From cnwykab02 at sneakemail.com Wed Dec 1 00:23:42 2004 From: cnwykab02 at sneakemail.com (Warre) Date: Tue Nov 30 18:25:04 2004 Subject: [SpamCop-List] Re: I'm glad this is not my provider... In-Reply-To: References: Message-ID: Steven Maesslein wrote: > Not that I'm defending skynet.be in any way, but you did conveniently > snip out information on *who* did not do the stuff in the remarks and > *who* will not act on complaints. > > More detailed information is: > > (snip) > > So, what this is saying is that the RIPE PoC for this netblock, > ripe/at\skynet.bet, is not the address to contact for network > problems, peering and net-abuse. noc, peering and abuse *are*. > > Please get your facts straight. > Whoops, my bad. I actually spotted this in a newsgroup and copy-pasted it, adding the link to the RIPE lookup afterwards. Sorry about this, I should have read the whole whois lookup more carefully. BTW, the newsgroup I'm talking about is named kotnet.absurd ;) From ric.gates at bigsleep.org Wed Dec 1 02:27:58 2004 From: ric.gates at bigsleep.org (Blammo) Date: Tue Nov 30 21:30:06 2004 Subject: [SpamCop-List] Re: help References: <41AC90B5.521FC1CC@darkfantastique.com> Message-ID: On 30 Nov 2004 Mike Easter entered spamcop and left news:coi70f$3an$1@news.spamcop.net: > uh oh, I see autoresponders in here: > Practically all mail servers have some type of autoresponder available, it's often as easy as checking a box and typing up a message (in sendmail it's basically just an alias pointing to a text file). I always talk people out of using it, in fact I don't even think it's installed so it doesn't even work (unless I do it). But it really isn't a problem if the account has good spam filtering, and I'd never use it on public accounts, like "sales", but for individual accounts. I guess what I'm saying is that just the fact that autoresponders are available is insignificant. -- | Ric | From ric.gates at bigsleep.org Wed Dec 1 02:56:05 2004 From: ric.gates at bigsleep.org (Blammo) Date: Tue Nov 30 22:00:04 2004 Subject: [SpamCop-List] Re: Reports to "dev/null" References: Message-ID: On 30 Nov 2004 Derek T entered spamcop and left news:coifr0$9t5$1@news.spamcop.net: > yes, it helps to feed the blocklist and so keeps the IP listed. The > reason is usually that the admin has told spamcop that it doesn't care > about spam spewing from hir servers, is not going to do anything about > it and doesn't want to be notified. the more this sort of pondscum are > blocklisted the better so keep reporting! > Not necesarily that they don't care, but that they don't need any more reports or it's not the correct abuse address. And in some cases abuse forwards reports to spammers. -- | Ric | From JEst at Xpppp.ney Wed Dec 1 00:14:22 2004 From: JEst at Xpppp.ney (JEst) Date: Wed Dec 1 00:15:05 2004 Subject: [SpamCop-List] Re: discoverhongkong.com References: Message-ID: "Tim McGraw" wrote in message news:cojinu$1bf$1@news.spamcop.net... > discoverhongkong.com appears to be a legit site registered to the Hong > Kong Tourism Board. No .sightings in Google Groups. > > I have been on board with travelocity for 3+ years and never received > anything but the price alerts I asked for. If you told them when you > signed up that you would accept email from their "partners" then it's > not spam. You might want to check your travelocity preferences. I believe it comes with a pre-existing involvement with Preview Travel. I probably got enveloped in the envelope of the Travelocity take over. Thank you for your feed back. From bar_n0ne at hotmail.com Wed Dec 1 11:19:15 2004 From: bar_n0ne at hotmail.com (Berny) Date: Wed Dec 1 02:20:19 2004 Subject: [SpamCop-List] Two tier rates in Spam country? Message-ID: looks like the hana-fools/drools, cnc-nic-net and chinanet are implementing tiered rates for bulletprrof vs just scammy/spammy sites. I'm getting a lot of cut and paste this link spam from them Of course I am happy to oblige From somewhat at odds.tld Wed Dec 1 08:18:19 2004 From: somewhat at odds.tld (Derek T) Date: Wed Dec 1 03:20:03 2004 Subject: [SpamCop-List] Re: Reports to "dev/null" In-Reply-To: References: Message-ID: Blammo wrote: > Not necesarily that they don't care, but that they don't need any more > reports or it's not the correct abuse address. And in some cases abuse > forwards reports to spammers. > none of which are excluded by my 'usually' :-) From MikeE at ster.invalid Wed Dec 1 00:43:25 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 1 03:45:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Mike Easter wrote: > Dar wrote: >> Lycos Offers Spam-Server Attack Program > > Lycos spamvampiring >From Slashdot: An anonymous reader writes "Lycos, shortly after producing a screen saver to fight spammers using a DoS-style attack appears to have been hacked. Attempting to download the screen saver from lycos results in this message 'Yes, attacking spammers is wrong, you know this, you shouldn't be doing it. Your ip address and request have been logged and will be reported to your ISP for further action.' Or maybe it's just a joke -- can you ever tell?" http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Wed Dec 1 01:30:50 2004 From: nobody at devnull.spamcop.net (LioNiNoiL_a t_Y a h 0 0_d 0 t_c 0 m) Date: Wed Dec 1 04:35:03 2004 Subject: [SpamCop-List] Re: Phish For A Phisher :-) In-Reply-To: References: Message-ID: Gezgin wrote: >>>> scary stuff.. what does he plan on doing? getting people's >>>> paypal info? >>> >>> More likely making a complete fool of himself on the net. >>> Though I am a bit puzzled that the site is still up. It >>> certainly must have been reported many times already. >> >> It's hosted in Uruguay. Think they give a $hit..? > > "They" may not but I would have thought that PayPal could have > afforded to send in a Black Helicopter (TM) or two... PayPal is now owned by eBay, who certainly do *not* give a shit. Just look at what they did to Billpoint... -- "[Spammers] are the mutant spawn of a bizarre reproductive act involving a telemarketer, Larry Flynt, a tapeworm, and an executive of the Third Class Mail industry." -- Dave Barry From ric.gates at bigsleep.org Wed Dec 1 09:54:28 2004 From: ric.gates at bigsleep.org (Blammo) Date: Wed Dec 1 04:56:15 2004 Subject: [SpamCop-List] Re: Reports to "dev/null" References: Message-ID: On 01 Dec 2004 Derek T entered spamcop and left news:cojuo4$898$1@news.spamcop.net: > none of which are excluded by my 'usually' :-) > Lazy eyes, must be all that spam I've been sorting through lately ;-) -- | Ric | From dave at fastwire.co.uk Wed Dec 1 11:41:04 2004 From: dave at fastwire.co.uk (Dave Harpur) Date: Wed Dec 1 06:40:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Mike Easter" wrote: ..."You don't stop a bad thing by being bad yourself," I totally agree with Mike's sentiment, and who is going to launch a dDOS on legal "Can-Spam" compliant organisations, for example. There would definitely be a lawsuit there, though to whisper that they would spam... well! This sort of gratuitous tat would, if allowed to flourish, would at-best merely shift the annoyance of spam to excessive internet traffic at the further expense of net bandwidth. Utterly stupid and ridiculous. DH From NoBody at SpamCop.net Wed Dec 1 11:52:40 2004 From: NoBody at SpamCop.net (Bodger) Date: Wed Dec 1 06:55:03 2004 Subject: [SpamCop-List] Should I aggree with my ISP? Message-ID: Received this from my ISP this morning. Dear Customer, Warning: in four days' time, you will lose the ability to send emails unless you make a simple change to your email program settings. Why do you need to do this? As part of a worldwide initiative aimed at reducing junk email (spam) and email viruses, all email providers are switching to what is known as 'authenticated SMTP'. SMTP stands for Simple Mail Transfer Protocol, which enables the sending of email. Authentication is a method of identifying the origin of emails that stops emails being sent anonymously. Most nuisance emails (spam) are sent from people on unauthenticated email. By removing the ability to send email without authentication, spam should be substantially reduced. Making this change is simple - what to do All you need to do is switch on 'SMTP authentication', usually by ticking a box called 'My server requires authentication' in your email program settings. End ====================================== Question What will be the net effect of these changes? From bar_n0ne at hotmail.com Wed Dec 1 16:17:05 2004 From: bar_n0ne at hotmail.com (Berny) Date: Wed Dec 1 07:20:02 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: "Bodger" wrote in message news:cokb9m$f8e$1@news.spamcop.net... > Received this from my ISP this morning. > > Dear Customer, > > Warning: in four days' time, you will lose the ability to send > emails unless you make a simple change to your email program > settings. > > SNIP > > All you need to do is switch on 'SMTP authentication', usually > by ticking a box called 'My server requires authentication' in > your email program settings. > > > End > ====================================== > > > Question > What will be the net effect of these changes? The net effect for you is you may continue to send mail through their servers. The next effect is that those without mail accounts at that ISP can not use their (The ISP's) servers to send mail. Unless they know an account name and Password of course. It should be much easier also to whack a mail abuser, at the moment probably the ISP would have to do some detective work, comparing server logs, and connection logs to determine who is abusing their servers whenever it occurs. It makes it inconvenient for a buddy to bring their laptop and send mail through your connection and ISP I'm sure others will weigh in soon too Basically though, just as you "sign in" to recieve mail with an ID and password, the same will be demanded to send mail. Don;t worry, you won't notice as your mail client will probably cache and reuse the password after the first mail transaction until the next time you exit the program. From wb8tyw at qsl.network Wed Dec 1 07:58:55 2004 From: wb8tyw at qsl.network (John E. Malmberg) Date: Wed Dec 1 08:00:04 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? In-Reply-To: References: Message-ID: <6uOdnUByrtCSXTDcRVn-vg@adelphia.com> Bodger wrote: > Received this from my ISP this morning. > As part of a worldwide initiative aimed at reducing junk email > (spam) and email viruses, all email providers are switching to > what is known as 'authenticated SMTP'. SMTP stands for Simple > Mail Transfer Protocol, which enables the sending of email. > Authentication is a method of identifying the origin of emails > that stops emails being sent anonymously. Translation: A few critical networks that your ISP's customers need to send mail to will start blocking your ISP's main mail servers at the first sign of viruses or multi-hop spam that comes through them. It then takes several hours or days to get these blocks removed while your ISP has to handle complaints from their users. > Most nuisance emails (spam) are sent from people on > unauthenticated email. By removing the ability to send email > without authentication, spam should be substantially reduced. Only a small amount of spam will be reduced by this. Most viruses will be stopped by this. > Making this change is simple - what to do > > All you need to do is switch on 'SMTP authentication', usually > by ticking a box called 'My server requires authentication' in > your email program settings. > Strong recommendation, especially if you are running a platform vulnerable to malware. Set up a default e-mail account that does not point to a reachable e-mail server. It adds an extra step that you must change the sender when sending e-mail, but that is only one extra mouse action for Mozilla or Outlook Express. Malware, and other programs, including web pages that attempt to use your e-mail program to send mail will lose their ability to do so with out your knowledge. > Question > What will be the net effect of these changes? E-mail from your ISP is less likely to be refused by some networks. Your ISP is less likely to end up on blocking lists, especially if they have also blocked port 25 outgoing for unregistered mail servers. Your ISP will have lower operating costs. Spammers and virus writers will have a harder time stealing resources from them to spam other networks. If you use an external mail server then you should make sure that it is using SMTP-AUTH on the alternate port (IIRC) 587. I have noticed reports on usenet that an increasing number of ISPs are blocking port 25 for residential broadband connections, some with out notice. So even if port 25 works now, I would strongly recommend making sure that you can use port 587 instead for mail servers other than your ISP. Based on other media reports, the implication is such blocks seem to be put in place because one of the other larger networks either stopped accepting any e-mail from their IP space or threatened to do so. And in the case that was most visible in the media, the blocked ISP complaints about how unfair it was did not do any good to get the e-mail accepted again. Only that ISP making sure that no spam came out of their I.P. space got the e-mail accepted again. -John wb8tyw@qsl.network Personal Opinion Only From bar_n0ne at hotmail.com Wed Dec 1 17:40:12 2004 From: bar_n0ne at hotmail.com (Berny) Date: Wed Dec 1 08:45:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <6uOdnUByrtCSXTDcRVn-vg@adelphia.com> Message-ID: "John E. Malmberg" wrote in message news:6uOdnUByrtCSXTDcRVn-vg@adelphia.com... > Bodger wrote: > > Received this from my ISP this morning. > > > > > Based on other media reports, the implication is such blocks seem to be > put in place because one of the other larger networks either stopped > accepting any e-mail from their IP space or threatened to do so. > > And in the case that was most visible in the media, the blocked ISP > complaints about how unfair it was did not do any good to get the e-mail > accepted again. Only that ISP making sure that no spam came out of > their I.P. space got the e-mail accepted again. > > -John > wb8tyw@qsl.network > Personal Opinion Only John, are you speaking of the Telia/AOL thing a while back? Or something more recent? From nobody at spamcop.net Wed Dec 1 08:48:20 2004 From: nobody at spamcop.net (Pop) Date: Wed Dec 1 08:50:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Dar" wrote in message news:coj00g$l4l$1@news.spamcop.net... | Yahoo News: | | Lycos Offers Spam-Server Attack Program | | http://tinyurl.com/5u469 | | Looks like Lycos will do just about anything to get onto just one more machine: I'd almost bet that most of the downloaders are spam-infested and ignorant of how to avoid it - the same ones spammers target, in fact. Only, well, it won't take long to get around that; OK, next? Pop From Windrider6 at SpamCop.net Wed Dec 1 13:56:55 2004 From: Windrider6 at SpamCop.net (Bruce A. Johnson) Date: Wed Dec 1 09:00:05 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: "Bodger" wrote on 2004-Dec-01 in news:cokb9m$f8e$1 @news.spamcop.net: > > > All you need to do is switch on 'SMTP authentication', usually > by ticking a box called 'My server requires authentication' in > your email program settings. > I see a problem with that already with my e-mail program (Eudora). In using SpamCop mail, I have the POP server set for SpamCop, and the SMTP server is my ISP. Eudora allows only one login name. I have to use my SpamCop ID as the login name so the POP will work, but if I then set the Authentication for the SMTP, my ISP rejects the e-mail, becuase it is the wrong login name. - Bruce A. Johnson in Hardisty, Alberta, Canada - Windrider6@SpamCop.net From dkona7b02 at sneakemail.com Wed Dec 1 10:23:33 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Wed Dec 1 10:23:39 2004 Subject: [SpamCop-List] Re: Multiple Personalities in Eudora, was: Should I aggree with my ISP? In-Reply-To: References: Message-ID: <3.0.5.32.20041201102333.00fd4100@loki.fstrf.org> I am not quite sure what you are saying here but Eudora certainly allows more than one login name!!! I have several "personalities" that I use to pop my mail from several different sources using different usernames and passwords. It all works fine. Just hold down the key when you go to send a message or respond to one and you get a list of your personalities to choose from. The email is then routed out through whichever personality you set using that username and password. I am using this feature to send this from Eudora, as a matter of fact. This personality set my name to Spam Hater and my return address as my sneakemail one to prevent retribution... At 01:56 PM 12/1/2004 +0000, Bruce A. Johnson typed: >I see a problem with that already with my e-mail program (Eudora). > >In using SpamCop mail, I have the POP server set for SpamCop, and the SMTP >server is my ISP. Eudora allows only one login name. I have to use my >SpamCop ID as the login name so the POP will work, but if I then set the >Authentication for the SMTP, my ISP rejects the e-mail, becuase it is the >wrong login name. From kenbrody at spamcop.net Wed Dec 1 10:10:43 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Wed Dec 1 10:25:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: <41ADDEF3.72A3EDA0@spamcop.net> Berny wrote: > > "Bodger" wrote in message > news:cokb9m$f8e$1@news.spamcop.net... > > Received this from my ISP this morning. > > > > Dear Customer, [... ISP is going to require AUTH SMTP to send e-mail ...] > > Question > > What will be the net effect of these changes? > > The net effect for you is you may continue to send mail through their > servers. > > The next effect is that those without mail accounts at that ISP can not use > their (The ISP's) servers to send mail. [...] > Basically though, just as you "sign in" to recieve mail with an ID and > password, the same will be demanded to send mail. Don;t worry, you won't > notice as your mail client will probably cache and reuse the password after > the first mail transaction until the next time you exit the program. Check with your ISP as to whether or not they will expose your "real" e-mail address or username in the transmitted headers. Some SMTP servers will add a header line to the outgoing e-mail which includes the username used to authenticate yourself. (Which makes it easy for the ISP to track down a spammer, but exposes your "true" address to anyone who looks at the headers.) -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Wed Dec 1 10:18:20 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Wed Dec 1 10:25:07 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <6uOdnUByrtCSXTDcRVn-vg@adelphia.com> Message-ID: <41ADE0BC.A1AFCDB0@spamcop.net> "John E. Malmberg" wrote: [...] > I have noticed reports on usenet that an increasing number of ISPs are > blocking port 25 for residential broadband connections, some with out > notice. So even if port 25 works now, I would strongly recommend making > sure that you can use port 587 instead for mail servers other than your ISP. [...] Optimum Online recently did that. (Without notice, unless you consider something on their own web page about it "notice".) I had been using (with permission) my old dialup ISP's SMTP server, using AUTH SMTP on port 25, because Optimum Online's servers were blacklisted by many places that I needed to send to. This, of course, caused me all sorts of problems as I could no longer avoid using Optimum Online's blacklisted servers. (My old dialup ISP doesn't have anything on port 587.) However, I can tell you that, since they blocked outgoing port 25 several months ago, they are no longer blocked by most of the people I need to send to. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Wed Dec 1 10:22:41 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Wed Dec 1 10:25:09 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: <41ADE1C1.24D682E0@spamcop.net> "Bruce A. Johnson" wrote: [... AUTH SMTP ...] > I see a problem with that already with my e-mail program (Eudora). > > In using SpamCop mail, I have the POP server set for SpamCop, and the SMTP > server is my ISP. Eudora allows only one login name. I have to use my > SpamCop ID as the login name so the POP will work, but if I then set the > Authentication for the SMTP, my ISP rejects the e-mail, becuase it is the > wrong login name. See for how to get around this with Eudora 6. Note, however, that I was never able to get this to work properly on my wife's system. The point became moot when Optimum Online started blocking outgoing port 25 and I had to use their servers instead of my old dialup ISP's servers (which weren't blacklisted), so I stopped trying. