked?, will *.cn work? I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain. Using the Google Search tool at the top of this page, I got; Results 1 - 10 of about 297 from forum.spamcop.net for "personal blacklist". (0.39 seconds) which included the link to; http://forum.spamcop.net/forums/index.php?showtopic=1861 where the questions was; Would anyone know how i can configure my personal blacklist to block anything with a .cz extension? The answer is based on the FAQ data found at How do entries work? In your example query, drop the asterisk and period. Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)? Easiest question would be .. Have you looked at the Configuration/Preferences/Options menus? Then there's the Original/Official FAQ, the single-page-access-expanded version 'here', the Wiki for other data about various account actions, capabilities. It's the "other such rules" that stops me from throwing an answer here. Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . . "You' are responsible for the reports to go out and hwere they are tergeted to go. Thusly, there is no 'automatic' mode. As cose as you're going to get is Quick-Reporting, for which again I will point you to the Wiki and/or the FAQ 'here' (the Original/Official FAQ has no content on this) Link to comment Share on other sites More sharing options...
petzl Posted January 3, 2008 Share Posted January 3, 2008 will *.cn work? I get a lot of spam from *.cn and don't know nobody there nohow. So I'm perfectly happy to block the whole domain. Second, while I'm here - are there any options for setting up of auto-reply, auto-forward, and other such rules (apart from whatever mail client I might wish to use)? Third, some emails, e.g. those with a From header of cjyoujsd[at]yahoo.com.cn, send me scads and scads of spam and it would be nice to find a way to report them without human or even user (me) intervention. I expect the answer is "no," but no harm in asking . . . . 1. Just put cn in blacklist and all emails ending in cn wil be blocked (The opposite is true if you put cn in whitelist. Then all mail ending in cn will go to inbox A Whitelist overrides a blacklist) 2. no 3 again putting cn (only not *.cn) will blacklist. Using VER will allow you to quickreport with simple click of a mouse, all spam in held folder in one go Link to comment Share on other sites More sharing options...
Wazoo Posted January 3, 2008 Share Posted January 3, 2008 New Wiki page added at SpamCop E-mail Personal Blacklist and Whitelist Filters / Rules to try to pull it all together ...????? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.