Jump to content

G-Mail messages not parsing websites?


ob1db
 Share

Recommended Posts

I am puzzled. I am seeing MANY failures lately when I paste G-Mail messages in SC. It gets the source of the spam and frequently catches sites in the signature, but utterly fails on the offending sites. When I parse the site alone, I get a "discarded as fake" error message.

This website is one of MANY lately that the parser is saying won't resolve:

http://www.spamcop.net/sc?id=z1597006130ze...779680bf88a715z

However, I can parse this site using www.ahbl.org/lookup and I get

tankheadsonline.info is 219.129.219.244

Which DOES parse!

Parsing input: 219.129.219.244

No recent reports, no history available

Routing details for 219.129.219.244

Using smaller IP block (/ 29 vs. / 13 )

Removing 3 larger (> / 29 ) route(s) from cache

[refresh/show] Cached whois for 219.129.219.244 : ipuser[at]gddc.com.cn

Using last resort contacts ipuser[at]gddc.com.cn

What is going on?

Anyone else seeing this?

David

---------- Forwarded message ----------

From: Esparza Tomlin <esparzatomlin4320[at]hotmail.com>

Date: Jan 4, 2008 2:05 PM

Subject: Horny soccer fan getting nailed

To: twilightmonkey[at]hotmail.com, chrischarlebois[at]www.com, rfrijlink1964[at]msn.com, cohollowe[at]aol.com, shaley[at]orange.net, bwsmouf005[at]aol.com, puffyluvr[at]gmail.com, silverloop13[at]home.com, sousawr[at]camcomp.com, justin[at]kellnet.com

Bhaer is to look at his

be splendid!" "I shall eat

boys. This lady, who had escaped

hxxp://tankheadsonline.info

offered to do gasped Mr. Bangs,

________________________________

Watch “Cause Effect,†a show about real people making a real difference. Learn more

[Moderator edit - live link disabled. May be unreachable even so why on earth give a spammer a free ride??]

Edited by Farelf
Link to comment
Share on other sites

Usual responses...

Reporting of spamvertised sites is not the primary goal of spamcop, and thus not a lot of resources are devoted to it, that being said, there are many things that can cause resolution of sites to fail at spamcop even though your browser can resolve them...

Most notably, if the site takes a long time to resolve, spamcop will give up on it quickly. The argument being that "waiting" for DNS resolution would slow down the processing of email. Of course, that would mean that the spamcop parser is a single threaded piece of software, which I kind of doubt, but its always possible.

Other possibility is that the spammer controls the DNS server in question and is intentionally blocking request from spamcop. This seems to be happening more and more frequently, especially with site run by the big spam gangs.

Link to comment
Share on other sites

That site's DNS is not kosher. you found a = 219.129.219.244. Right now I find a = ns1 = ns2 = 212.58.114.80 (IBERIAPAC AS Telenet AS ISP operations in Georgia Tbilisi) and I predict this will move on again before long. SC presumably cannot keep up with this, misconfigured records etc (and, as Will points out, secondary part of the SC effort only).

WHOIS - http://www.robtex.com/whois/tankheadsonline.info.html

Domain ID:D23110134-LRMS

Domain Name:TANKHEADSONLINE.INFO

Created On:03-Jan-2008 13:50:30 UTC

Last Updated On:03-Jan-2008 13:50:31 UTC

Expiration Date:03-Jan-2009 13:50:30 UTC

Sponsoring Registrar:Blog.com Digital Communications Inc. (R315-LRMS)

Status:CLIENT TRANSFER PROHIBITED

Status:TRANSFER PROHIBITED

Registrant ID:DI_7486293

Registrant Name:Terrance Kim

etc...

Also admin, billing and tech.

And, oops, the site is reachable at the moment. PLEASE do not post live links to spamvertized sites. What were you thinking?

[Edit - removed contact detail shown, see the lookup for that]

Edited by Farelf
Link to comment
Share on other sites

What do you mean "PLEASE do not post live links to spamvertized sites."? Why is that an issue on these boards?

How else would I reference the problem site?

Moderator Edit: The entire unrelated quoted maaterial removed from this post, as per the suggested guidance offered in many places, such as the Forum FAQ here.

Edited by Wazoo
Link to comment
Share on other sites

What do you mean "PLEASE do not post live links to spamvertized sites."? Why is that an issue on these boards?

How else would I reference the problem site?

By posting a TrackingURL as is requested in several places. With that we can see the original spam (with your wemail address protected).

It is an issue because some innocent people come here and do not know not to click on any link they find AND these forums are picked up by the various search engines, allowing the spammers free advertizing.

Link to comment
Share on other sites

...It is an issue because some innocent people come here and do not know not to click on any link they find AND these forums are picked up by the various search engines, allowing the spammers free advertizing. ...
Prezactly, on all counts - but (for ob1db and general reference) if it is not appropriate/possible to paste a Tracking URL then another way is to munge the link so it doesn't work as a link - (say) by changing http to hxxp, or whatever. Incidentally, if you look at the bottom of the index (front) page of these forums you will see the search engines listed amongst the "user(s) active ...". Actually, though only one instance of each is shown, I believe there will be a substantial number of them from each service at any time, beavering away to immortalize and disseminate your every utterance the instant it issues (more or less).
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...