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From porpoise1954 at yahoo.co.uk Wed Dec 1 16:20:51 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Wed Dec 1 11:25:02 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: "Berny" wrote in message news:cokco3$g2q$1@news.spamcop.net... > > "Bodger" wrote in message > news:cokb9m$f8e$1@news.spamcop.net... >> Received this from my ISP this morning. >> >> Dear Customer, >> >> Warning: in four days' time, you will lose the ability to send >> emails unless you make a simple change to your email program >> settings. >> >> SNIP >> >> All you need to do is switch on 'SMTP authentication', usually >> by ticking a box called 'My server requires authentication' in >> your email program settings. >> >> >> End >> ====================================== >> >> >> Question >> What will be the net effect of these changes? > > The net effect for you is you may continue to send mail through their > servers. > > The next effect is that those without mail accounts at that ISP can not > use > their (The ISP's) servers to send mail. > > Unless they know an account name and Password of course. <> > > Basically though, just as you "sign in" to recieve mail with an ID and > password, the same will be demanded to send mail. Don;t worry, you won't > notice as your mail client will probably cache and reuse the password > after > the first mail transaction until the next time you exit the program. Hmmm..... It's been like that here for years.... I'd have thought it was already like that most places these days. I guess I was wrong... ;-) Seems pretty fundamental though that you should have to authenticate to send as well as receive, otherwise your account is open to abuse (as has been happening obviously). I'm amazed it's taken them so long to implement such a simple measure......?? From porpoise1954 at yahoo.co.uk Wed Dec 1 16:26:05 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Wed Dec 1 11:30:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: "Kenneth Brody" wrote in message news:41ADDEF3.72A3EDA0@spamcop.net... > Berny wrote: > > Check with your ISP as to whether or not they will expose your "real" > e-mail address or username in the transmitted headers. Some SMTP > servers will add a header line to the outgoing e-mail which includes > the username used to authenticate yourself. (Which makes it easy for > the ISP to track down a spammer, but exposes your "true" address to > anyone who looks at the headers.) Ummm.... Isn't that the point? Why would I want to send an email to someone and them not know it was legitimately from me. I wouldn't be able to spam very easily then - which, of course is the whole point of the excercise. In the same way, I don't accept calls from people who don't allow their number to be displayed. (If you know me, there's no need for you to hide your number - if you don't know me then why are you calling me? And if it's a legitimate call, there's no need for you to hide your number; same with email). From me at privacy.net Wed Dec 1 16:55:08 2004 From: me at privacy.net (Paul Sawyer) Date: Wed Dec 1 12:00:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Dave Harpur" wrote in news:cokag0$elg$1@news.spamcop.net: > > "Mike Easter" wrote: > > ..."You don't stop a bad thing by being bad yourself," > > > I totally agree with Mike's sentiment, and who is going to launch a > dDOS on legal "Can-Spam" compliant organisations, for example. There > would definitely be a lawsuit there, though to whisper that they would > spam... well! > > This sort of gratuitous tat would, if allowed to flourish, would > at-best merely shift the annoyance of spam to excessive internet > traffic at the further expense of net bandwidth. > > Utterly stupid and ridiculous. > > DH And the spammers would spin the increased hits as how effective their spamming is, so... more spam! -- From ric.gates at bigsleep.org Wed Dec 1 20:02:57 2004 From: ric.gates at bigsleep.org (Blammo) Date: Wed Dec 1 15:05:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: On 01 Dec 2004 Porpoise entered spamcop and left news:cokrcg$pmf$1@news.spamcop.net: > > "Kenneth Brody" wrote in message > news:41ADDEF3.72A3EDA0@spamcop.net... >> Berny wrote: >> >> Check with your ISP as to whether or not they will expose your "real" >> e-mail address or username in the transmitted headers. Some SMTP >> servers will add a header line to the outgoing e-mail which includes >> the username used to authenticate yourself. (Which makes it easy for >> the ISP to track down a spammer, but exposes your "true" address to >> anyone who looks at the headers.) > > Ummm.... Isn't that the point? Why would I want to send an email to > someone and them not know it was legitimately from me. I wouldn't be > able to spam very easily then - which, of course is the whole point of > the excercise. In the same way, I don't accept calls from people who > don't allow their number to be displayed. (If you know me, there's no > need for you to hide your number - if you don't know me then why are > you calling me? And if it's a legitimate call, there's no need for you > to hide your number; same with email). > > > I think that everyone should have to authenticate. For one, most usernames are already in the eMail address anyway, if not it should be in the return- path so that bounces go to the actual sender (not the "From"). That's my opinion anyway, and it's easy to spot any "return-path" or X-Envelope-From header for munging. It seems the most logical way to validate outgoing mail. -- | Ric | From tdy at blackhole.invalid Wed Dec 1 12:04:26 2004 From: tdy at blackhole.invalid (N. Miller) Date: Wed Dec 1 15:05:08 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: In article , Porpoise says... > "Kenneth Brody" wrote in message > news:41ADDEF3.72A3EDA0@spamcop.net... > > Berny wrote: > > Check with your ISP as to whether or not they will expose your "real" > > e-mail address or username in the transmitted headers. Some SMTP > > servers will add a header line to the outgoing e-mail which includes > > the username used to authenticate yourself. (Which makes it easy for > > the ISP to track down a spammer, but exposes your "true" address to > > anyone who looks at the headers.) > Ummm.... Isn't that the point? Why would I want to send an email to someone > and them not know it was legitimately from me. I wouldn't be able to spam > very easily then - which, of course is the whole point of the excercise. In > the same way, I don't accept calls from people who don't allow their number > to be displayed. (If you know me, there's no need for you to hide your > number - if you don't know me then why are you calling me? And if it's a > legitimate call, there's no need for you to hide your number; same with > email). Not exactly the point. It is entirely possible to authenticate to an SMTP server without that server displaying your email address. As an SBC Yahoo! DSL Service customer I have a choice of SMTP AUTH servers. I don't use the normal "smtp.pacbell.yahoo.com" server precisely because it reveals my username. I use "smtpauth.flash.net" instead. The relevant header line looks like this: > Received: from aosake.net (dialup-4.246.21.159.Dial1.SanJose1.Level3.net [4.246.21.159]) > (authenticated bits=0) > by ylpvm25.prodigy.net (8.12.10 auth mps linux/8.12.10) with ESMTP id iB1JgprC029681; > Wed, 1 Dec 2004 14:42:54 -0500 -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From hee.haw at jack.ass Wed Dec 1 16:31:06 2004 From: hee.haw at jack.ass (Dwayne Conyers) Date: Wed Dec 1 16:35:03 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: "WazoO" wrote in message news:cntoqj$j87$1@news.spamcop.net... > "Dwayne Conyers" wrote in message > news:cntjqs$fgi$1@news.spamcop.net... >> I opened an account on mail.com and it got flooded with so many spams >> that >> my 6mb storage filled up faster than I could empty it. >> >> I started reporting spam using their "this is spam" option that reports > the >> spam (after forcing you to view five advertisements). >> >> I guess I reported so many spam their solution was to unceremoniously > delete >> my account without even a "fare thee well." >> >> Those free mail accounts are worth every penny, aren't they? > > Don't know the "rest of the story" .... having spam show up on > day one does carry the suggestion that the "name" for that > account wasn't particularly chosen for spam-resistance. Prolly not... but then again when I got a cable modem at home the day my account was assigned there were 80 spams sitting there waiting to be deleted. > > "reporting" (?) to the tune of 6Meg a day also carries some > possibilities of some mistakes being made .... Well, considering that the mails were for drugs rhyming with "Niagara" and "See Alice" and for explicit NC-17 or XXX content... all of which writhe with misspellings... hidden text (in font size 1 or white color font on white background) and web bugs... I would say there were no mistakes in the items reported. -- I Shave With Occams Razor http://www.dwacon.com From hee.haw at jack.ass Wed Dec 1 16:33:12 2004 From: hee.haw at jack.ass (Dwayne Conyers) Date: Wed Dec 1 16:35:06 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: "Blammo" wrote in message news:Xns95A9B99107335blammo@216.154.195.61... > On 22 Nov 2004 Dwayne Conyers entered spamcop and left > news:cntjqs$fgi$1@news.spamcop.net: > >> I started reporting spam using their "this is spam" option that >> reports the spam (after forcing you to view five advertisements). >> > > I had an account there before they had the pop-unders, they used to have > free forwarding. they were acquired (I forget who by), started charging > for > forwarding, and on top of that added the pop-under advertising. The > advertising didn't bother me so much (other than the fact that everytime > you hit delete an ad pops up), but I complained about them being > pop-UNDERS > which I really hate, but they didn't seem to understand that I wasn't > complaining about the ads but the fact that they are hidden. They said I > could pay to get rid of the ads or they could cancel my account. Hah, I > never did cancel it. I have two pop-up blockers running simultaneously plus ad killing thanks to ZoneAlarm so I had a relatively ad-free experience. I had to eventually turn off the pop-up blocker sound effects. I'd go into the site and it would sound like the soundtrack to a Warner Bros cartoon "ping... ping... pi-pi-pi-piiing..." ------ If you were to realize how powerful your thoughts are you would never have a negative thought again www.dwacon.com From hee.haw at jack.ass Wed Dec 1 16:35:31 2004 From: hee.haw at jack.ass (Dwayne Conyers) Date: Wed Dec 1 16:35:07 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: "Pop" wrote in message news:co01m0$42a$1@news.spamcop.net... > The OP probably picked a username that was recently agandoned; > because it was being spammed so heavily - happens all the time > when you dn't pick a spam safe name. I didn't think magma.lava *at* volcanomail *dot* com would be very obvious to spammers -- but I suppose I have been proven wrong. I now use a 30-character name with lots of dots, dashes and underscores for my free blocking account. -- During the Passion of the Christ A Naked Boy was running around http://www.cafeshops.com/powerpress From porpoise1954 at yahoo.co.uk Wed Dec 1 22:47:05 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Wed Dec 1 17:50:02 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: "N. Miller" wrote in message news:MPG.1c17c3a7d5adcdf7989779@news.spamcop.net... > In article , Porpoise says... > >> "Kenneth Brody" wrote in message >> news:41ADDEF3.72A3EDA0@spamcop.net... >> > Berny wrote: > > > Not exactly the point. It is entirely possible to authenticate to an SMTP > server without that server displaying your email address. As an SBC Yahoo! > DSL Service customer I have a choice of SMTP AUTH servers. I don't use the > normal "smtp.pacbell.yahoo.com" server precisely because it reveals my > username. I use "smtpauth.flash.net" instead. The relevant header line > looks > like this: > >> Received: from aosake.net (dialup-4.246.21.159.Dial1.SanJose1.Level3.net >> [4.246.21.159]) >> (authenticated bits=0) >> by ylpvm25.prodigy.net (8.12.10 auth mps linux/8.12.10) with ESMTP id >> iB1JgprC029681; >> Wed, 1 Dec 2004 14:42:54 -0500 So, if (for some reason) you were to send me an email, are you saying I wouldn't be able to determine who it was from? If that were the case, I wouldn't accept it - which brings me back to my previous point: I (and I suspect *most* people) want to *know* who an email is from before I'm going to accept/read it. The whole *point* of it is to prevent people from using aliases.... or other people just using the server even though they're not legitimate users. From dfm2a3l0t2 at spymac.com Wed Dec 1 18:38:26 2004 From: dfm2a3l0t2 at spymac.com (D.F. Manno) Date: Wed Dec 1 18:40:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: In article , "Mike Easter" wrote: > From Slashdot: > > An anonymous reader writes "Lycos, shortly after producing a screen > saver to fight spammers using a DoS-style attack appears to have been > hacked. Attempting to download the screen saver from lycos results in > this message 'Yes, attacking spammers is wrong, you know this, you > shouldn't be doing it. Your ip address and request have been logged and > will be reported to your ISP for further action.' Or maybe it's just a > joke -- can you ever tell?" > http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 I downloaded it before the hacking. If anybody wants it and doesn't want to take the chance with the Lycos site, e-mail me. -- D.F. Manno dfm2a3l0t2@spymac.com "The work goes on, the cause endures, the hope still lives and the dream will never die." From David1 at suescornerweb.com Wed Dec 1 18:50:30 2004 From: David1 at suescornerweb.com (David 1) Date: Wed Dec 1 18:55:03 2004 Subject: [SpamCop-List] Re: spamcop@imaphost.com In-Reply-To: References: Message-ID: Mike Easter wrote: > Jay Marble (394041) wrote: > >>Who is this third party and where can I find information on them. > > > imaphost = cyveillance > > I don't know if Graeme Leith is here right now, so I'll try to stand in > for him. His sig sez: > > > Evidence shows Cyveillance abuse internet resources. > I recommend unchecking their box in SpamCop reports. > Cyveillance are part of the problem. > They are not part of the solution. > > > As a consequence of that sig, the question frequently arises about why > he sez that. In response to that question, he has answered: > > > Cyveillance have a robot that trawls through web sites looking for > stolen intellectual property. The robot ignores the robots.txt > exclusion protocol, originates from IP addresses that don't reverse > lookup to Cyveillance and tries to look like an ordinary user by > spoofing its user agent. > > The robots.txt (defacto) standard is used amongst other purposes to stop > robots getting stuck in dynamic pages and to stop robots generating > costs for people who pay for their web services by the amount of data > they transfer. By ignoring it, Cyveillance are seeking to make a profit > by exploiting resources that other people pay for, much like spammers > do. > > Cyveillance could avoid abusing peoples servers by sending people to > look at pages that robots are banned from. Of course this would > increase their costs, just like spammers costs would increase by using > ethical mailing practices. Cyveillance, like spammers, choose to ignore > peoples wishes in order to make their money. > > If you run a web site, you may want to grep your logs for visits from > 63. 148.99.224/27 & 65.118.41.192/27. You may also want to firewall > those addresses if you find that they have been abusing your resources > for their profit. > > If you look back to the June and July 2003 archives for the main SpamCop > newsgroup, you'll see quite a bit of discussion on the matter. > http://news.spamcop.net/pipermail/spamcop-list/ > > There are more ethical companies that perform the same service, such as > NameProtect, who identify their bot and obey the robots.txt protocol. > Their robot is perfectly welcome on my sites. Cyveillance are > firewalled whenever I find them. > > Julian (as is his right) has decided that Cyveillance are a good thing. > Quite a few people think otherwise and there is no warning on the > SpamCop site as to the abuses Cyveillance get up to. So I just leave > the sig there in an attempt to warn any newbies who drop by the > newsgroups. > > >>I'm interested to know why they collect the spam information from >>SpamCop.net. > > > Cyveillance is in the business of figuring out ways to profit from > information they get wherever they get it. They must feel that it is in > the best interests of them and their clients to be sniffing in the tons > of spam which SC reporters report and permit them to 3rd party. > > Cyveillance and Julian have been 'challenged' or questioned on the > issue, and many do not think that the imaphost is a good 3rd party to be > checking, and those people may elect to configure to leave 3rd parties > unchecked by default instead of checked. > > Cyveillance didn't do a good job here of responding to the questions > which they were asked. > Thank you for sending this, I just this minute changed my settings, actually I had kind of quit using SC, didn't see the point but I guess I'm back to using it again. Heck I got 20 megs I paid for David 1 From Merlyn at Spamcop.net Wed Dec 1 18:50:54 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Wed Dec 1 18:55:06 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Mike Easter" wrote in message news:cok066$93h$1@news.spamcop.net... > Mike Easter wrote: >> Dar wrote: >>> Lycos Offers Spam-Server Attack Program >> >> Lycos spamvampiring > > From Slashdot: > > An anonymous reader writes "Lycos, shortly after producing a screen > saver to fight spammers using a DoS-style attack appears to have been > hacked. Attempting to download the screen saver from lycos results in > this message 'Yes, attacking spammers is wrong, you know this, you > shouldn't be doing it. Your ip address and request have been logged and > will be reported to your ISP for further action.' Or maybe it's just a > joke -- can you ever tell?" > http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 > > -- Why does everyone think this is a Lycos site??? A whois gives: canonical name makelovenotspam.com. addresses 213.115.182.123 Starring Ltd AB Kungsgatan 6 Stockholm, 111 43 SE Is this Lycos???? 213.115.182.123: inetnum: 213.115.182.64 - 213.115.182.127 netname: BB-CUST-STARRING descr: advertising company Is this Lycos???? Is this another Trojan now on hundreds of thousands of computers???? Call me paranoid but something smells fishy here. -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From spamcop at oitc.com Wed Dec 1 19:05:24 2004 From: spamcop at oitc.com (spamcop) Date: Wed Dec 1 19:10:03 2004 Subject: [SpamCop-List] baseurl references Message-ID: RE http://www.spamcop.net/sc?id=z698305946zc5b0a9a430bb0914a4d5119d0b637908z SC misses baseurl references From nobody at spamcop.net Thu Dec 2 00:50:56 2004 From: nobody at spamcop.net (me-no-no) Date: Wed Dec 1 19:55:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Merlyn" wrote in message news:collcu$blh$1@news.spamcop.net... > "Mike Easter" wrote in message > news:cok066$93h$1@news.spamcop.net... >> Mike Easter wrote: >> joke -- can you ever tell?" http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 > Why does everyone think this is a Lycos site??? > > A whois gives: > canonical name makelovenotspam.com. > addresses 213.115.182.123 > > Starring Ltd AB > Kungsgatan 6 > Stockholm, 111 43 > SE > Is this Lycos???? > > 213.115.182.123: > inetnum: 213.115.182.64 - 213.115.182.127 > netname: BB-CUST-STARRING > descr: advertising company > > Is this Lycos???? > > Is this another Trojan now on hundreds of thousands of computers???? > > Call me paranoid but something smells fishy here. I would say working "on behalf of" Lycos i.e.corporate.starring.se [213.115.182.70] http://corporate.starring.se/content/about.jsp They seem to have deceived quite a lot of official news sites, if that's not the case :-) http://news.google.co.uk/news?hl=en&lr=&scoring=d&tab=gn&ie=UTF-8&q=Lycos+Screensaver&btnG=Search+News or http://tinyurl.com/5nfet No official condemnation over the past few days from Lycos either - To the contrary according to many news reports. Ciao Meno From nobody at spamcop.net Thu Dec 2 01:07:20 2004 From: nobody at spamcop.net (me-no-no) Date: Wed Dec 1 20:10:02 2004 Subject: [SpamCop-List] "Money Mule" twist Message-ID: Yet another Phisher MM twist :-) http://221.2.162.21:9121/bannerdrive/viewHome.html Even got the audacity to use the Lincoln Hospital, Bronx NY as their "Registered Office: 234 East 149th Street Bronx, NY 10451 USA Customer Call Center:UK: +1-603-719-1355 9am - 6pm UK time Fax:UK: +1-603-719-1355" Hi! bannerDrive is an online payment services provider. Using e-wallet technology and access to a global banking and payment network. bannerDrive enables online Shoppers and Merchants to make and receive secure, economical and efficient payments for goods and services via a variety of payment methods. We plan to push up sales therefore we search for a sales representatives in USA and United Kingdom. Why you should try this work: 1. You don't need any special knowledge in the field of finance or sales 2. No special membership are incurred 3. This work will take about two hour per day and is not tiresome 4. This is an in-house job 5. You can make good money with us, $2000-4000 per month. Ref: Money Mule info:- http://www.banksafeonline.org.uk/what_mule.html Ciao Meno From Merlyn at Spamcop.net Wed Dec 1 20:41:07 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Wed Dec 1 20:45:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "me-no-no" wrote in message news:colot6$e10$1@news.spamcop.net... > "Merlyn" wrote in message > news:collcu$blh$1@news.spamcop.net... >> "Mike Easter" wrote in message >> news:cok066$93h$1@news.spamcop.net... >>> Mike Easter wrote: >>> joke -- can you ever tell?" > http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 > >> Why does everyone think this is a Lycos site??? >> >> A whois gives: >> canonical name makelovenotspam.com. >> addresses 213.115.182.123 >> >> Starring Ltd AB >> Kungsgatan 6 >> Stockholm, 111 43 >> SE > >> Is this Lycos???? [snipped] >> Call me paranoid but something smells fishy here. > > I would say working "on behalf of" Lycos i.e.corporate.starring.se > [213.115.182.70] > http://corporate.starring.se/content/about.jsp > > They seem to have deceived quite a lot of official news sites, if that's > not the case :-) > http://news.google.co.uk/news?hl=en&lr=&scoring=d&tab=gn&ie=UTF-8&q=Lycos+Screensaver&btnG=Search+News > or > http://tinyurl.com/5nfet > > No official condemnation over the past few days from Lycos either - To the > contrary according to many news reports. > I agree, one of my sites has links to a boatload of news articles about it. I would just think that if Lycos is the actual owner it would show in the Whois instead of an advertising company. -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From nobody at spamcop.net Thu Dec 2 01:58:59 2004 From: nobody at spamcop.net (me-no-no) Date: Wed Dec 1 21:00:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Merlyn" wrote in message news:colrrj$g66$1@news.spamcop.net... > "me-no-no" wrote in