daizzzy Posted December 30, 2008 Share Posted December 30, 2008 that's the source of spam mail: Experienced stepmom had never lost http=3A=2F=2Ftdnegfn=2Edeasfyk=2Enet=2F = a possibliity to catoch fleshy screw of her native offspring in but what user sees is this address http tdnegfn.deasfyk.net instead of http=3A=2F=2Ftdnegfn=2Edeasfyk=2Enet=2F = i didn't delete that mail, so i can send it if you need btw how do they do it? Link to comment Share on other sites More sharing options...
dbiel Posted December 30, 2008 Share Posted December 30, 2008 What is your question regarding reporting? Did you try to report this spam? If so, what is the tracking number? Or is your question simply about the syntax used for the web address? Link to comment Share on other sites More sharing options...
Wazoo Posted December 30, 2008 Share Posted December 30, 2008 I repeat debiel's questions. This is the Reporting Help Forum section, but I don't see a Parsing & Reporting type issue being brought up. that's the source of spam mail: "The source of spam" in these parts actually points back to the IP Address of the e-mail. You seem to be describing some portion of the e-mail's content. instead of http=3A=2F=2Ftdnegfn=2Edeasfyk=2Enet=2F = btw how do they do it? ????? Actually a bit confusing. You built and manage a web-site but you know nothing about encoding? As the data is available in so many places, I'm not even sure where to start at finding a good reference link .... HTML, ASCII, web-browser hijacks ...???? Or perhaps should I talk about that the e-mail header just might contain some remarks like "Quoted-Printable" or some such, which would also 'explain' some possibilities???? Actually, I think I'll wait for you to ask your real question. Link to comment Share on other sites More sharing options...
rconner Posted December 30, 2008 Share Posted December 30, 2008 btw how do they do it? MIME Quoted-Printable encoding. Very commonly used in e-mail, not just in spam. Nothing "smart" about this spam at all, at least not in evidence in the limited data you have provided. -- rick Link to comment Share on other sites More sharing options...
daizzzy Posted December 30, 2008 Author Share Posted December 30, 2008 i'm not good in technical part, i work in a team and i generally manage sites from visitors side. the question seems to be obvious, but alright, i'll say it directly. in this way spammers protect their spamvertizing sites from being reported relaying on user's inattention. yep, i did report it, but it would be hard to find its id. also if i use Gmail i can't forward spam in the way SC requires. so the only way to report spam is by reporting the original code. should i replace this part by spamvertizing url? Link to comment Share on other sites More sharing options...
agsteele Posted December 30, 2008 Share Posted December 30, 2008 the question seems to be obvious, but alright, i'll say it directly. Hi daizzzy Sadly, your question wasn't clear to many of us. Instead of asking questions you tend to make statements which leaves us uncertain. Anyway, thanks for being a little clearer. also if i use Gmail i can't forward spam in the way SC requires. so the only way to report spam is by reporting the original code. should i replace this part by spamvertizing url? When reporting spam to the SpamCop reporting service you simply provide the Email exactly as you receive it. Not making changes to the content is an important rule of the reporting service. Don't change anything and the parser will do what is necessary. Remember, too, that reporting spamvertised URLs is not the real purpose of the SpamCop reporting service. There are other, better, ways of handling them. SpamCop's blocklist aims to aid the detection of spam Email and does not make any attempt to tackle websites that are being spamvertised other than to send an advisory message to the hosting company. I've not seen any evidence that these reports have had much if any affect on shutting down spamvertised sites. So perhaps the other services will be more helpful in this task. I think Knujon is a service often referred to and they make claims to have been effective in getting spamvertised sites shut down. Castle Cops was another service but they appear to have stopped operating recently. Andrew Link to comment Share on other sites More sharing options...
rconner Posted December 30, 2008 Share Posted December 30, 2008 in this way spammers protect their spamvertizing sites from being reported relaying on user's inattention. yep, i did report it, but it would be hard to find its id. also if i use Gmail i can't forward spam in the way SC requires. so the only way to report spam is by reporting the original code. should i replace this part by spamvertizing url? QP encoding is a perfectly valid and reasonable procedure and is used in a significant fraction of honest e-mail. It is also over-applied (as you have discovered) by some spammers in order to try to obfuscate their messages during transit. If the message has proper MIME formatting, then SpamCop will have no problem decoding it. Whether or not SpamCop will offer to report on the link is another matter, but the decoding of proper QP encoding is not an issue for SpamCop. For the same reason, there is no need to "massage" your messages to reverse this encoding by hand. Such massaging would also be against the very clear rules of SpamCop, as others here have noted. -- rick Link to comment Share on other sites More sharing options...
daizzzy Posted December 30, 2008 Author Share Posted December 30, 2008 thx agsteele and rconner got the case Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.