message >>> Why does everyone think this is a Lycos site??? >>> A whois gives: >>> canonical name makelovenotspam.com. >>> addresses 213.115.182.123 >>> Starring Ltd AB >>> Kungsgatan 6 >>> Stockholm, 111 43 >>> SE >> >>> Is this Lycos???? > > [snipped] > >>> Call me paranoid but something smells fishy here. >> >> I would say working "on behalf of" Lycos i.e.corporate.starring.se >> [213.115.182.70] >> http://corporate.starring.se/content/about.jsp >> >> They seem to have deceived quite a lot of official news sites, if that's >> not the case :-) >> http://news.google.co.uk/news?hl=en&lr=&scoring=d&tab=gn&ie=UTF-8&q=Lycos+Screensaver&btnG=Search+News >> or >> http://tinyurl.com/5nfet >> >> No official condemnation over the past few days from Lycos either - To >> the contrary according to many news reports. >> > I agree, one of my sites has links to a boatload of news articles about > it. > > I would just think that if Lycos is the actual owner it would show in the > Whois instead of an advertising company. It looks like they outsourced this "Pandora`s Box" to starring.se - in order to keep it well away from their (Lycos) corporate servers - in the event of it all backfiring on them :-) Ciao Meno From nobody at spamcop.net Wed Dec 1 18:06:58 2004 From: nobody at spamcop.net (Dar) Date: Wed Dec 1 21:10:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: > >> Call me paranoid but something smells fishy here. > > > > I would say working "on behalf of" Lycos i.e.corporate.starring.se > > [213.115.182.70] > > http://corporate.starring.se/content/about.jsp > > > > They seem to have deceived quite a lot of official news sites, if that's > > not the case :-) > > http://news.google.co.uk/news?hl=en&lr=&scoring=d&tab=gn&ie=UTF-8&q=Lycos+Screensaver&btnG=Search+News > > or > > http://tinyurl.com/5nfet > > > > No official condemnation over the past few days from Lycos either - To the > > contrary according to many news reports. > > > > > I agree, one of my sites has links to a boatload of news articles about it. > > I would just think that if Lycos is the actual owner it would show in the > Whois instead of an advertising company. > > -- > > Regards, > Merlyn > > A Spamcop advocate > No emails this account is for newsgroups only > People demand freedom of speech to make up for the freedom of thought which > they avoided For whatever it's worth, the link *is* advertised on the main site: http://www.lycos.de/ The link is to: http://www.lycos.de/makelovenotspam/ but clicking on the link from there, you get a Flash popup. Dar From nospam at nospam.org Thu Dec 2 03:40:28 2004 From: nospam at nospam.org (geo_splash_12) Date: Wed Dec 1 21:45:04 2004 Subject: [SpamCop-List] Re: I'm glad this is not my provider... In-Reply-To: References: Message-ID: Warre wrote: > Whois lookup for one of Belgium's largest broadband providers: Correction: this is only a part of skynet.be, which is really spans a much larger range in the ip space. Evidence: http://www.senderbase.org/search?searchString=skynet.be > > % This is the RIPE Whois tertiary server. > % The objects are in RPSL format. > % > % Rights restricted by copyright. > % See http://www.ripe.net/db/copyright.html > > inetnum: 194.78.149.0 - 194.78.149.255 > netname: SKY-2277522 > descr: SKY-1175721 > country: BE > admin-c: AC4927-RIPE > tech-c: SN2068-RIPE > rev-srv: ns1.skynet.be > ... > remarks: ------------------------------------------- > remarks: Network problems to: noc@skynet.be > remarks: Peering requests to: peering@skynet.be > remarks: Abuse notifications to: abuse@skynet.be > remarks: - I did *not* hack your computer > remarks: - I did *not* send you SPAM or virus > remarks: - I will *not* read your abuse complaints > remarks: ------------------------------------------- > > Guess which is the only SBL-listed ISP in Belgium... > > If you want to see for yourself: > http://tinyurl.com/55zce -- And your Chinese exchange student asks: what does it mean "I'm busy". Location 51 57'N 4 28'E From ric.gates at bigsleep.org Thu Dec 2 03:20:48 2004 From: ric.gates at bigsleep.org (Blammo) Date: Wed Dec 1 22:25:04 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: On 01 Dec 2004 Dwayne Conyers entered spamcop and left news:cold5k$5t8$1@news.spamcop.net: > Prolly not... but then again when I got a cable modem at home the day my > account was assigned there were 80 spams sitting there waiting to be > deleted. > Your account was born pregnant! Before it was activated it was aborting them. -- | Ric | From ric.gates at bigsleep.org Thu Dec 2 03:27:16 2004 From: ric.gates at bigsleep.org (Blammo) Date: Wed Dec 1 22:30:02 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: On 01 Dec 2004 Dwayne Conyers entered spamcop and left news:cold9i$5vc$1@news.spamcop.net: > I have two pop-up blockers running simultaneously plus ad killing > thanks to ZoneAlarm so I had a relatively ad-free experience. > > I had to eventually turn off the pop-up blocker sound effects. I'd go > into the site and it would sound like the soundtrack to a Warner Bros > cartoon "ping... ping... pi-pi-pi-piiing..." > You know I saw that crap that ZoneAlarm was doing, and it really pissed me off. Mozilla and Firefox don't need any of that, and the web-bug blocker really screws up some sites. But there's no way to enable it for only IE, which is about the only browser that needs it (well maybe Communicator). I discussed the web-bug-bug with support but they were completely oblivious, I'm not impressed at all. Using Mozilla for some time now and I no longer notice pop-ups at all, unless they are actually needed for some reason. -- | Ric | From nobody at xyzzy.claranet.de Thu Dec 2 06:34:19 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Thu Dec 2 00:35:04 2004 Subject: [SpamCop-List] Re: baseurl references References: Message-ID: <41AEA95B.64DF@xyzzy.claranet.de> spamcop wrote: > http://www.spamcop.net/sc?id=z698305946zc5b0a9a430bb0914a4d5119d0b637908z > SC misses baseurl references Not when I look at it, it found gatheringproducttesters.info Bye, Frank From nobody at xyzzy.claranet.de Thu Dec 2 06:55:41 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Thu Dec 2 01:05:02 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: Message-ID: <41AEAE5D.46F1@xyzzy.claranet.de> Bodger wrote: > Question > What will be the net effect of these changes? Minimal to zero. SMTP AUTH has nothing to do with "enforced submission rights", if you're authenticated you can still forge your MAIL FROM. SMTP AUTH PLAIN or LOGIN over a normal connection (no SSL / TLS) is not much better than SMTP-after- POP, and worse than SMTP-after-APOP. SMTP AUTH in addition to RADIUS may help to confuse trojaned boxes if they try to spam using the official relay of the ISP. You really need it for roaming users _or_ "enforced submission rights". In the case of _and_ SMTP AUTH works also, but then SMTP-after-POP would be not much worse. I've just lost an account with SMTP-after-POP _and_ "enforced submission rights". Bad for me, because my old MUA does not support SMTP AUTH. Bad for the world at large, because I'm now using another account with another MUA with SMTP AUTH but _without_ "enforced submission rights": Of course I screwed up and sent MAIL FROM: via this provider. They accepted it, but it was forged, my real address at this provider is different. With the old account that was impossible, they rejected it. In other words, SMTP AUTH alone is almost useless. Bye, Frank From skiwi at spamcop.net Wed Dec 1 22:39:50 2004 From: skiwi at spamcop.net (sk1w1) Date: Thu Dec 2 01:40:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: me-no-no wrote: > Is this for real ?? (courtesy heise.de) 26.11.2004 16:43 > > Lycos users are to attack spammers > In its campaign "Make Love, Not Spam", Lycos Europe is now sending a very > special screen saver to its users. This program for Windows or MacOS > constantly visits websites for which spam has been sent. "The more users > download and use the screen saver, the lower the performance of the sites > sending out the spam, and the greater the costs for the operators," Lycos > explained..............http://www.heise.de/english/newsticker/news/53697 > Ciao > Meno Hitting the mass media... e.g., today's www.smh.com.au reprinted from the Guardian - which is presumably why they list http://www.lycos.co.uk as the 'download site'... Refinement of Spam Vampire concept I guess (http://www.hillscapital.com/antispam/) Wonder how many users after signing up will get there service threatened / cut by their own ISP for 'denial of service' reasons... and/or ISPs start charging for 'excessive' download volumes... ---- My prediction of next piece of malware - hijacking of the Lycos et al software to 'attack' other sites such as Spamcop, Spamhaus, etc! ---- Mind you, if I asked 'nice', do you think Lycos UK would direct all attempts for a few days at cears.com, etc over there in BR? :-) From devnull at devnull.devnull Thu Dec 2 10:38:21 2004 From: devnull at devnull.devnull (Anty Spam) Date: Thu Dec 2 03:50:08 2004 Subject: [SpamCop-List] Re: Phish For A Phisher :-) References: Message-ID: "me-no-no" wrote in message news:coanji$k61$1@news.spamcop.net... > Interesting - Phisher forgot to chmode to stop peaking :-) > http://146.83.5.15/.paypal/ > > Ciao > Meno > Hmm : Uruguay Maybe an engineering student is taking "SPAM & SCAM 101" for bonus credits. Especially with all the activities of this kind from South Amercian countries ...:-) Cheers From porpoise1954 at yahoo.co.uk Thu Dec 2 09:57:28 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Thu Dec 2 05:00:54 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Merlyn" wrote in message news:collcu$blh$1@news.spamcop.net... > "Mike Easter" wrote in message > news:cok066$93h$1@news.spamcop.net... >>>> http://it.slashdot.org/it/04/12/01/0250244.shtml?tid=111&tid=218 >> >> -- > > Why does everyone think this is a Lycos site??? > > A whois gives: > canonical name makelovenotspam.com. > addresses 213.115.182.123 > > Starring Ltd AB > Kungsgatan 6 > Stockholm, 111 43 > SE > > Is this Lycos???? > > 213.115.182.123: > inetnum: 213.115.182.64 - 213.115.182.127 > netname: BB-CUST-STARRING > descr: advertising company > > Is this Lycos???? > > Is this another Trojan now on hundreds of thousands of computers???? > > Call me paranoid but something smells fishy here. Now, it's funny you should say that because I was starting towards a similar conclusion........ I've gone all over the Lycos site, and there's no reference to this screensaver whatsoever. AFAICS. From David1 at suescornerweb.com Thu Dec 2 05:18:48 2004 From: David1 at suescornerweb.com (David 1) Date: Thu Dec 2 05:20:13 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... In-Reply-To: References: Message-ID: Blammo wrote: > On 01 Dec 2004 Dwayne Conyers entered spamcop and left > news:cold9i$5vc$1@news.spamcop.net: > > >>I have two pop-up blockers running simultaneously plus ad killing >>thanks to ZoneAlarm so I had a relatively ad-free experience. >> >>I had to eventually turn off the pop-up blocker sound effects. I'd go >>into the site and it would sound like the soundtrack to a Warner Bros >>cartoon "ping... ping... pi-pi-pi-piiing..." >> > > > You know I saw that crap that ZoneAlarm was doing, and it really pissed me > off. Mozilla and Firefox don't need any of that, and the web-bug blocker > really screws up some sites. But there's no way to enable it for only IE, > which is about the only browser that needs it (well maybe Communicator). > I discussed the web-bug-bug with support but they were completely > oblivious, I'm not impressed at all. > > Using Mozilla for some time now and I no longer notice pop-ups at all, > unless they are actually needed for some reason. I do have to say since I switched to FireFox about a month or so ago I've been really happy, there have only been 2 sites I've had to open & both of those were financial. You get this little line on top of your screen that tells you it blocked & a link to allow it. I don't know if sound is optional or not but I never hear nothing & that suits me just fine. David 1 From porpoise1954 at yahoo.co.uk Thu Dec 2 12:22:09 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Thu Dec 2 07:25:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41AEAE5D.46F1@xyzzy.claranet.de> Message-ID: "Frank Ellermann" wrote in message news:41AEAE5D.46F1@xyzzy.claranet.de... > Bodger wrote: > >> Question >> What will be the net effect of these changes? > > Of course I screwed up and sent MAIL FROM: via > this provider. They accepted it, but it was forged, my real > address at this provider is different. With the old account > that was impossible, they rejected it. > > In other words, SMTP AUTH alone is almost useless. Bye, Frank > Maybe I'm missing something here, but I think your missing the point of *auth.smtp*. It's primary purpose is so that you have to login to the smtp server to send mail, in the same way that you have to login to the pop server to retrieve your incoming mail, thereby, stopping unauthorised use of the smtp server by people who don't actually have an account. As long as you have a valid username and password to login, it shouldn't make any difference what email you give as the return address. (As long as it's a valid one of course). Without that, anyone would be able to send mail from that server (this is how most of the forged From: stuff is actually sent - which is why the slow ISPs/hosts are now getting their act together with this. There is also the distinction to be made between ISP and hosting. Our ISP has nothing to do with our hosting company - and, therefore, nothing to do with our email. So, our logins for the two are entirely seperate issues (Even with always-on broadband there *is* still a login). This is one of the issues related to forms on webpages; you have to be careful that the script is external to the page so that someone cannot exploit any information relating to the processing of the form data (such as the login details for the email account - if the form data is emailed somewhere). From porpoise1954 at yahoo.co.uk Thu Dec 2 12:26:54 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Thu Dec 2 07:30:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41AEAE5D.46F1@xyzzy.claranet.de> Message-ID: "Porpoise" wrote in message news:con1f8$6q1$2@news.spamcop.net... > > > Maybe I'm missing something here, but I think your missing the point of Sh*t! yes! I did it your honour! I plead guilty as charged! It should have been "you're". ;-) Half asleep. From dkona7b02 at sneakemail.com Thu Dec 2 10:43:31 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Thu Dec 2 10:43:35 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: <3.0.5.32.20041202104331.00f81a20@loki.fstrf.org> What I am wondering is which sites are on the attack list?? The article I read mentioned SpamCop as the source, but SpamCop only lists email injection sites, not SPAMvertisers... So, does that mean the screen saver is going after all the zombie boxes that are spewing out the SPAM itself or do they have access to some hidden list of SPAMvertisers that we report? At 10:39 PM 12/1/2004 -0800, sk1w1 typed: >snip< >Wonder how many users after signing up will get there service threatened >/ cut by their own ISP for 'denial of service' reasons... and/or ISPs >start charging for 'excessive' download volumes... From ric.gates at bigsleep.org Thu Dec 2 16:37:50 2004 From: ric.gates at bigsleep.org (Blammo) Date: Thu Dec 2 11:40:02 2004 Subject: [SpamCop-List] Re: One way to deal with the spam problem... References: Message-ID: On 02 Dec 2004 David 1 entered spamcop and left news:comq54$2o7$1@news.spamcop.net: > I don't know if > sound is optional or not but I never hear nothing & that suits me just > fine. I'm pretty sure it is, I actually use an old plugin called Yamaha MIDPLUG for XG. You need one or all of Macromedia Shockwave Flash, Quicktime (which will play audio as well), and optionally Windows Media Player Plug-in. Type about:plugins into location to see the list. Actually many sites use the MS tag BGSOUND which only works in MSIE as far as I know. Some sites use Flash sound, and you can get an extension that will disable Flash until you click it, which is nice since Flash doesn't give you any audio controls. MidPlug is a little awkward, but I like it because it's very similar to the old LiveAudio plugin. If anyone wants it I'll post a link. -- | Ric | From beanta at slu.edu Thu Dec 2 10:38:39 2004 From: beanta at slu.edu (Thomas Bean) Date: Thu Dec 2 11:55:07 2004 Subject: [SpamCop-List] SC Parser misses URLs w/ bogus embedded HTML tags Message-ID: I have been encountering spam e-mails lately that have bogus HTML tags embedded throughout the text/html section. The spammer has evidently discovered that this will confuse the SpamCop parser. This is a recent example (from reportid 1304805196): http://211.158.15.61/vb/ The actual spamvertised URL is http://211.158.15.61/vb/ In my e-mail client, the bogus tags do not show up as displayable text in the URL; however, the resulting URL is non-clickable (the spammer precedes the URL with instructions to copy and paste the URL into a browser). Is this a common spammer trick? Is there any way to get SC to report these sites without munging the message text (which is against SC rules)? Is there any formal process in place to submit suggestions for improvements to the parser? From MikeE at ster.invalid Thu Dec 2 08:53:44 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 11:55:13 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Spam Hater wrote: > What I am wondering is which sites are on the attack list?? The > article I read mentioned SpamCop as the source, but SpamCop only > lists email injection sites, not SPAMvertisers... SC 'publishes' spamvertisers on the stats page^1, which is helpful to scrapers such as surbl^2 which list them in their own blocklist. > So, does that mean > the screen saver is going after all the zombie boxes that are spewing > out the SPAM itself No. > or do they have access to some hidden list of > SPAMvertisers that we report? Not hidden, see below. Maybe they use some subset of the surbl. They also claim to actually check for themselves if their targetted sites are 'really' spamvertiser sites. ^1 frontpage http://www.spamcop.net/spamstats.shtml Spamvertised Web Sites http://www.spamcop.net/w3m?action=inprogress;type=www ^2 SURBL - Spam URI Realtime Blocklists sc.surbl.org - SpamCop message-body URI domains "Scripts which power the database and SURBL creation grab data from SpamCop's "Spamvertised Web Sites" web page every couple minutes or so, then merge new entries and expire the data so that it's never more than 4 days old." -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 2 08:58:17 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 12:00:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Thomas Bean wrote: > This is a recent example (from reportid 1304805196): The best way to post a demonstration of a spamcop parse for discussion is to parse the item, copy the tracking url from the top section, and then send or cancel the parse. The context is like this: Here is your TRACKING URL - it may be saved for future reference: spamcop.net/sc?id=z698550180za357f3a3dcfb7167cafed942287fbf56z -- Mike Easter kibitzer, not SC admin From ric.gates at bigsleep.org Thu Dec 2 17:32:10 2004 From: ric.gates at bigsleep.org (Blammo) Date: Thu Dec 2 12:35:04 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: On 02 Dec 2004 Thomas Bean entered spamcop and left news:conh46$fvl$1@news.spamcop.net: > Is there any way to get SC to report these > sites without munging the message text (which is against SC rules)? If you open a second SpamCop window so you can get the Submit Spam form you can paste the URL in and parse it. This will give you an eMail address to ad to the user notification. I'm pretty sure you need a paid account to get the User Notify option. -- | Ric | From nobody at spamcop.net Thu Dec 2 11:43:45 2004 From: nobody at spamcop.net (Ellen) Date: Thu Dec 2 12:40:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Spam Hater" wrote in message news:mailman.23.1102002215.4572.spamcop-list@news.spamcop.net... > What I am wondering is which sites are on the attack list?? The article I > read mentioned SpamCop as the source, but SpamCop only lists email > injection sites, not SPAMvertisers... So, does that mean the screen saver > is going after all the zombie boxes that are spewing out the SPAM itself > or do they have access to some hidden list of SPAMvertisers that we > report? > They have no access to any hidden lists -- there are no hidden lists :-) There is the listing on the stats page of urls that are currently being reported from spam reports. http://www.spamcop.net/w3m?action=inprogress;type=www That page, and all the stats pages, are publicly available resources. I do not know if they (whoever they are) are using that page or not. Let me add that the first we heard about this tool/screensaver thing was reading anti-spam lists/forums the same as everyone else. Ellen From dkona7b02 at sneakemail.com Thu Dec 2 12:52:44 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Thu Dec 2 12:53:38 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags In-Reply-To: References: Message-ID: <3.0.5.32.20041202125244.00f80f40@loki.fstrf.org> Where did you see a rule that says munging the message text is forbidden?? AFAIK, you can munge anything you wish in order to hide references to yourself in a SPAM item. If the SPAMmer includes a bogus URL of the form www.yourdomain.com I personally don't think there is anything wrong with simply removing the entire reference. That would be a case of under reporting which shouldn't upset the apple cart at all. It is the same as simply unclicking the checkmark next to the report for that website after the parse. The only time munging is not an option is when an ISP specifically refuses munged reports. Are you sure you are not confusing this with the "no material changes" rule? That only applies to cases where changing a header item might cause SpamCop to misidentify the sender... On 02 Dec 2004 Thomas Bean wrote: > Is there any way to get SC to report these > sites without munging the message text (which is against SC rules)? From beanta at slu.edu Thu Dec 2 11:50:00 2004 From: beanta at slu.edu (Thomas Bean) Date: Thu Dec 2 12:55:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Sorry, here is the tracking URL: http://www.spamcop.net/sc?id=z698535436z3e5e148442ca867247174028607d3131z --Thomas "Mike Easter" wrote in message news:conhi1$geo$1@news.spamcop.net... > Thomas Bean wrote: > > This is a recent example (from reportid 1304805196): > > The best way to post a demonstration of a spamcop parse for discussion > is to parse the item, copy the tracking url from the top section, and > then send or cancel the parse. > > The context is like this: > > Here is your TRACKING URL - it may be saved for future reference: > spamcop.net/sc?id=z698550180za357f3a3dcfb7167cafed942287fbf56z > > > -- > Mike Easter > kibitzer, not SC admin > From beanta at slu.edu Thu Dec 2 11:51:12 2004 From: beanta at slu.edu (Thomas Bean) Date: Thu Dec 2 12:55:08 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Good idea. I do have a paid account, so I will try that. "Blammo" wrote in message news:Xns95B3611921B4Eblammo@216.154.195.61... > On 02 Dec 2004 Thomas Bean entered spamcop and left > news:conh46$fvl$1@news.spamcop.net: > > > Is there any way to get SC to report these > > sites without munging the message text (which is against SC rules)? > > If you open a second SpamCop window so you can get the Submit Spam form you > can paste the URL in and parse it. This will give you an eMail address to > ad to the user notification. > I'm pretty sure you need a paid account to get the User Notify option. > > -- > | Ric > | From cnwykab02 at sneakemail.com Thu Dec 2 18:57:08 2004 From: cnwykab02 at sneakemail.com (Warre) Date: Thu Dec 2 13:00:04 2004 Subject: [SpamCop-List] Re: I'm glad this is not my provider... In-Reply-To: References: Message-ID: geo_splash_12 wrote: > Warre wrote: > >> Whois lookup for one of Belgium's largest broadband providers: > > > Correction: this is only a part of skynet.be, which is really spans a > much larger range in the ip space. Evidence: > > http://www.senderbase.org/search?searchString=skynet.be > I know. My mistake. See my previous post... From SpamNScamsReporter# at gmail#.com# Thu Dec 2 10:09:35 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Thu Dec 2 13:10:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: sk1w1 wrote: > me-no-no wrote: > >> Is this for real ?? (courtesy heise.de) 26.11.2004 16:43 >> > > Wonder how many users after signing up will get there service threatened > / cut by their own ISP for 'denial of service' reasons... and/or ISPs > start charging for 'excessive' download volumes... > > ---- > > My prediction of next piece of malware - hijacking of the Lycos et al > software to 'attack' other sites such as Spamcop, Spamhaus, etc! > > ---- > > Mind you, if I asked 'nice', do you think Lycos UK would direct all > attempts for a few days at cears.com, etc over there in BR? :-) Here's a forwarded message to list. Long, but with a SpamCop reference. Is this what might be slowing down SpamCop's servers? It also shows targets of the screen saver. ----- Forwarded message from "Hannigan, Martin" ----- > From: "Hannigan, Martin" > To: nanog list > Subject: RE: How many backbones here are filtering the makelovenotspam screensaver site? > Date: Thu, 2 Dec 2004 10:28:26 -0500 > > > > -----Original Message----- > > From: Lionel [mailto:nop@alt.net] > > Sent: Thursday, December 02, 2004 8:40 AM > > To: Hannigan, Martin > > Cc: nanog list > > Subject: Re: How many backbones here are filtering the makelovenotspam screensaver site? > > > > > > On Thu, 2 Dec 2004 08:27:38 -0500 , "Hannigan, Martin" > > wrote: > > > > >> > Hosted on a cablemodem? Tch, tch, how the mighty have fallen > > > > > > > > >The blocks are widespread. > > > > > >The reports of hackers are incorrect. The blackholes are > > what is stopping > > >them. > > > > What amazing efficiency. I can't help but wonder if these > > same providers > > are as quick at blackholing spamsite hosts, or blocking the zombies on > > their user networks from spewing spam on port 25? > > If you tied all the spammers into a few controllers, you see it happen > immediately. > > I've been following the news reports on this. Here's a quick summary > of "what I know" without making any judgement or opinion: > > > - The lycos screensaver campaign activated Tuesday > - Major networks began activating blocks > - When the controllers can't be reached, the clients die off > - If screensaver is active when controllers die, it runs > off the current target list. > - If screensaver deactivates, then activates, it can't > contact the servers and tells the user it's "off the internet" > (I can't verify the veracity of the update process i.e. if it > will die while active) > - Blocks started going up early Wednesday morning > - The press began reporting hackers due to an apparentdefacement > being seen by many users. What they actually saw was the banner of > an ISP that had blackholed the traffic and redirected port > 80 to a notice. > - Lycos moved their application to a hosting facility with bigger pipes > - Target sites began using redirects sending the traffic back > to Lycos > - Press reports are coming out today regarding the blackholes > - SpamCop is the source of the target list via a page that is public > off of the SpamCop site (SpamCop is does not appear to have complicity) > - The effectiveness of the blackholes is rising > - There are a reported 100K clients downloaded. Less than you would > expect due to the voluminous press coverage. Probably a result of > the blackhole activity as well. > > I'm really not sure if Lycos knows about the blackholes at > this point as the press has been reporting "hackers" all the while. > If you think it's hacked, check the route. > > Here's some operational data captured via ethereal > > The target list generated by the botnet controller: > > GET > /xml/69426058014054/94772079193788/35264029467456/12122010129438/CONFIG_2865 > 2023942308.xml HTTP/1.1 > Referer: > http://backend.makelovenotspam.com/xml/69426058014054/94772079193788/3526402 > 9467456/12122010129438/CONFIG_28652023942308.xml > x-flash-version: 7,0,19,0 > User-Agent: Shockwave Flash > Host: backend.makelovenotspam.com > Cache-Control: no-cache > > HTTP/1.1 200 OK > Server: Resin/2.1.14 > Content-Type: text/xml; charset=UTF-8 > Content-Length: 2889 > Connection: close > Date: Thu, 02 Dec 2004 15:22:00 GMT > > > domain="myshopinternetcompany.com" > url="http://myshopinternetcompany.com/?e=aa5100" bytes="357460680" > hits="2572309" percentage="100" responsetime01="498" responsetime02="0" > location="BR" /> url="http://grlswaiting4u.com/" bytes="206765667" hits="1488797" > percentage="100" responsetime01="11866" responsetime02="0" location="US" > /> url="http://1stwebsitetheyourshop.com/?e=aa5100" bytes="317867325" > hits="2288427" percentage="100" responsetime01="507" responsetime02="0" > location="BR" /> url="http://cheap-r-x.com/" bytes="355920802" hits="2565612" > percentage="100" responsetime01="787" responsetime02="0" location="CN" > /> url="http://www.hlplmanhds.biz/" bytes="317590861" hits="2269503" > percentage="100" responsetime01="785" responsetime02="0" location="CN" > /> url="http://r.vtm.homewo.com/" bytes="367630639" hits="2248424" > percentage="100" responsetime01="5542" responsetime02="0" location="CN" > /> url="http://www.incentiverewardcenter.com/xg_reg.htm?SID=ab9ee352c3402bdc858 > e5540b887d28a--landing_page=1--show=zip--=--p=92375--c=5411-toys250_720_emc- > -catalog_id=14--a=--affil=5408--subid=1" bytes="1028999994" hits="6992693" > percentage="-144200" responsetime01="1442" responsetime02="-1" location="US" > /> url="http://www.macromed.ws/" bytes="742958780" hits="5063804" > percentage="100" responsetime01="1212" responsetime02="0" location="RU" > /> url="http://www.curdom.com/" bytes="734756904" hits="4831221" > percentage="46" responsetime01="2134" responsetime02="4541" location="CN" > /> url="http://www.bacbwefds.info/" bytes="422036604" hits="2463679" > percentage="100" responsetime01="3375" responsetime02="0" location="CN" > /> value="http://backend.makelovenotspam.com/xml" /> name="interval-diagram" value="10000" /> value="10000" /> name="refresh-xml" value="1200000" /> /> value="http://backend.makelovenotspam.com/report" /> name="average-percentage" value="100.0" /> value="143003829363" /> name="downloads" value="103803" /> /> > > > Here's what they appear to receiving a lot as a result: > > IN`TS > . > > 501 Method Not Implemented > >

Method Not Implemented

>

<makeLOVEnotSPAM>IN`TS</makeLOVEnotSPAM> to /index.html not > supported.
>

> > > > ----- End forwarded message ----- From beanta at slu.edu Thu Dec 2 12:10:05 2004 From: beanta at slu.edu (Thomas Bean) Date: Thu Dec 2 13:15:04 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Not according to the FAQ (http://www.spamcop.net/fom-serve/cache/283.html): SpamCop FAQ : SpamCop Parsing and Reporting Service : Rules - everybody read! : Material changes to spam "SpamCop does what it does and doesn't do for a reason. Do not make any material changes to spam before submitting or parsing which may cause SpamCop to find a link, address or URL it normally would not, by design, find." I don't see any mention of this only applying in cases that might cause a misidentification of the sender. Am I interpreting this too strictly/literally? In my case, the spammer was not using a bogus URL, there were simply bogus HTML tags inserted between characters in the URL that prevented the SC parser from recognizing it. "Spam Hater" wrote in message news:mailman.24.1102010019.4572.spamcop-list@news.spamcop.net... > Where did you see a rule that says munging the message text is > forbidden?? AFAIK, you can munge anything you wish in order to hide > references to yourself in a SPAM item. If the SPAMmer includes a > bogus URL of the form www.yourdomain.com I personally don't think > there is anything wrong with simply removing the entire reference. > That would be a case of under reporting which shouldn't upset the > apple cart at all. It is the same as simply unclicking the checkmark > next to the report for that website after the parse. The only time > munging is not an option is when an ISP specifically refuses munged > reports. > > Are you sure you are not confusing this with the "no material > changes" rule? That only applies to cases where changing a > header item might cause SpamCop to misidentify the sender... > > On 02 Dec 2004 Thomas Bean wrote: > > > Is there any way to get SC to report these > > sites without munging the message text (which is against SC rules)? > From SpamNScamsReporter# at gmail#.com# Thu Dec 2 10:12:31 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Thu Dec 2 13:15:06 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: Spam Hater wrote: > What I am wondering is which sites are on the attack list?? The article I > read mentioned SpamCop as the source, but SpamCop only lists email > injection sites, not SPAMvertisers... So, does that mean the screen saver > is going after all the zombie boxes that are spewing out the SPAM itself > or do they have access to some hidden list of SPAMvertisers that we > report? > > At 10:39 PM 12/1/2004 -0800, sk1w1 typed: > > >>snip< >>Wonder how many users after signing up will get there service threatened >>/ cut by their own ISP for 'denial of service' reasons... and/or ISPs >>start charging for 'excessive' download volumes... Here is what seems to be the target list. > Here's some operational data captured via ethereal > > The target list generated by the botnet controller: > > GET > /xml/69426058014054/94772079193788/35264029467456/12122010129438/CONFIG_2865 > 2023942308.xml HTTP/1.1 > Referer: > http://backend.makelovenotspam.com/xml/69426058014054/94772079193788/3526402 > 9467456/12122010129438/CONFIG_28652023942308.xml > x-flash-version: 7,0,19,0 > User-Agent: Shockwave Flash > Host: backend.makelovenotspam.com > Cache-Control: no-cache > > HTTP/1.1 200 OK > Server: Resin/2.1.14 > Content-Type: text/xml; charset=UTF-8 > Content-Length: 2889 > Connection: close > Date: Thu, 02 Dec 2004 15:22:00 GMT > > > domain="myshopinternetcompany.com" > url="http://myshopinternetcompany.com/?e=aa5100" bytes="357460680" > hits="2572309" percentage="100" responsetime01="498" responsetime02="0" > location="BR" /> url="http://grlswaiting4u.com/" bytes="206765667" hits="1488797" > percentage="100" responsetime01="11866" responsetime02="0" location="US" > /> url="http://1stwebsitetheyourshop.com/?e=aa5100" bytes="317867325" > hits="2288427" percentage="100" responsetime01="507" responsetime02="0" > location="BR" /> url="http://cheap-r-x.com/" bytes="355920802" hits="2565612" > percentage="100" responsetime01="787" responsetime02="0" location="CN" > /> url="http://www.hlplmanhds.biz/" bytes="317590861" hits="2269503" > percentage="100" responsetime01="785" responsetime02="0" location="CN" > /> url="http://r.vtm.homewo.com/" bytes="367630639" hits="2248424" > percentage="100" responsetime01="5542" responsetime02="0" location="CN" > /> url="http://www.incentiverewardcenter.com/xg_reg.htm?SID=ab9ee352c3402bdc858 > e5540b887d28a--landing_page=1--show=zip--=--p=92375--c=5411-toys250_720_emc- > -catalog_id=14--a=--affil=5408--subid=1" bytes="1028999994" hits="6992693" > percentage="-144200" responsetime01="1442" responsetime02="-1" location="US" > /> url="http://www.macromed.ws/" bytes="742958780" hits="5063804" > percentage="100" responsetime01="1212" responsetime02="0" location="RU" > /> url="http://www.curdom.com/" bytes="734756904" hits="4831221" > percentage="46" responsetime01="2134" responsetime02="4541" location="CN" > /> url="http://www.bacbwefds.info/" bytes="422036604" hits="2463679" > percentage="100" responsetime01="3375" responsetime02="0" location="CN" > /> value="http://backend.makelovenotspam.com/xml" /> name="interval-diagram" value="10000" /> value="10000" /> name="refresh-xml" value="1200000" /> /> value="http://backend.makelovenotspam.com/report" /> name="average-percentage" value="100.0" /> value="143003829363" /> name="downloads" value="103803" /> /> > > From nobody at devnull.spamcop.net Thu Dec 2 12:31:01 2004 From: nobody at devnull.spamcop.net (Cat) Date: Thu Dec 2 13:35:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags In-Reply-To: References: Message-ID: (Top posting fixed) Thomas Bean wrote: > "Mike Easter" wrote in message > news:conhi1$geo$1@news.spamcop.net... >>The context is like this: >> >>Here is your TRACKING URL - it may be saved for future reference: >>spamcop.net/sc?id=z698550180za357f3a3dcfb7167cafed942287fbf56z > Sorry, here is the tracking URL: > > http://www.spamcop.net/sc?id=z698535436z3e5e148442ca867247174028607d3131z Please don't top post. It gets the conversation out of order and makes it harder to understand the context of your posts because people have to scroll up and down to understand what you're saying or replying to. Notice how Mike Easter replied inline below each quoted point and snipped out the rest. Inline posting keeps the conversation in a logical order. See #6 at http://linux.sgms-centre.com/misc/netiquette.php and #1 and #2 at http://www.river.com/users/share/etiquette/ for more snipping and inline posting netiquette. -Cat SpamCop user, not an admin From MikeE at ster.invalid Thu Dec 2 10:46:08 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 13:50:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Thomas Bean wrote: > Sorry, here is the tracking URL: spamcop.net/sc?id=z698535436z3e5e148442ca867247174028607d3131z In this example, not only does SC fail to find the spamvertised payload because of the construction, but the 'evidence' of the body content only has 'value' when rendered. One of the values of manual reporting is to be able to handle particular items 'easily' when the SC method doesn't suffice. The way I would report that with my 'standard' manual template, which has the entire original complete headers + unrendered spambody, would be to also include the rendered version just above that section. I would also pay attention to where that notify would be going. 211.158.15.61 no rDNS whois.apnic.net inetnum: 211.158.0.0 - 211.158.31.255 descr: Chongqing BoardBand Networks Co.,Ltd. which is listed in multiple db/s including sbl as the /17 and spews as 1, 211.158.0.0 - 211.158.31.255, cqnet.com.cn (extremexxxfootage.com) those are both huge blocks, indicating total unresponsiveness; so simply reporting to the unresponisve .cn provider isn't going to do anygood at all. So, now that we've gone to the trouble of figuring that SC can't notify, we would also have to go to additional trouble to assess the upstream adjacencies of the unresponsive provider; which is likely to turn out very glum. The ASN is AS17774 Upstream Adjacent AS list AS9817 ETNSBBNETWORK Guangdong Belton Telecommunications Technology Development Co.,Ltd. support@etns.net abuse@gblx.net postmaster@elephanttalk.com postmaster@etns.net (for etns.net) AS9929 CNCNET-CN China Netcom Corp. tech-group@china-netcom.com daihy@china-netcom.com postmaster@china-netcom.com cncsummary@special.abuse.net (for china-netcom.com) So, it isn't a very happy picture, but at least you would have done a thorough job of notifying the 'appropriate' upstreams. You would tell them about the unresponsiveness of the provider vis the spews and spamhaus listings in about 1 line. -- Mike Easter kibitzer, not SC admin From dkona7b02 at sneakemail.com Thu Dec 2 14:00:19 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Thu Dec 2 14:00:26 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags In-Reply-To: References: Message-ID: <3.0.5.32.20041202140019.01606620@loki.fstrf.org> Yes, I believe you are being too strict in your interpretation... Material changes, as defined, are only those that will cause the parser to change its mind about who to report. Taking out spurious noise in the SPAM body shouldn't cause any change in the parsers processing along those lines so it shouldn't be considered a "material" change in my opinion... At 12:10 PM 12/2/2004 -0600, Thomas Bean typed: >Not according to the FAQ (http://www.spamcop.net/fom-serve/cache/283.html): > > SpamCop FAQ : SpamCop Parsing and Reporting Service : Rules - everybody >read! : Material changes to spam > > "SpamCop does what it does and doesn't do for a reason. Do not make any >material changes to spam before submitting or parsing which may cause >SpamCop to find a link, address or URL it normally would not, by design, >find." > >I don't see any mention of this only applying in cases that might cause a >misidentification of the sender. Am I interpreting this too >strictly/literally? > >In my case, the spammer was not using a bogus URL, there were simply bogus >HTML tags inserted between characters in the URL that prevented the SC >parser from recognizing it. > >"Spam Hater" wrote >> Where did you see a rule that says munging the message text is >> forbidden?? AFAIK, you can munge anything you wish in order to hide >> references to yourself in a SPAM item. If the SPAMmer includes a >> bogus URL of the form www.yourdomain.com I personally don't think >> there is anything wrong with simply removing the entire reference. >> That would be a case of under reporting which shouldn't upset the >> apple cart at all. It is the same as simply unclicking the checkmark >> next to the report for that website after the parse. The only time >> munging is not an option is when an ISP specifically refuses munged >> reports. >> >> Are you sure you are not confusing this with the "no material >> changes" rule? That only applies to cases where changing a >> header item might cause SpamCop to misidentify the sender... >> >> On 02 Dec 2004 Thomas Bean wrote: >> >> > Is there any way to get SC to report these >> > sites without munging the message text (which is against SC rules)? From PossumTrot at dont.spam.me Thu Dec 2 10:56:22 2004 From: PossumTrot at dont.spam.me (Possum Trot) Date: Thu Dec 2 14:05:03 2004 Subject: [SpamCop-List] FTC Endorses Bounty for Spammers Message-ID: The U.S. Federal Trade Commission has given its endorsement to a plan that would reward insiders for information leading to the arrest and conviction of people or companies that produce spam. http://tinyurl.com/4qytq From MikeE at ster.invalid Thu Dec 2 11:06:24 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 14:10:04 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: oops, I left out the notifies for AS17774 Mike Easter wrote: > 211.158.15.61 no rDNS > whois.apnic.net > inetnum: 211.158.0.0 - 211.158.31.255 > descr: Chongqing BoardBand Networks Co.,Ltd. whois -h whois.abuse.net cqnet.com.cn ... postmaster@cqnet.com.cn abuse@cnc-noc.net (for cqnet.com.cn) I believe in including the unresponsive provider in the same notify that I'm copying to its upstream adjacencies. Sometimes it is motivating. The fact that cnc-noc is in the abuse.net reg is a 'good sign' [not really great, but something 'postive' amidst the gloom]. > The ASN is AS17774 > Upstream Adjacent AS list -- Mike Easter kibitzer, not SC admin From please_reply_to_newsgroup at something.com Thu Dec 2 19:10:03 2004 From: please_reply_to_newsgroup at something.com (Paul D) Date: Thu Dec 2 14:10:06 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow References: Message-ID: Hi Everyone I'm afraid the problem hasn't become any better. Is anyone able to make any progress with this, or will I have to stop using the service? This would eb a shame. Thanks Paul From SpamNScamsReporter# at gmail#.com# Thu Dec 2 11:50:59 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Thu Dec 2 14:55:03 2004 Subject: [SpamCop-List] Re: Phish For A Phisher :-) In-Reply-To: References: Message-ID: Gezgin wrote: > "Taurolyon" <---------------------------@spamcop.net> wrote > >>> Interesting - Phisher forgot to chmode to stop peaking :-) >>> http://146.83.5.15/.paypal/ > > >> scary stuff.. what does he plan on doing? getting people's paypal info? > > > More likely making a complete fool of himself on the net. Though I am a > bit puzzled that the site is still up. It certainly must have been > reported many times already. > The site no longer resolves for me. From Merlyn at Spamcop.net Thu Dec 2 14:58:52 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Thu Dec 2 15:00:03 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: "Possum Trot" wrote in message news:cononi$mdp$1@news.spamcop.net... > The U.S. Federal Trade Commission has given its endorsement to a plan that > would reward insiders for information leading to the arrest and conviction > of people or companies that produce spam. > > http://tinyurl.com/4qytq Old News: September 17, 2004 -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From MikeE at ster.invalid Thu Dec 2 12:34:39 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 15:35:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Thomas Bean wrote: > The actual spamvertised URL is http://211.158.15.61/vb/ > Is there any way to get SC to report > these sites No. If you are a free reporter you can manually notify. If you are a paid reporter you can add additional notify addresses to a spamcop report. But, you can't materially change the spamitem to cause SC to find something it wouldn't. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 2 12:38:17 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 15:40:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Blammo wrote: > Thomas Bean >> Is there any way to get SC to report these >> sites without munging the message text (which is against SC rules)? > > If you open a second SpamCop window so you can get the Submit Spam > form you can paste the URL in and parse it. This will give you an > eMail address to ad to the user notification. > I'm pretty sure you need a paid account to get the User Notify option. What Ric is describing there is how to get SC to provide you with the notify address/es so that a paid reporter can add those to the notifies. He isn't talking about making a 'surreptitious' spamchange to get SC to notify something it didn't find. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 2 12:42:32 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 15:45:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Restructuring this to counteract two topposters. >Thomas Bean wrote: >> Is there any way to get SC to report these >> sites without munging the message text (which is against SC rules)? Spam Hater wrote: > Where did you see a rule that says munging the message text is > forbidden?? Helping SC find something is a material change. > AFAIK, you can munge anything you wish in order to hide > references to yourself in a SPAM item. If the SPAMmer includes a > bogus URL of the form www.yourdomain.com I personally don't think > there is anything wrong with simply removing the entire reference. Removing references to yourself isn't the same thing as helping SC find something. > Are you sure you are not confusing this with the "no material > changes" rule? That only applies to cases where changing a > header item might cause SpamCop to misidentify the sender... Body changes are a problem as well - when they cause SC to find something it wouldn't have. There isn't an appropriate body change to help SC find this item we are talking about. Making a body change to exclude your own address is OK. Making a body change such as putting in an url isn't OK. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 2 12:44:52 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 15:45:08 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Spam Hater wrote: > Yes, I believe you are being too strict in your interpretation... > Material changes, as defined, are only those that will cause the > parser to change its mind about > who to report. Taking out spurious noise in the SPAM body shouldn't > cause any change in the parsers processing along those lines so it > shouldn't be considered a "material" change in my opinion... What you are arguing about, namely removing your name or address from the body isn't 'germane' to this discussion. We are talking about a condition in which the parser doesn't find the url which the reporter knows about and wants to notify for. You aren't talking about what /we/ are talking about. -- Mike Easter kibitzer, not SC admin From dkona7b02 at sneakemail.com Thu Dec 2 16:12:39 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Thu Dec 2 16:12:44 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags In-Reply-To: References: Message-ID: <3.0.5.32.20041202161239.01688008@loki.fstrf.org> First up, where do you see an argument??? The point I was making, in this ongoing discussion, is about munging. The usual use of munging is to remove or alter identifying references to yourself. According to the rules, this is perfectly acceptable. Taken a step further, I believe it can apply to any extra bits of nonsense the SPAMmer may have filled the SPAM with to try to confuse the reader (or the parser). As we constantly tell people, just about anything can be used to identify you, so why not extra HTML tags? I have seen SPAM with all sorts of extra bogus tags. When viewed normally, they just don't show up. If you try to look at the raw source, i.e.. if you are trying to track down the SPAMmer, then all the extra gibberish just confuses things and helps hide his tracks. I haven't seen SPAM like that since my company started filtering our mail, but back when I did, I ran a script on it to automagically remove all the nonsense before ever even submitting it. I wasn't doing so in an effort to force the parser to find something it shouldn't, just to make the SPAM legible so those getting the report would be better able to parse it themselves. I never once received a complaint from anyone that I had altered the original or that the parser had misidentified the culprits... At 12:44 PM 12/2/2004 -0800, Mike Easter typed: >What you are arguing about, namely removing your name or address from >the body isn't 'germane' to this discussion. We are talking about a >condition in which the parser doesn't find the url which the reporter >knows about and wants to notify for. > >You aren't talking about what /we/ are talking about. > >Spam Hater wrote: >> Yes, I believe you are being too strict in your interpretation... >> Material changes, as defined, are only those that will cause the >> parser to change its mind about >> who to report. Taking out spurious noise in the SPAM body shouldn't >> cause any change in the parsers processing along those lines so it >> shouldn't be considered a "material" change in my opinion... From nobody at spamcop.net Thu Dec 2 16:19:31 2004 From: nobody at spamcop.net (Pop) Date: Thu Dec 2 16:20:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: ... | | For whatever it's worth, the link *is* advertised on the main site: | http://www.lycos.de/ The link is to: http://www.lycos.de/makelovenotspam/ | but clicking on the link from there, you get a Flash popup. | | Dar | | WHERE? I searched the Main Site page's code, plus turned a crawler loose and neither turned up anything even close to that URL. Clicking on the URL gets nothing. I submit you're either trojanized, trolling, or lying or passing on info you haven't verified? What you see in the explorer bar isn't necessarily the actual site you are at, you know. Regards, Pop From A_No_Spam_Haumer at gmx.net Thu Dec 2 22:42:01 2004 From: A_No_Spam_Haumer at gmx.net (Anton Haumer) Date: Thu Dec 2 16:45:04 2004 Subject: [SpamCop-List] SC's Website Message-ID: <41AF8C29.791C9B94@gmx.net> What the hell is going on with www.spamcop.net ? Since today : my login (expires in one week) is forgotten after some submissions my preferred text size is forgotten from one visit to the next Problems with the website/system? Toni From pete at heypete.com Thu Dec 2 13:41:51 2004 From: pete at heypete.com (Pete Stephenson) Date: Thu Dec 2 16:45:08 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: In article , "Merlyn" wrote: > Old News: ...but still good news. :) -- Pete Stephenson HeyPete.com From Merlyn at Spamcop.net Thu Dec 2 16:45:37 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Thu Dec 2 16:50:03 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: "Pete Stephenson" wrote in message news:pete-7DE4D9.13415102122004@news.cesmail.net... > In article , > "Merlyn" wrote: > >> Old News: > > ...but still good news. :) > I agree Pete :-) Pete, I have some interesting info for ya!!!!!!!!! Should I use the support email or something else? -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From pete at heypete.com Thu Dec 2 13:47:49 2004 From: pete at heypete.com (Pete Stephenson) Date: Thu Dec 2 16:50:07 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: In article , "Pop" wrote: > WHERE? I searched the Main Site page's code, plus turned a > crawler loose and neither turned up anything even close to that > URL. http://www.lycos.co.uk/ mentions it, though the makelovenotspam.com website appears to be down. -- Pete Stephenson HeyPete.com From MikeE at ster.invalid Thu Dec 2 13:48:42 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 16:50:15 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: Spam Hater wrote: > First up, where do you see an argument??? 'We' were explaining to Thomas that there wasn't a way that he could change the spam's body content so that in the item being discussed, namely spamcop.net/sc?id=z698535436z3e5e148442ca867247174028607d3131z that the 'missing' link which he knows about from rendering, namely http://211.158.15.61/vb/ could be 'spamcop reported' in response to his original question: Thomas Bean wrote: > Is there any way to get SC to report > these sites without munging the message text (which is against SC > rules)? The very /first/ thing you said in a topposted reply to that above post of his was this: Spam Hater wrote: > Where did you see a rule that says munging the message text is > forbidden?? Which definitely looks like a discussion or disagreement with what he said. You are now trying to say that you weren't rebutting what he said, but starting a different subthread within the original thread in which your subthread is /really/ about mungeing or removing references to your own name or address. If you would post inline so that your remarks are directly underneath exactly what you are talking about, neither you nor the other posters who try to engage in a conversation with your and others will be confused. I think you got confused earlier because a thought came into your head and then you wanted to type it, and what you were typing and talking about wasn't the same thing as the rest of us were talking about. That is a very common problem with topposting and not trimming and contextualizing. If you want to say that I'm confused and you aren't, that's all right with me too; but in either case, topposting is contributing to the confusion condition. -- Mike Easter kibitzer, not SC admin From me at privacy.net Thu Dec 2 21:49:22 2004 From: me at privacy.net (Michael R N Dolbear) Date: Thu Dec 2 16:50:20 2004 Subject: [SpamCop-List] Easynet.co.uk null route a Trojaned DSL customer Message-ID: <01c4d8b7$6c15cf80$LocalHost@default> In reply to a spamcop complaint that dsl-212-135-217-67.dsl.easynet.co.uk (212.135.217.67) is an open proxy (Sat, Nov 27, 2004 at 03:52:46AM) Easynet Abuse Team replied 02 December 2004 00:49 This incident arose as a result of a machine on our customer's network having become compromised by a Trojan horse program, which then allowed unscrupulous bulk emailers to install an insecure open proxy server on the machine in question, without our customer's knowledge, authorisation or permission. ... All attempts to contact our customer concerning this incident having failed, we have now raised an Operations ticket with a request to null route the IP address concerned in order to disconnect it from the Internet and to put an end to the abuse. This will be actioned within the next few hours. The null route will not be removed until such time as our customer is able to assure us that the vulnerability has been secured. -- Mike D From michael.spamcop at michaellefevre.com Thu Dec 2 21:51:28 2004 From: michael.spamcop at michaellefevre.com (Michael Lefevre) Date: Thu Dec 2 16:55:02 2004 Subject: [SpamCop-List] Re: Why do people spam? References: Message-ID: Stewart Gordon wrote: > Michael Lefevre wrote: > >> I don't see how it's of benefit to everyone. Letting the spam through the >> first stage and then bouncing it means you're generating a large number of >> messages (which isn't nice for the receiving machine), and then sending >> them to forged addresses, which certainly isn't a benefit for the owners >> of the forged addresses. > > > It would address the bounce using an algorithm that tracks down the real > sender, rather than the standard 'just use the From header' approach. As far as I know, there isn't an algorithm that can find a working email address for the human being that was responsible for sending the spam. Spamcop is about as good as you can get in that direction, which is finding an address for someone responsible for the network which the real sender used - that's not the same thing, and it's not accurate enough to trust automatically in most cases. > I guess an alternative would be a system whereby the SMTP server calls > the police and then returns an error code after a while (or maybe even > leaves the operation to time out). I don't imagine any police would appreciate a computer phoning them up and giving an automated report of unauthorised computer access. It's a pretty hard task to get any police interested in far more serious computer crimes. -- Michael From SpamNScamsReporter# at gmail#.com# Thu Dec 2 14:06:04 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Thu Dec 2 17:10:02 2004 Subject: [SpamCop-List] Re: SC's Website In-Reply-To: <41AF8C29.791C9B94@gmx.net> References: <41AF8C29.791C9B94@gmx.net> Message-ID: Anton Haumer wrote: > What the hell is going on with www.spamcop.net ? > > Since today : > my login (expires in one week) is forgotten after some submissions > my preferred text size is forgotten from one visit to the next > > Problems with the website/system? > > Toni Check to see if you're accepting cookies from SC. Brian From dkona7b02 at sneakemail.com Thu Dec 2 17:10:41 2004 From: dkona7b02 at sneakemail.com (Spam Hater) Date: Thu Dec 2 17:10:47 2004 Subject: [SpamCop-List] Re: Easynet.co.uk null route a Trojaned DSL customer In-Reply-To: <01c4d8b7$6c15cf80$LocalHost@default> Message-ID: <3.0.5.32.20041202171041.0166ded0@loki.fstrf.org> It is always nice to see a responsible ISP in action... Something strikes me as a bit odd though. In the first paragraph they claim a Trojan horse took over the machine and did so "without our customer's knowledge, authorisation or permission." Yet first thing they admit in the second paragraph is that they have not been able to contact said customer... How can they claim the customer had no knowledge if they haven't even talked with them about it? Kudos to them if they actually follow through with the null routing! At 09:49 PM 12/2/2004 +0000, Michael R N Dolbear typed: >In reply to a spamcop complaint that >dsl-212-135-217-67.dsl.easynet.co.uk (212.135.217.67) is an open proxy >(Sat, Nov 27, 2004 at 03:52:46AM) > >Easynet Abuse Team replied 02 December 2004 00:49 > >This incident arose as a result of a machine on our customer's network >having become compromised by a Trojan horse program, which then allowed >unscrupulous bulk emailers to install an insecure open proxy server on >the machine in question, without our customer's knowledge, >authorisation or permission. >... >All attempts to contact our customer concerning this incident having >failed, we have now raised an Operations ticket with a request to >null route the IP address concerned in order to disconnect it from >the Internet and to put an end to the abuse. This will be actioned >within the next few hours. The null route will not be removed until >such time as our customer is able to assure us that the vulnerability >has been secured. From A_No_Spam_Haumer at gmx.net Thu Dec 2 23:23:09 2004 From: A_No_Spam_Haumer at gmx.net (Anton Haumer) Date: Thu Dec 2 17:25:04 2004 Subject: [SpamCop-List] Re: SC's Website References: <41AF8C29.791C9B94@gmx.net> Message-ID: <41AF95CD.D2DF94E9@gmx.net> Spam N Scams Reporter wrote: > > Anton Haumer wrote: > > What the hell is going on with www.spamcop.net ? > > > > Since today : > > my login (expires in one week) is forgotten after some submissions > > my preferred text size is forgotten from one visit to the next > > > > Problems with the website/system? > > > > Toni > > Check to see if you're accepting cookies from SC. > > Brian Yes I do accept cookies from SC, of course. Yesterday everthing worked fine. I didn't change anything. Today - strange behaviour ... Toni From pete at heypete.com Thu Dec 2 14:48:28 2004 From: pete at heypete.com (Pete Stephenson) Date: Thu Dec 2 17:50:03 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: In article , "Merlyn" wrote: > I agree Pete :-) > > Pete, I have some interesting info for ya!!!!!!!!! Oooh. :) > Should I use the support email or something else? pete@heypete.com has been, is, and likely will remain (as long as technically possible) valid. support@ and all the other @heypete.com address all forward to me. :-P -- Pete Stephenson HeyPete.com From nobody at spamcop.net Thu Dec 2 17:43:59 2004 From: nobody at spamcop.net (Ellen) Date: Thu Dec 2 18:05:02 2004 Subject: [SpamCop-List] Re: SC's Website References: <41AF8C29.791C9B94@gmx.net> <41AF95CD.D2DF94E9@gmx.net> Message-ID: -- "Anton Haumer" wrote in message news:41AF95CD.D2DF94E9@gmx.net... > > Yes I do accept cookies from SC, of course. > Yesterday everthing worked fine. > I didn't change anything. > Today - strange behaviour ... > > Toni Try deleting the cookie, closing the browser and then opening it and logging back in again. Ellen From Merlyn at Spamcop.net Thu Dec 2 18:14:15 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Thu Dec 2 18:15:02 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: Just sent! -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From mfkmek820 at yahoo.com Thu Dec 2 16:09:53 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Thu Dec 2 20:15:03 2004 Subject: [SpamCop-List] Re: SC Parser misses URLs w/ bogus embedded HTML tags References: Message-ID: "Spam Hater" wrote in message news:mailman.26.1102021965.4572.spamcop-list@news.spamcop.net... > First up, where do you see an argument??? > > The point I was making, in this ongoing discussion, is about munging. The > usual use of munging is to remove or alter identifying references to > yourself. > According to the rules, this is perfectly acceptable. Taken a step > further, > I believe it can apply to any extra bits of nonsense the SPAMmer may > have filled the SPAM with to try to confuse the reader (or the parser). As > we constantly tell people, just about anything can be used to identify > you, > so why not extra HTML tags? I have seen SPAM with all sorts of extra > bogus tags. When viewed normally, they just don't show up. If you try to > look at the raw source, i.e.. if you are trying to track down the SPAMmer, > then all the extra gibberish just confuses things and helps hide his > tracks. > I haven't seen SPAM like that since my company started filtering our mail, > but back when I did, I ran a script on it to automagically remove all the > nonsense before ever even submitting it. I wasn't doing so in an effort > to > force the parser to find something it shouldn't, just to make the SPAM > legible so those getting the report would be better able to parse it > themselves. I never once received a complaint from anyone that I had > altered the original or that the parser had misidentified the culprits... I am with you. I don't know why SC can't have a top-notch parser like you are talking about. Fred K From nobody at spamcop.net Thu Dec 2 19:37:36 2004 From: nobody at spamcop.net (Tom) Date: Thu Dec 2 20:40:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: <1ogvq0d1mo8tclhldi9feg38qmbpoitari@4ax.com> On Thu, 2 Dec 2004 09:57:28 -0000, Porpoise wrote: >> Is this another Trojan now on hundreds of thousands of computers???? >> >> Call me paranoid but something smells fishy here. > >Now, it's funny you should say that because I was starting towards a similar >conclusion........ I've gone all over the Lycos site, and there's no >reference to this screensaver whatsoever. AFAICS. A couple of things... First, this is not Lycos in the U.S. It is Lycos Europe and if they have various offices (i.e., Lycos in the UK, Lycos in Germany, etc.), then it may be up to each office as to whether they announced the tool on that site. Tom From nobody at spamcop.net Thu Dec 2 19:41:47 2004 From: nobody at spamcop.net (Tom) Date: Thu Dec 2 20:45:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: On Mon, 29 Nov 2004 03:51:40 -0000, me-no-no wrote: >Lycos users are to attack spammers My initial thoughts were that using something like this was akin to stooping to the same level as the spamvertisers. But, after reaching today's article in eweek*, I'm beginning to think this is more like Ratting on a Rat or Turning the Lights On. The legal issue remains - whether this is really legal or not - and until we see a court case allowing this to be used, I certainly am not going to employ it on any of my systems. But if it is declared legal, especially here in the United States, then I think this will prove to be one truly useful tool to use against spammers. *The bottom line that I drew from the article in eWeek was that the tool was taking down the sites it was hitting, but needed some fine tuning to get it to allow 5% bandwidth free... Of course, it may be that the straw for some of these sites is 10% and the 5% is still killing the site/server. From nobody at devnull.spamcop.net Fri Dec 3 10:56:51 2004 From: nobody at devnull.spamcop.net (Patto) Date: Thu Dec 2 21:00:03 2004 Subject: [SpamCop-List] Re: SC's Website In-Reply-To: <41AF8C29.791C9B94@gmx.net> References: <41AF8C29.791C9B94@gmx.net> Message-ID: Anton Haumer wrote: > What the hell is going on with www.spamcop.net ? > > Since today : I had to login, which was previously always done automatically. After that, when pasting spam to the website, I get this message *Please wait - subscribe to remove this delay*. What is this new gimmick? Trying to discourage users from using SC? From tmcgraw at spamcop.net Thu Dec 2 17:57:05 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Thu Dec 2 21:00:06 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: Tom wrote: > On Mon, 29 Nov 2004 03:51:40 -0000, me-no-no wrote: > >>Lycos users are to attack spammers > > > > The legal issue remains - whether this is really legal or not - and > until we see a court case allowing this to be used, I certainly am not > going to employ it on any of my systems. > > But if it is declared legal, especially here in the United States, > then I think this will prove to be one truly useful tool to use > against spammers. ...or a worthy competitor. From eatmy at grits.com Thu Dec 2 19:13:32 2004 From: eatmy at grits.com (Jeff) Date: Thu Dec 2 21:15:03 2004 Subject: [SpamCop-List] make love not spam Message-ID: Anybody see this yet? http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html From eatmy at grits.com Thu Dec 2 19:14:56 2004 From: eatmy at grits.com (Jeff) Date: Thu Dec 2 21:15:08 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Jeff" wrote in message news:cooi49$9e2$1@news.spamcop.net... > Anybody see this yet? > http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html OOPS! I guess so. It's under a different subject. sorry... From MikeE at ster.invalid Thu Dec 2 18:47:02 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 21:50:14 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: >> Anybody see this yet? >> http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html > > OOPS! I guess so. It's under a different subject. sorry... Actually, it is a pretty dynamic subject right now so there are going to be a lot of articles and commentary various places including multiple slashdot articles. Here's a recent quote from one of the many articles which arise on googlenews 'Lycos' search. "I would have to characterize it as an astonishingly stupid idea," said John Levine, co-chair of the Internet Research Task Force's Antispam Research Group. http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801,97990p2,00.html I think I like that quote the best so far, but I'm still looking for some more juicy ones. For individuals to surreptitiously pursue some kind of antispam vigilantism is one thing; then to promote that activity in antispam groups is another thing but not so 'good' or healthy; but for a 'corporate' entity to openly promote it and foster and pursue it is dumbsh*t, as we say in Texas and a few other 'opensource' language places. -- Mike Easter kibitzer, not SC admin From eatmy at grits.com Thu Dec 2 19:47:34 2004 From: eatmy at grits.com (Jeff) Date: Thu Dec 2 21:50:34 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Pop" wrote in message news:coki2q$jea$1@news.spamcop.net... > | > | > Looks like Lycos will do just about anything to get onto just one > more machine: They've got my support! From eatmy at grits.com Thu Dec 2 19:58:58 2004 From: eatmy at grits.com (Jeff) Date: Thu Dec 2 22:00:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Mike Easter" wrote in message news:cook38$aii$1@news.spamcop.net... > Actually, it is a pretty dynamic subject right now so there are going to > be a lot of articles and commentary various places including multiple > slashdot articles. > > Here's a recent quote from one of the many articles which arise on > googlenews 'Lycos' search. > > "I would have to characterize it as an astonishingly stupid idea," said > John Levine, co-chair of the Internet Research Task Force's Antispam > Research Group. > http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801 ,97990p2,00.html > > > I think I like that quote the best so far, but I'm still looking for > some more juicy ones. > > For individuals to surreptitiously pursue some kind of antispam > vigilantism is one thing; then to promote that activity in antispam > groups is another thing but not so 'good' or healthy; but for a > 'corporate' entity to openly promote it and foster and pursue it is > dumbsh*t, as we say in Texas and a few other 'opensource' language > places. > > -- > Mike Easter > kibitzer, not SC admin Well, I guess I'm incredibly stupid then. Since I'm such an idiot, I guess I might as well participate and download the screensaver. From MikeE at ster.invalid Thu Dec 2 19:18:08 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 22:20:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: > Well, I guess I'm incredibly stupid then. Since I'm such an idiot, I > guess I might as well participate and download the screensaver. There's been a lot of discussion about individual approaches, such as spamvampire; and SV fans [and similar] who choose to attack as vigilantes are 'on their own' as vigilantes typically are. Each vigilante strategy should consider hir own IP's 'mischief' and vulnerability. Some vigilantes are wise to be more surreptitious than open and attack via some kind of proxy; and while doing so, should be aware of any of their own abuses. That is, if you abuse from your own IP, then you can get into trouble with your provider. If you are going to be more cautious and abuse from some other proxified IP then you should be sure that you aren't abusing the proxy. That is, if you /care/ about who is being abused and whose ox is being gored -- or how to do proper 'risk management' for evil doing. Abuse isn't so simple as all of that. Don't be dumber than a spammer. -- Mike Easter kibitzer, not SC admin From pete at heypete.com Thu Dec 2 19:18:37 2004 From: pete at heypete.com (Pete Stephenson) Date: Thu Dec 2 22:20:09 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: In article , "Jeff" wrote: > Anybody see this yet? > http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html Yup. I still can't quite wrap my brain around how abuse of someone else's private property (and the abuse of the intervening network carriers) can be construed as "Make Love". Another, somewhat more technical, question I've been having relates to backbone carriers and datacenters. For instance, my site (heypete.com) is hosted at Hurricane Electric's Fremont, CA facility. Although it's only allocated 25Gb/month of transfer, it *is* on a burstable 100Mps port so that my site would continue to function normally if Slashdotted (though I might need to pay for the overage in traffic later). Pushing 95Mbps of data (somehow Lycos says they can throttle the attack so as to leave 5% of the site's available bandwidth left) is not a small event. Even being on a high-capacity switched network, it would certainly raise some alarms. Having multiple spammy sites (and it's rare to find major facilities that don't have at least one, even if they're nuked quickly) at one facility attracting the wrath of the Lycos MLNS system could cause significant slowdowns and network problems for other, perfectly legitimate sites who are also hosted there. This is unlikely, of course, but still possible. I think the concept is ethically flawed and is not good for the internet infrastructure. -- Pete Stephenson HeyPete.com From MikeE at ster.invalid Thu Dec 2 19:36:19 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 22:40:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Pete Stephenson wrote: > I think the concept is ethically flawed and is not good for the > internet infrastructure. Well put. The individual vigilante, 'me against that spamvertiser' who is careful to not do harm to some innocent, is on slightly more 'secure' ground or rather slippery or icy slope while using quality mountain climbing gear, of fighting abuse with abuse - 'because it's there'. The massive 'hanging crowd' mentality, prone to burn down towns, douse/drown witches, and all manner of unholy activities akin to hanging the accused, gets real nutsy -- and altho' the analogies fall apart somewhat in the application to the internet; all kinds of /other/ evildo start arising and unfolding. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 2 19:50:05 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 22:55:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Mike Easter wrote: > The individual vigilante, 'me against that spamvertiser' > The massive 'hanging crowd' mentality, Or, said another way, messing with the analogies... There's a lot of difference between the courageous individual well trained to climb mountains who risks life and limb to do so -- and the reckless feckless careening and stampeding crowd who kills others in some kind of insanely inspired 'sportsmanship' riot against the opposition. In between there, we have careless inept wannabe unskilled mountain climbers who cause loss of life to other human and animal mountain saviors, and 'harmless' noisy fans who only split the eardrums and spill beer on their neighbors. And all manner of harmless and harmful critters in between the extremes and the inbetweens. Somewhere there needs to be a good understanding of the responsibility and ramifications of any activity. Some people pick things up and pull the trigger with no concept of what they are holding. -- Mike Easter kibitzer, not SC admin From nobody at xyzzy.claranet.de Fri Dec 3 04:57:39 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Thu Dec 2 23:00:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41AEAE5D.46F1@xyzzy.claranet.de> Message-ID: <41AFE433.75F9@xyzzy.claranet.de> Porpoise wrote: > It should have been "you're". ;-) Half asleep. LOL. Otherwise if you're saying that SMTP AUTH is better than an open relay, then that's of course true, but hardly "new" - the OP was informed that SMTP AUTH is a "new" feature. There are other forms of user authentication like RADIUS or SMTP-after-POP. The latter has its drawbacks, but it's still possible to get it right even without SMTP AUTH. It's pure hype to say that SMTP AUTH is a "new" magic wand against spam. Bye, Frank From eatmy at grits.com Thu Dec 2 21:27:43 2004 From: eatmy at grits.com (Jeff) Date: Thu Dec 2 23:30:01 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Mike Easter" wrote in message news:coolti$bsi$1@news.spamcop.net... > > There's been a lot of discussion about individual approaches, such as > spamvampire; and SV fans [and similar] who choose to attack as > vigilantes are 'on their own' as vigilantes typically are. > > Each vigilante strategy should consider hir own IP's 'mischief' and > vulnerability. Some vigilantes are wise to be more surreptitious than > open and attack via some kind of proxy; and while doing so, should be > aware of any of their own abuses. > > That is, if you abuse from your own IP, then you can get into trouble > with your provider. If you are going to be more cautious and abuse from > some other proxified IP then you should be sure that you aren't abusing > the proxy. That is, if you /care/ about who is being abused and whose > ox is being gored -- or how to do proper 'risk management' for evil > doing. > > Abuse isn't so simple as all of that. Don't be dumber than a spammer. Wow, I'm stupid AND an abuser. I'm dumber than a spammer. I guess I can't get much dumber than that. If I were as smart as you, I'd leave the spammers alone. But I'm an idiot, so I might as well play the part and run the screensaver. I'm so STUPID! From mele at enia.net Thu Dec 2 23:41:42 2004 From: mele at enia.net (Melvin C. Etheridge) Date: Thu Dec 2 23:45:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Seems to be working.... http://news.com.com/Lycos+Europes+zombie+campaign+downs+two+sites/2100-7349_3-5474963.html "Jeff" wrote in message news:cookpg$b1e$1@news.spamcop.net... > > "Mike Easter" wrote in message > news:cook38$aii$1@news.spamcop.net... >> Actually, it is a pretty dynamic subject right now so there are going to >> be a lot of articles and commentary various places including multiple >> slashdot articles. >> >> Here's a recent quote from one of the many articles which arise on >> googlenews 'Lycos' search. >> >> "I would have to characterize it as an astonishingly stupid idea," said >> John Levine, co-chair of the Internet Research Task Force's Antispam >> Research Group. >> > http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801 > ,97990p2,00.html >> >> >> I think I like that quote the best so far, but I'm still looking for >> some more juicy ones. >> >> For individuals to surreptitiously pursue some kind of antispam >> vigilantism is one thing; then to promote that activity in antispam >> groups is another thing but not so 'good' or healthy; but for a >> 'corporate' entity to openly promote it and foster and pursue it is >> dumbsh*t, as we say in Texas and a few other 'opensource' language >> places. >> >> -- >> Mike Easter >> kibitzer, not SC admin > > Well, I guess I'm incredibly stupid then. Since I'm such an idiot, I > guess > I might as well participate and download the screensaver. > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.804 / Virus Database: 546 - Release Date: 11/30/2004 From MikeE at ster.invalid Thu Dec 2 20:48:50 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 2 23:50:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: > Wow, I'm stupid AND an abuser. I'm dumber than a spammer. I guess I > can't get much dumber than that. If I were as smart as you, I'd > leave the spammers alone. But I'm an idiot, so I might as well play > the part and run the screensaver. I'm so STUPID! You invite commentary on an article and a behvior and then overreact about anything negative said about it. There are probably a lot of different kinds of adjectives for all of that, but it looks like you are choosing your own, so go for it. I was trying to provide some cautions about your own vulnerabilities in that approach as well as the negative philosophical considerations. Your debating style of hyperbole and exaggeration coupled with an imaginary strawman of nonexistent ad hominem attack isn't very convincing or persuasive to me If you think I'm supposed to say that I haven't called you an idiot or stupid or an abuser or dumb yet, you are correct. I haven't yet. -- Mike Easter kibitzer, not SC admin From mele at enia.net Thu Dec 2 23:50:32 2004 From: mele at enia.net (Melvin C. Etheridge) Date: Thu Dec 2 23:55:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: or maybe not...... http://www.fool.com/News/mft/2004/mft04120213.htm "Melvin C. Etheridge" wrote in message news:cooqqb$f2a$1@news.spamcop.net... > Seems to be working.... > > http://news.com.com/Lycos+Europes+zombie+campaign+downs+two+sites/2100-7349_3-5474963.html > > > "Jeff" wrote in message > news:cookpg$b1e$1@news.spamcop.net... >> >> "Mike Easter" wrote in message >> news:cook38$aii$1@news.spamcop.net... >>> Actually, it is a pretty dynamic subject right now so there are going to >>> be a lot of articles and commentary various places including multiple >>> slashdot articles. >>> >>> Here's a recent quote from one of the many articles which arise on >>> googlenews 'Lycos' search. >>> >>> "I would have to characterize it as an astonishingly stupid idea," said >>> John Levine, co-chair of the Internet Research Task Force's Antispam >>> Research Group. >>> >> http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801 >> ,97990p2,00.html >>> >>> >>> I think I like that quote the best so far, but I'm still looking for >>> some more juicy ones. >>> >>> For individuals to surreptitiously pursue some kind of antispam >>> vigilantism is one thing; then to promote that activity in antispam >>> groups is another thing but not so 'good' or healthy; but for a >>> 'corporate' entity to openly promote it and foster and pursue it is >>> dumbsh*t, as we say in Texas and a few other 'opensource' language >>> places. >>> >>> -- >>> Mike Easter >>> kibitzer, not SC admin >> >> Well, I guess I'm incredibly stupid then. Since I'm such an idiot, I >> guess >> I might as well participate and download the screensaver. >> >> > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.804 / Virus Database: 546 - Release Date: 11/30/2004 > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.804 / Virus Database: 546 - Release Date: 11/30/2004 From eatmy at grits.com Thu Dec 2 22:12:43 2004 From: eatmy at grits.com (Jeff) Date: Fri Dec 3 00:15:50 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Mike Easter" wrote in message news:coor7k$f9c$1@news.spamcop.net... > > You invite commentary on an article and a behvior and then overreact > about anything negative said about it. There are probably a lot of > different kinds of adjectives for all of that, but it looks like you are > choosing your own, so go for it. I was trying to provide some cautions > about your own vulnerabilities in that approach as well as the negative > philosophical considerations. Thank you. I and the rest of the intellectually bankrupt vigilantes appreciate your philanthropy. May the blessings of the wealthy spammers be upon you. > > Your debating style of hyperbole and exaggeration coupled with an > imaginary strawman of nonexistent ad hominem attack isn't very > convincing or persuasive to me Probably because you're so much smarter than I am. > > If you think I'm supposed to say that I haven't called you an idiot or > stupid or an abuser or dumb yet, you are correct. I haven't yet. How could I ever think such a thing? WOW, I must be even stupider than I realized. Perhaps if I run that screensaver on every computer I have access to, I might be able to purge all that stupidity out of my system and return to the path tolerance and acceptance. I need strength and guidance. PLEASE HELP ME! From MikeE at ster.invalid Thu Dec 2 21:32:01 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 00:35:04 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: > I need > strength and guidance. PLEASE HELP ME! Okay. I recommend that you divest yourself of the Lycos strategy, which is going to have a lot of problems, eg those put forth in the previous post by Melvin. http://www.fool.com/News/mft/2004/mft04120213.htm Lycos' Love Leashed "the black holes are: (1) preventing users from accessing the MLNS download site and (2) preventing MLNS from working even if it has been downloaded and installed successfully. The black holes will accomplish the latter by cutting MLNS off from its source of information about the URLs it's supposed to be counterattacking -- effectively blinding the program so that it cannot see whom it is supposed to be "shooting" at. In other words, Lycos Europe's users can install the MLNS screen saver -- but it will not actually do anything for them or anything against suspected spammers." Then, if you are deadset on vigilantism, go visit the SpamVampire site... http://www.hillscapital.com/antispam/ : What is SpamVampire? ... but you should also do some reading about it. I recommend putting 'spamvampire' into google and reading the articles in nanae. Here's one From: (Vernon Schryver) Newsgroups: news.admin.net-abuse.email Date: Thu, 28 Oct 2004 18:19:04 -0600 (MDT) Message-ID: news:cls29o$1blq$1@calcite.rhyolite.com or http://snipurl.com/b299 There are far far better forms of vigilantism and spamfighting than lycos screensaver or spamvampire or its siblings' abuse. Why don't you get into teergrubing/honeypotting instead? How about jackpot? http://jackpot.uk.net/ Jackpot Mailswerver -- Mike Easter kibitzer, not SC admin From eatmy at grits.com Thu Dec 2 22:58:23 2004 From: eatmy at grits.com (Jeff) Date: Fri Dec 3 01:00:38 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Mike Easter" wrote in message news:cootoi$h0j$1@news.spamcop.net... > Why don't you get into teergrubing/honeypotting instead? How about > jackpot? Because I'm STUPID!!!! That other stuff requires more brains than I have. The screensaver is simple and PERFECT for stupid people like me. It runs itself! From nobody at devnull.spamcop.net Fri Dec 3 15:18:19 2004 From: nobody at devnull.spamcop.net (Patto) Date: Fri Dec 3 01:20:19 2004 Subject: [SpamCop-List] Re: Rolex Replica SPAM In-Reply-To: References: Message-ID: Patto wrote: > ... > The hoster is Intelig Telecomunicacoes (http://www.intelignet.com.br/), > owned by Holdco Participacoes, owned by JVCO Participacoes, owned by > Telecom Entity Participacoes, owned by Sprint International Holding. > Talk about bulletproof hosting... Well, maybe it wasn't *that* bulletproof - http://www.onlinereplicastore.com/ has moved to China [219.138.7.171]. From MikeE at ster.invalid Thu Dec 2 22:21:24 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 01:25:04 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: > "Mike Easter" >> Why don't you get into teergrubing/honeypotting instead? How about >> jackpot? > > Because I'm STUPID!!!! That other stuff requires more brains than I > have. The screensaver is simple and PERFECT for stupid people like > me. It runs itself! Ah, so. The psychology of lemminghood! I'm beginning to understand. Let me look around. "They will even deny that which they see with their own eyes. They are victims of a psychological affliction known as 'the lemming effect.' Lemmings are small rodents who have been known to follow each other as they charge to their deaths into raging rivers or off of cliffs. Cyclical explosions in population do occasionally induce lemmings to attempt to migrate to areas of lesser population density. When such a migration occurs, some lemmings die by falling over cliffs or drowning in lakes or rivers. These deaths are not deliberate "suicide" attempts, however, but accidental deaths resulting from the lemmings' venturing into unfamiliar territories and being crowded and pushed over dangerous ledges. In fact, when the competition for food, space, or mates becomes too intense, lemmings are much more likely to kill each other than to kill themselves. Just because it is easier to be a lemming rushing toward the cliff than to look around and find some food or a nice-looking lady lemming doesn't mean that cliffjumping is really a good idea. -- Mike Easter kibitzer, not SC admin From nobody at spamcop.net Thu Dec 2 22:33:26 2004 From: nobody at spamcop.net (Dar) Date: Fri Dec 3 01:35:04 2004 Subject: [SpamCop-List] Message Body - What to block? Message-ID: See same subject in spam. I give up -- I can find nothing in the message body to block. I can, using ">t" or "p>", cause the message to go to spam@, instead of the client, but there's nothing I can find to be filtered and deleted in Outlook Express either -- for fear of losing valid email. ameritech is not the only culprit, so it does no good to block the IP. Any ideas? Dar From pete at heypete.com Thu Dec 2 22:35:43 2004 From: pete at heypete.com (Pete Stephenson) Date: Fri Dec 3 01:40:05 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: In article , "Mike Easter" wrote: > For individuals to surreptitiously pursue some kind of antispam > vigilantism is one thing; then to promote that activity in antispam > groups is another thing but not so 'good' or healthy; but for a > 'corporate' entity to openly promote it and foster and pursue it is > dumbsh*t, as we say in Texas and a few other 'opensource' language > places. Considering there are no "authorities" on the internet, there cannot be vigilantes. Lycos is more than welcome to DDoS systems on their own network. I can throw 100Mbps of data around on my LAN at home and cripple any system here. My property, my rules. This is the same logic and moral high ground used by anti-spammers -- they are defending their own systems and email boxes through both passive (DNSbl, filtering, etc.) and active (reporting to ISPs) means. Note that the active means do not counter abuse with abuse. It's one thing to complain to a person in authority about spam. It's similar to take local actions such as using DNSbls, filtering, blocking IP addresses, etc. to protect one's own system. It's completely another thing to abuse someone else's system, no matter what the content or reasoning. -- Pete Stephenson HeyPete.com From A_No_Spam_Haumer at gmx.net Fri Dec 3 08:04:43 2004 From: A_No_Spam_Haumer at gmx.net (Anton Haumer) Date: Fri Dec 3 02:05:04 2004 Subject: [SpamCop-List] Re: SC's Website References: <41AF8C29.791C9B94@gmx.net> <41AF95CD.D2DF94E9@gmx.net> Message-ID: <41B0100B.DA6E7355@gmx.net> Ellen schrieb: > > -- > > "Anton Haumer" wrote in message > news:41AF95CD.D2DF94E9@gmx.net... > > > > Yes I do accept cookies from SC, of course. > > Yesterday everthing worked fine. > > I didn't change anything. > > Today - strange behaviour ... > > > > Toni > > Try deleting the cookie, closing the browser and then opening it and logging > back in again. > > Ellen Thanks Ellen I did so -> same as before. Fortunately after a restart -> normal behaviour! Toni From MikeE at ster.invalid Thu Dec 2 23:16:13 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 02:20:04 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: Dar wrote: > See same subject in spam. > > I give up -- I can find nothing in the message body to block. > I can, using ">t" or "p>", cause the message to go to spam@, instead > of the client, but there's nothing I can find to be filtered and > deleted in Outlook Express either -- for fear of losing valid email. > > ameritech is not the only culprit, so it does no good to block the IP. > > Any ideas? I don't much like to work on message bodies. I would rather tighten up my sources or something. What are we talking about here? Are you using something like SA or SP that can do regexp or what? SA would have some kind of special rule for that weird html. Just as an offhand observation, it is supposed to be multipart alternative and it is txt/html, but I'm sure that SA has some kind of specialty rules for that crazy construction. I can't do anything smart with the source: Abbreviated Received lines *comment from cox-internet.com (adsl-68-72-171-128.dsl.chcgil.ameritech.net [68.72.171.128]) by dar2.robust.net *sourceline from ([106.76.194.226]) by sdl1-s68.nmqhshsxcw@cox-internet.com *bogusline from ([34.120.25.106]) by make.nmqhshsxcw@cox-internet.com *bogusline >From a human point of view, right away you know when there is such a bogus helo, that nothing else is going to be good. Someone should make a filter about /that/. 68.72.171.128 rDNS adsl-68-72-171-128.dsl.chcgil.ameritech.net listed in sorbs, psbl, moensted, njabl, and others for dynamic If you are a server, it should be easy enough to catch it coming in because of the dynamic source; if you are an enduser using something like SpamPal, you have to be careful about finding a dynamic in the headers. -- Mike Easter kibitzer, not SC admin From richard at zuidhofRemove.nl Fri Dec 3 14:05:44 2004 From: richard at zuidhofRemove.nl (Richard Zuidhof) Date: Fri Dec 3 08:10:04 2004 Subject: [SpamCop-List] Re: Message Body - What to block? In-Reply-To: References: Message-ID: Dar wrote: > See same subject in spam. > > I give up -- I can find nothing in the message body to block. > I can, using ">t" or "p>", cause the message to go to spam@, instead > of the client, but there's nothing I can find to be filtered and > deleted in Outlook Express either -- for fear of losing valid email. > > ameritech is not the only culprit, so it does no good to block the IP. Try filtering mails containing urls that have their domains listed at multi.surbl.org (See www.surbl.org). Richard From fred558 at bobames.com Fri Dec 3 14:17:13 2004 From: fred558 at bobames.com (Bob Ames) Date: Fri Dec 3 08:20:02 2004 Subject: [SpamCop-List] BBCNEWS: Freeze on anti-spam campaign Message-ID: Lycos apparently has stopped with the origanized Vampiring. Or at least is no longer allowing new downloads of the Vampire software... It's only a matter of time now... Big surprise, it turns out that Vampiring is Not A Good Thing After All(tm). :-) http://news.bbc.co.uk/1/hi/technology/4065751.stm -- Bob Ames - Use bob at this domain to reach me "Reporting spam is a long term solution, not a way to get rid of spam for yourself." Miss Betsy, Regular SpamCop.net User DO NOT send any Email to From MikeE at ster.invalid Fri Dec 3 05:24:10 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 08:25:03 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: Richard Zuidhof wrote: > Dar wrote: >> See same subject in spam. >> >> I give up -- I can find nothing in the message body to block. >> I can, using ">t" or "p>", cause the message to go to spam@, instead >> of the client, but there's nothing I can find to be filtered and >> deleted in Outlook Express either -- for fear of losing valid email. >> >> ameritech is not the only culprit, so it does no good to block the >> IP. > > Try filtering mails containing urls that have their domains listed at > multi.surbl.org (See www.surbl.org). I don't think the link www.excutivemforbasforexp.biz can be found in there without rendering it. Something is screwed up about that anyway; it doesn't resolve and it isn't registered at neulevel. -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Fri Dec 3 09:39:40 2004 From: nobody at devnull.spamcop.net (Sofa King Tyred of Lar Ting) Date: Fri Dec 3 09:40:02 2004 Subject: [SpamCop-List] Re: BBCNEWS: Freeze on anti-spam campaign In-Reply-To: References: Message-ID: Bob Ames wrote: > > Lycos apparently has stopped with the origanized Vampiring. > Here's another link from the page you cited that shows the effects (calls it a DDoS!): http://news.netcraft.com/archives/2004/12/01/spam_sites_crippled_by_lycos_screensaver_ddos.html From porpoise1954 at yahoo.co.uk Fri Dec 3 15:11:07 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 3 10:15:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41AEAE5D.46F1@xyzzy.claranet.de> <41AFE433.75F9@xyzzy.claranet.de> Message-ID: "Frank Ellermann" wrote in message news:41AFE433.75F9@xyzzy.claranet.de... > Porpoise wrote: > >> It should have been "you're". ;-) Half asleep. > > LOL. Otherwise if you're saying that SMTP AUTH is better than > an open relay, then that's of course true, but hardly "new" - > the OP was informed that SMTP AUTH is a "new" feature. > > There are other forms of user authentication like RADIUS or > SMTP-after-POP. The latter has its drawbacks, but it's still > possible to get it right even without SMTP AUTH. It's pure > hype to say that SMTP AUTH is a "new" magic wand against spam. Ahh..... I see.... I think we're basically in agreement here. I was kinda making the point that it was nothing new too.... We've had it here as long as I can remember. I don't think any *one* thing is going to provide all the answers, but the more holes that can be filled, the fewer opportunitites for abuse.. :) From puoti at inwind.it Fri Dec 3 18:14:56 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Fri Dec 3 12:20:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: You can get the client from http://www003.portalis.it/115/download/MLNS_screensaver_en.exe The backed server is off-line, but you can get the screen saver in the mean time. From puoti at inwind.it Fri Dec 3 18:18:32 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Fri Dec 3 12:20:07 2004 Subject: [SpamCop-List] Re: BBCNEWS: Freeze on anti-spam campaign In-Reply-To: References: Message-ID: > Or at least is no longer allowing new downloads of the Vampire > software... It's only a matter of time now... Big surprise, > it turns out that Vampiring is Not A Good Thing After All(tm). > :-) my spamvampire http://www003.portalis.it/115/SpamVampire.html download link for lycos software http://www003.portalis.it/115/download/MLNS_screensaver_en.exe I bet no spammer will get my site down :) Ivan. From puoti at inwind.it Fri Dec 3 18:28:50 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Fri Dec 3 12:30:03 2004 Subject: [SpamCop-List] Re: BBCNEWS: Freeze on anti-spam campaign In-Reply-To: References: Message-ID: > http://www003.portalis.it/115/download/MLNS_screensaver_en.exe Updated link: http://www003.portalis.it/115/download/MLNS_screensaver_en.zip Ivan. From puoti at inwind.it Fri Dec 3 18:31:26 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Fri Dec 3 12:35:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: > http://www003.portalis.it/115/download/MLNS_screensaver_en.exe Updates link: http://www003.portalis.it/115/download/MLNS_screensaver_en.zip From PossumTrot at dont.spam.me Fri Dec 3 09:43:45 2004 From: PossumTrot at dont.spam.me (Possum Trot) Date: Fri Dec 3 12:50:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Ellen, and all, The article says that the targets for the attack are obtained from SPAMCOP.COM, not our SPAMCOP.NET. "Ellen" wrote in message news:conju8$i8p$1@news.spamcop.net... > > "Spam Hater" wrote in message > news:mailman.23.1102002215.4572.spamcop-list@news.spamcop.net... >> What I am wondering is which sites are on the attack list?? The article >> I >> read mentioned SpamCop as the source, but SpamCop only lists email >> injection sites, not SPAMvertisers... So, does that mean the screen >> saver >> is going after all the zombie boxes that are spewing out the SPAM itself >> or do they have access to some hidden list of SPAMvertisers that we >> report? >> From David1 at suescornerweb.com Fri Dec 3 12:54:20 2004 From: David1 at suescornerweb.com (David 1) Date: Fri Dec 3 12:55:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: > > "Ellen" wrote in message > news:conju8$i8p$1@news.spamcop.net... > >>"Spam Hater" wrote in message >>news:mailman.23.1102002215.4572.spamcop-list@news.spamcop.net... >> >>>What I am wondering is which sites are on the attack list?? The article >>>I >>>read mentioned SpamCop as the source, but SpamCop only lists email >>>injection sites, not SPAMvertisers... So, does that mean the screen >>>saver >>>is going after all the zombie boxes that are spewing out the SPAM itself >>>or do they have access to some hidden list of SPAMvertisers that we >>>report? >>> > > > Possum Trot wrote: > Ellen, and all, > > The article says that the targets for the attack are obtained from > SPAMCOP.COM, not our SPAMCOP.NET. > Humm, I thought that .net & .com spamcop were one & the same. David 1 From nobody at spamcop.net Fri Dec 3 10:45:52 2004 From: nobody at spamcop.net (Dar) Date: Fri Dec 3 13:50:03 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: > What are we talking about here? Are you using something like SA or SP > that can do regexp or what? I can block by domain and/or IP. joinemailoffers.info and/or 204.9.23.82, for example. Many domains/IPs I can't block for obvious reasons, comcast, earthlink, AOL, etc., but I can block by subject or message body. Blocking by domain/IP means the spam never makes it any further. Blocking by subject/message body means it goes to a spam email address and those, I must monitor manually. When I check spam email, I have IE filters in place which deletes two thirds of it. The above applies to all users on all servers. In the case of Ameritech, I tend to not block IP for fear of valid email not getting through. Dar From nobody at spamcop.net Fri Dec 3 10:49:30 2004 From: nobody at spamcop.net (Dar) Date: Fri Dec 3 13:50:08 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: > > What are we talking about here? Are you using something like SA or SP > > that can do regexp or what? > > I can block by domain and/or IP. > > joinemailoffers.info and/or 204.9.23.82, for example. > > Many domains/IPs I can't block for obvious reasons, comcast, > earthlink, AOL, etc., but I can block by subject or message body. > > Blocking by domain/IP means the spam never makes it any further. > > Blocking by subject/message body means it goes to a spam email > address and those, I must monitor manually. When I check spam > email, I have IE filters in place which deletes two thirds of it. > > The above applies to all users on all servers. > > In the case of Ameritech, I tend to not block IP for fear of > valid email not getting through. > > Dar P.S. In the case of this particular email, I blocked ">t" and "p>" which causes it to go to spam for monitoring. I believe I must learn to live with it and be satisfied with the fact it isn't making it to my clients. I think I simply wanted to vent in that the number of spams like this are increasing. From Merlyn at Spamcop.net Fri Dec 3 14:01:47 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Fri Dec 3 14:05:03 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: "Dar" wrote in message news:coqcg0$d16$1@news.spamcop.net... >> > What are we talking about here? Are you using something like SA or SP >> > that can do regexp or what? >> >> I can block by domain and/or IP. >> >> joinemailoffers.info and/or 204.9.23.82, for example. >> >> Many domains/IPs I can't block for obvious reasons, comcast, >> earthlink, AOL, etc., but I can block by subject or message body. >> >> Blocking by domain/IP means the spam never makes it any further. >> >> Blocking by subject/message body means it goes to a spam email >> address and those, I must monitor manually. When I check spam >> email, I have IE filters in place which deletes two thirds of it. >> >> The above applies to all users on all servers. >> >> In the case of Ameritech, I tend to not block IP for fear of >> valid email not getting through. >> >> Dar > > P.S. In the case of this particular email, I blocked ">t" and "p>" > which causes it to go to spam for monitoring. > > I believe I must learn to live with it and be satisfied with the > fact it isn't making it to my clients. I think I simply wanted to > vent in that the number of spams like this are increasing. > Don't you have the option to tag only using blocklists then you can redirect to a special folder using the tag. -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From nobody at spamcop.net Fri Dec 3 11:07:13 2004 From: nobody at spamcop.net (Dar) Date: Fri Dec 3 14:10:02 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: > >> > What are we talking about here? Are you using something like SA or SP > >> > that can do regexp or what? > >> > >> I can block by domain and/or IP. > >> > >> joinemailoffers.info and/or 204.9.23.82, for example. > >> > >> Many domains/IPs I can't block for obvious reasons, comcast, > >> earthlink, AOL, etc., but I can block by subject or message body. > >> > >> Blocking by domain/IP means the spam never makes it any further. > >> > >> Blocking by subject/message body means it goes to a spam email > >> address and those, I must monitor manually. When I check spam > >> email, I have IE filters in place which deletes two thirds of it. > >> > >> The above applies to all users on all servers. > >> > >> In the case of Ameritech, I tend to not block IP for fear of > >> valid email not getting through. > >> > >> Dar > > > > P.S. In the case of this particular email, I blocked ">t" and "p>" > > which causes it to go to spam for monitoring. > > > > I believe I must learn to live with it and be satisfied with the > > fact it isn't making it to my clients. I think I simply wanted to > > vent in that the number of spams like this are increasing. > > > > Don't you have the option to tag only using blocklists then you can redirect > to a special folder using the tag. > > -- > > Regards, > Merlyn > > A Spamcop advocate > No emails this account is for newsgroups only > People demand freedom of speech to make up for the freedom of thought which > they avoided On the Windows servers, yes. On the UNIX servers, no. From tdy at blackhole.invalid Fri Dec 3 11:56:21 2004 From: tdy at blackhole.invalid (N. Miller) Date: Fri Dec 3 15:00:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: In article , Porpoise says... > "N. Miller" wrote in message > news:MPG.1c17c3a7d5adcdf7989779@news.spamcop.net... > > In article , Porpoise says... > >> "Kenneth Brody" wrote in message > >> news:41ADDEF3.72A3EDA0@spamcop.net... > >> > Berny wrote: > > Not exactly the point. It is entirely possible to authenticate to an SMTP > > server without that server displaying your email address. As an SBC Yahoo! > > DSL Service customer I have a choice of SMTP AUTH servers. I don't use the > > normal "smtp.pacbell.yahoo.com" server precisely because it reveals my > > username. I use "smtpauth.flash.net" instead. The relevant header line > > looks like this: > >> Received: from aosake.net (dialup-4.246.21.159.Dial1.SanJose1.Level3.net > >> [4.246.21.159]) > >> (authenticated bits=0) > >> by ylpvm25.prodigy.net (8.12.10 auth mps linux/8.12.10) with ESMTP id > >> iB1JgprC029681; > >> Wed, 1 Dec 2004 14:42:54 -0500 > So, if (for some reason) you were to send me an email, are you saying I > wouldn't be able to determine who it was from? Of course you can determine "who it is from". Assuming that you know that I use an email address in the aosake.net domain, what does it matter that it came from an SBC authenticated server in the prodigy.net domain? > If that were the case, I > wouldn't accept it - which brings me back to my previous point: I (and I > suspect *most* people) want to *know* who an email is from before I'm going > to accept/read it. The whole *point* of it is to prevent people from using > aliases.... or other people just using the server even though they're not > legitimate users. No person who isn't authorized to use an SMTP AUTH server is able to, unless the server security is poor. The sole purpose of SMTP AUTH is to ensure that the person using the server is authorized to use the server. In most cases (barring a password crack; MSFT servers are prone to this, especially) the person using an SMTP AUTH server is a legitimate user of that server. If you want to know who the sender is before accepting the email, set up a "white list", and only accept email from people whom you know. An email address is, necessarily, an "alias". Unless you were lucky enough to be the first on your block to put your actual name on an email address. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From tdy at blackhole.invalid Fri Dec 3 12:09:01 2004 From: tdy at blackhole.invalid (N. Miller) Date: Fri Dec 3 15:10:02 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41AEAE5D.46F1@xyzzy.claranet.de> Message-ID: In article <41AEAE5D.46F1@xyzzy.claranet.de>, Frank Ellermann says... > I've just lost an account with SMTP-after-POP _and_ "enforced > submission rights". Bad for me, because my old MUA does not > support SMTP AUTH. Bad for the world at large, because I'm > now using another account with another MUA with SMTP AUTH but > _without_ "enforced submission rights": > Of course I screwed up and sent MAIL FROM: via > this provider. They accepted it, but it was forged, my real > address at this provider is different. With the old account > that was impossible, they rejected it. > In other words, SMTP AUTH alone is almost useless. Ah. I think I see what you want. You want the domain name of the sender to match the domain name of the user. IOW, you don't want me to use "smtp.pacbell.yahoo.com" to send email from my "pacbell.net" email account because "pacbell.net" is not the same as "yahoo.com". Never mind that SBC owns the "pacbell.net" domain, and has a contract with Yahoo! to supply SMTP email service to their "pacbell.net" domain customers; if I send email from my "pacbell.net" account, it MUST use a "pacbell.net" domain SMTP server from a "pacbell.net" IP address. Plays havoc SBC customers because some will use SMTP servers in the "prodigy.net" domain (any SBC "pacbell.net" account, that hasn't migrated to the SBC Yahoo! system will have email going through "prodigy.net" SMTP servers), others (who have migrated) will have email going through "yahoo.com" server, which are located in Yahoo! ISP space. Or something like that. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From tdy at blackhole.invalid Fri Dec 3 12:12:01 2004 From: tdy at blackhole.invalid (N. Miller) Date: Fri Dec 3 15:15:02 2004 Subject: [SpamCop-List] Re: SC's Website References: <41AF8C29.791C9B94@gmx.net> Message-ID: In article , Patto says... > Anton Haumer wrote: > > What the hell is going on with www.spamcop.net ? > > Since today : > I had to login, which was previously always done automatically. After > that, when pasting spam to the website, I get this message *Please wait > - subscribe to remove this delay*. > What is this new gimmick? Trying to discourage users from using SC? I am an SC user, and I always get the "subscribe to remove this delay" message. I always assumed that meant, "pay". So this is a problem with the paid accounts? -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From tdy at blackhole.invalid Fri Dec 3 12:29:18 2004 From: tdy at blackhole.invalid (N. Miller) Date: Fri Dec 3 15:30:05 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: In article , Melvin C. Etheridge says... > "Jeff" wrote in message > news:cookpg$b1e$1@news.spamcop.net... > > "Mike Easter" wrote in message > > news:cook38$aii$1@news.spamcop.net... > >> For individuals to surreptitiously pursue some kind of antispam > >> vigilantism is one thing; then to promote that activity in antispam > >> groups is another thing but not so 'good' or healthy; but for a > >> 'corporate' entity to openly promote it and foster and pursue it is > >> dumbsh*t, as we say in Texas and a few other 'opensource' language > >> places. > > Well, I guess I'm incredibly stupid then. Since I'm such an idiot, I > > guess I might as well participate and download the screensaver. > Seems to be working.... > http://news.com.com/Lycos+Europes+zombie+campaign+downs+two+sites/2100-7349_3-5474963.html Spamvertised sites come and go. Some spammers burn through domains like a kid burns through his Halloween candy. Lycos hasn't done squat to stop the spammers because they change domains more often than Imelda Marcos changed shoes. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From MikeE at ster.invalid Fri Dec 3 12:34:41 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 15:35:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Possum Trot wrote: > The article says that the targets for the attack are obtained from > SPAMCOP.COM, not our SPAMCOP.NET. That has to be an error. Spamcop.com doesn't have anything to do with spamvertised site publication. I also suspect that Lycos.uk didn't get it 'directly' from spamcop.net stats page either, but instead used the sc.surbl list, and then subselected from that, if they were 'overseeing' and choosing the targets which they had visited. -- Mike Easter kibitzer, not SC admin From nobody at spamcop.net Fri Dec 3 15:39:15 2004 From: nobody at spamcop.net (Ellen) Date: Fri Dec 3 15:40:04 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Possum Trot" wrote in message news:coq8r7$ap3$1@news.spamcop.net... > Ellen, and all, > > The article says that the targets for the attack are obtained from > SPAMCOP.COM, not our SPAMCOP.NET. > > Net and com are completely different -- we are net and have nothing to do with com. Ellen From e.schrama_NOSPAM at NOSPAM_hccnet.nl Fri Dec 3 21:38:40 2004 From: e.schrama_NOSPAM at NOSPAM_hccnet.nl (geo_splash_12) Date: Fri Dec 3 15:40:12 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: Jeff wrote: > Anybody see this yet? > http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html > > Lycos' screensaver attacking websites that generate spew is like poking a 600 pound Grizzly bear sleeping in your backyard with a pointy stick. Not a very smart idea. From tdy at blackhole.invalid Fri Dec 3 12:49:18 2004 From: tdy at blackhole.invalid (N. Miller) Date: Fri Dec 3 15:50:03 2004 Subject: [SpamCop-List] Re: Message Body - What to block? References: Message-ID: In article , Dar says... > > What are we talking about here? Are you using something like SA or SP > > that can do regexp or what? > I can block by domain and/or IP. > joinemailoffers.info and/or 204.9.23.82, for example. > Many domains/IPs I can't block for obvious reasons, comcast, > earthlink, AOL, etc., but I can block by subject or message body. > Blocking by domain/IP means the spam never makes it any further. > Blocking by subject/message body means it goes to a spam email > address and those, I must monitor manually. When I check spam > email, I have IE filters in place which deletes two thirds of it. > The above applies to all users on all servers. > In the case of Ameritech, I tend to not block IP for fear of > valid email not getting through. You are running servers, and accept port 25 connections from SBC users? You may need to change your system. SBC (which includes the ameritech.net domain) has announced port 25 blocking for their customers. Currently only in effect in the swbell.net region (Houston, I believe), and the pacbell.net region (San Luis Obispo, CA), it likely will be extended to all of the SBC domains, including ameritech.net. If you are accepting port 25 email submissions, I recommend looking at RFC 2476, and setting up email submission on port 587 for those of your users whose ISPs implement port 25 blocks. Port 25 blocking is becoming more widespread now that SBC has joined Comcast in the practice. (Yes, I realize that Comcast has not implemented a blanket block; but they do impose blocks on some accounts.) -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From dfm2a3l0t2 at spymac.com Fri Dec 3 18:01:10 2004 From: dfm2a3l0t2 at spymac.com (D.F. Manno) Date: Fri Dec 3 18:05:02 2004 Subject: [SpamCop-List] Re: FTC Endorses Bounty for Spammers References: Message-ID: In article , Pete Stephenson wrote: > "Merlyn" wrote: > > > Old News: > > ...but still good news. :) I'll bet the spammers start turning in each other; they're money-grubbing sleazeballs in the first place, so being rat finks for money would be entirely in character. -- D.F. Manno dfm2a3l0t2@spymac.com "The work goes on, the cause endures, the hope still lives and the dream will never die." From porpoise1954 at yahoo.co.uk Sat Dec 4 00:03:10 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Fri Dec 3 19:05:03 2004 Subject: [SpamCop-List] Re: Should I aggree with my ISP? References: <41ADDEF3.72A3EDA0@spamcop.net> Message-ID: "N. Miller" wrote in message news:MPG.1c1a64c26e495e5598977a@news.spamcop.net... > In article , Porpoise says... > >> "N. Miller" wrote in message >> news:MPG.1c17c3a7d5adcdf7989779@news.spamcop.net... >> > In article , Porpoise says... > >> >> "Kenneth Brody" wrote in message >> >> news:41ADDEF3.72A3EDA0@spamcop.net... > >> >> > Berny wrote: > >> > Not exactly the point. It is entirely possible to authenticate to an >> > SMTP >> > server without that server displaying your email address. As an SBC >> > Yahoo! >> > DSL Service customer I have a choice of SMTP AUTH servers. I don't use >> > the >> > normal "smtp.pacbell.yahoo.com" server precisely because it reveals my >> > username. I use "smtpauth.flash.net" instead. The relevant header line >> > looks like this: > >> >> Received: from aosake.net >> >> (dialup-4.246.21.159.Dial1.SanJose1.Level3.net >> >> [4.246.21.159]) >> >> (authenticated bits=0) >> >> by ylpvm25.prodigy.net (8.12.10 auth mps linux/8.12.10) with ESMTP id >> >> iB1JgprC029681; >> >> Wed, 1 Dec 2004 14:42:54 -0500 > >> So, if (for some reason) you were to send me an email, are you saying I >> wouldn't be able to determine who it was from? > > Of course you can determine "who it is from". Assuming that you know that > I > use an email address in the aosake.net domain, what does it matter that it > came from an SBC authenticated server in the prodigy.net domain? > >> If that were the case, I >> wouldn't accept it - which brings me back to my previous point: I (and I >> suspect *most* people) want to *know* who an email is from before I'm >> going >> to accept/read it. The whole *point* of it is to prevent people from >> using >> aliases.... or other people just using the server even though they're not >> legitimate users. > > No person who isn't authorized to use an SMTP AUTH server is able to, > unless > the server security is poor. The sole purpose of SMTP AUTH is to ensure > that > the person using the server is authorized to use the server. In most cases > (barring a password crack; MSFT servers are prone to this, especially) the > person using an SMTP AUTH server is a legitimate user of that server. I think that's what I just sed..... > > If you want to know who the sender is before accepting the email, set up a > "white list", and only accept email from people whom you know. An email > address is, necessarily, an "alias". Unless you were lucky enough to be > the > first on your block to put your actual name on an email address. > > -- > Norman > ~Win dain a lotica, En vai tu ri, Si lo ta > ~Fin dein a loluca, En dragu a sei lain > ~Vi fa-ru les shutai am, En riga-lint From Kilgallen at SpamCop.net Fri Dec 3 20:17:23 2004 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Fri Dec 3 21:20:03 2004 Subject: [SpamCop-List] Combining spam genres Message-ID: Your Christian [Pre]scription Med-ic-ation(s) source From nobody at spamcop.net Fri Dec 3 21:12:10 2004 From: nobody at spamcop.net (Tom) Date: Fri Dec 3 22:15:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: On Thu, 02 Dec 2004 17:57:05 -0800, Tim McGraw wrote: >> But if it is declared legal, especially here in the United States, >> then I think this will prove to be one truly useful tool to use >> against spammers. > >...or a worthy competitor. That's the one hitch in all of this and one of the reasons I didn't jump on the bandwagon. Who is to say that Lycos Europe is doing all that is advertised by the media? While I'm encouraged by the report, I still have reservations on the legality and the ethics behind such a move. The idea that it could be misused is a problem that faces any vigilante squad... From nobody at spamcop.net Fri Dec 3 21:22:11 2004 From: nobody at spamcop.net (Tom) Date: Fri Dec 3 22:25:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: On Thu, 2 Dec 2004 22:21:24 -0800, Mike Easter wrote: >> Because I'm STUPID!!!! That other stuff requires more brains than I >> have. The screensaver is simple and PERFECT for stupid people like >> me. It runs itself! > >Ah, so. The psychology of lemminghood! I'm beginning to understand. >Let me look around. I think Jeff has a point, Mike. The real success (maybe?) is because it is simple and easy. The problem of course, is that there are ways to blind it (as you've already mentioned). The other problem is that we don't know what else it is doing, like reporting back to Lycos Europe what is on your computer. It may be nothing more than spyware sending lots of personal information it gleans from your computer on to the spammers... My initial reaction was not to stoop to vigilante action and then giving it some more thought (and reading your posts), I'm beginning to think this could be a real red herring... I think I'd find it more appealing if it had someone behind it like the FTC and if we could go to the FTC site and find information on it. Aside from articles in various newsgroups, blogs, and magazines, has anyone like Spamcop (Ellen has already weighed in) or CAUCE commented on: 1 - its legitimacy and 2 - its legality? From nobody at spamcop.net Fri Dec 3 21:30:47 2004 From: nobody at spamcop.net (Tom) Date: Fri Dec 3 22:35:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: <5ib2r0taksrdcal286pg7d6b5altmmibff@4ax.com> On Thu, 02 Dec 2004 19:18:37 -0800, Pete Stephenson wrote: >I think the concept is ethically flawed and is not good for the internet >infrastructure. Okay, I'm going to play DA on this (Devil's Advoate)... There are two LEO-sponsored activities that seem (at least on the surface) somewhat the same as what Lycos Europe is doing with software. One program has been around a long, long time and is generally called "Rat on a Rat," meaning turning in people for committing crimes. Bounty Hunting comes to mind, since there is usually a reward for such activity (it isn't large, but it does exist). The second program is relatively new, but again, it is similar in that it is supported by many LEOs. It is known by various names, but generally invovlves "Turning on the Lights" in order to expose drug dealing activities (which usually take place in dark places). So how does the Lycos Europe thing work? By supposedly "turning on the lights" on spamvertised web sites by sending "throttled" hits to them, increasing their bandwidth requirements... Now, what's the ethical difference between these programs (if any)? From nobody at spamcop.net Fri Dec 3 21:36:42 2004 From: nobody at spamcop.net (Tom) Date: Fri Dec 3 22:40:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: <8tb2r0t0daondcelfjnd6dnu7l07fc90i6@4ax.com> On Thu, 2 Dec 2004 19:50:05 -0800, Mike Easter wrote: >Somewhere there needs to be a good understanding of the responsibility >and ramifications of any activity. Some people pick things up and pull >the trigger with no concept of what they are holding. I really don't disagree, Mike. But what if some governmental agency (of your choice) backed this as a "good thing"? For instance, suppose the EU endorsed the activity? We still have the problem of the exposed fire alarm that is where some kid out for a lark will pull and bring the fire brigade... But aside from that problem, and the general ethics of the situation... If the EU said, by all means, everyone load up the screensaver and Lycos Europe, beef up your site, go for it! Now what? From eatmy at grits.com Fri Dec 3 20:53:33 2004 From: eatmy at grits.com (Jeff) Date: Fri Dec 3 22:55:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Mike Easter" wrote in message news:cop0l5$imn$1@news.spamcop.net... > > Ah, so. The psychology of lemminghood! I'm beginning to understand. > Let me look around. > > > "They will even deny that which they see with their own eyes. They are > victims of a psychological affliction known as 'the lemming effect.' > > Lemmings are small rodents who have been known to follow each other as > they charge to their deaths into raging rivers or off of cliffs. > > Cyclical explosions in population do occasionally > induce lemmings to attempt to migrate to areas of lesser population > density. When such a migration occurs, some lemmings die by falling over > cliffs or drowning in lakes or rivers. These deaths are not deliberate > "suicide" attempts, however, but accidental deaths resulting from the > lemmings' venturing into unfamiliar territories and being crowded and > pushed over dangerous ledges. purpose, if you ask me: ME> > > In fact, when the competition for food, space, > or mates becomes too intense, lemmings are much more likely to kill each > other than to kill themselves. > > > Just because it is easier to be a lemming rushing toward the cliff than > to look around and find some food or a nice-looking lady lemming doesn't > mean that cliffjumping is really a good idea. > > -- > Mike Easter > kibitzer, not SC admin > LEMMING POWER!!!!! WOOOOOOOOOOOO HOOOOOOOOOOOOO!!!!!! From MikeE at ster.invalid Fri Dec 3 19:57:31 2004 From: MikeE at ster.invalid (Mike Easter) Date: Fri Dec 3 23:00:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Jeff wrote: > LEMMING POWER!!!!! WOOOOOOOOOOOO HOOOOOOOOOOOOO!!!!!! Ha! -- Mike Easter kibitzer, not SC admin From dickeycranium at hotmail.com Sat Dec 4 01:19:20 2004 From: dickeycranium at hotmail.com (Morpheus) Date: Sat Dec 4 01:25:02 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Possum Trot" wrote in message news:coq8r7$ap3$1@news.spamcop.net... > Ellen, and all, > > The article says that the targets for the attack are obtained from > SPAMCOP.COM, not our SPAMCOP.NET. > > > "Ellen" wrote in message > news:conju8$i8p$1@news.spamcop.net... > > > > "Spam Hater" wrote in message > > news:mailman.23.1102002215.4572.spamcop-list@news.spamcop.net... > >> What I am wondering is which sites are on the attack list?? The article > >> I > >> read mentioned SpamCop as the source, but SpamCop only lists email > >> injection sites, not SPAMvertisers... So, does that mean the screen > >> saver > >> is going after all the zombie boxes that are spewing out the SPAM itself > >> or do they have access to some hidden list of SPAMvertisers that we > >> report? > >> > > One second here if I may peeps. Doesn't spamcop.net also have and maintain a blacklist as well. Out of sheer habit for dot coms, isn't it possible that the article meant spamcop.net rather than spamcop.com? Thank you From MikeE at ster.invalid Fri Dec 3 22:40:53 2004 From: MikeE at ster.invalid (Mike Easter) Date: Sat Dec 4 01:45:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Morpheus wrote: > One second here if I may peeps. Doesn't spamcop.net also have and > maintain a blacklist as well. Out of sheer habit for dot coms, isn't > it possible that the article meant spamcop.net rather than > spamcop.com? /This/ is spamcop.net. It/ this service/ maintains/publishes spamvertisers. Spamcop.com is /not/ this spamcop. Also it does /not/ publish spamvertisers. If the article sed spamcop.com, it must've meant spamcop.net. -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Sat Dec 4 19:50:17 2004 From: nobody at devnull.spamcop.net (brewman) Date: Sat Dec 4 01:50:03 2004 Subject: [SpamCop-List] Re: make love not spam - I prefer another method References: Message-ID: "N. Miller" wrote in message news:MPG.1c1a6c74a81c70f98977d@news.spamcop.net... > Spamvertised sites come and go. Some spammers burn through domains > like a > kid burns through his Halloween candy. Lycos hasn't done squat to > stop the > spammers because they change domains more often than Imelda Marcos > changed > shoes. Well, after months of reporting spam and not making a dent in the spam I received (several dozen a day), I got myself an uncapped ADSL line (2 actually, but that's another story) and started using SpamVampire on the spamvertised site, passing through to the REAL site and ignoring any zombies; I think it unfair to attack a zombied machine whose bandwidth the spammer isn't paying for anyway. I either prefix their domain name or appending the image url with (almost) DoNotSpam.brycom.cX.nX. I also add bits like "If you leave me alone then I leave you alone". I also rummage around the site looking for large images (no, not using IE!) that SpamVampire likes. Within a month my spam had reduced to a trickle (most days nothing arrives). I don't mean spam passing the filters, I mean *NO SPAM* to my domain for days on end. It's worked so well that I've started applying it to my email addresses not at my domain. Within a few days - spam stops! I started off sucking between 100MB & 500 MB a site (lots of sites initially). Now I get so few spam that I usually suck at least 1GB a site. The more spam someone sends, the more I suck. Usually I choose to stop sucking before they stop me; it only takes a few hours to suck 1GB, even using a PII Win98 machine (yes, it's all firewalled). Would I use the Make Love Not War method? No; it's too impersonal. I want to be in control. I finally feel as if I'm getting somewhere - no, got somewhere - in my personal battle against spam. Is SpamVampire abuse? I know that that's been debated, and I don't intend to open it again now, but I just want to say that using it worked for me. -- Brewman Brewman.SpamCop@brycom.cX.nX which really ends with dot co dot nz From bar_n0ne at hotmail.com Sat Dec 4 12:05:00 2004 From: bar_n0ne at hotmail.com (Berny) Date: Sat Dec 4 03:10:04 2004 Subject: [SpamCop-List] Re: make love not spam - I prefer another method References: Message-ID: "brewman" wrote in message news:cormji$8b2$1@news.spamcop.net... > "N. Miller" wrote in message > news:MPG.1c1a6c74a81c70f98977d@news.spamcop.net... > > Spamvertised sites come and go. Some spammers burn through domains > > like a > > kid burns through his Halloween candy. Lycos hasn't done squat to > > stop the > > spammers because they change domains more often than Imelda Marcos > > changed > > shoes. > > Well, after months of reporting spam and not making a dent in the spam > I received (several dozen a day), I got myself an uncapped ADSL line > (2 actually, but that's another story) and started using SpamVampire > on the spamvertised site, passing through to the REAL site and > ignoring any zombies; I think it unfair to attack a zombied machine > whose bandwidth the spammer isn't paying for anyway. > > SNIPPED Well, If I had the skills, I would use trojanned machines to DDOS spamvertizers. My volume of spam is to the point of a DDOS on my mail accounts. I no longer sympathise with the compromised machine owners. If they get cut off by their ISP's and clean up their hosts all the better. If they simply stay cut off that's fine too., one less spam delivery vector. And No don't tell me about filters, having to poke through the Sh*te folder to find false positives is no improvement on poking through my inbox ,which, with my filters and whitelists, is now better than 99.95% spam.only. Spamcop mail is not an option for me, due to security policy my corporate accounts cannot be forwarded or retrieved by SC. From dickeycranium at hotmail.com Sat Dec 4 04:37:06 2004 From: dickeycranium at hotmail.com (Morpheus) Date: Sat Dec 4 04:40:14 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: "Mike Easter" wrote in message news:corm5i$7up$1@news.spamcop.net... > Morpheus wrote: > > One second here if I may peeps. Doesn't spamcop.net also have and > > maintain a blacklist as well. Out of sheer habit for dot coms, isn't > > it possible that the article meant spamcop.net rather than > > spamcop.com? > > /This/ is spamcop.net. It/ this service/ maintains/publishes > spamvertisers. > > Spamcop.com is /not/ this spamcop. Also it does /not/ publish > spamvertisers. > > If the article sed spamcop.com, it must've meant spamcop.net. > > -- > Mike Easter > kibitzer, not SC admin > Pretty much my point was it not? From David1 at suescornerweb.com Sat Dec 4 07:15:20 2004 From: David1 at suescornerweb.com (David 1) Date: Sat Dec 4 07:20:20 2004 Subject: [SpamCop-List] Re: make love not spam - I prefer another method In-Reply-To: References: Message-ID: Berny wrote: > "brewman" wrote in message > news:cormji$8b2$1@news.spamcop.net... > >>"N. Miller" wrote in message >>news:MPG.1c1a6c74a81c70f98977d@news.spamcop.net... >> >>>Spamvertised sites come and go. Some spammers burn through domains >>>like a >>>kid burns through his Halloween candy. Lycos hasn't done squat to >>>stop the >>>spammers because they change domains more often than Imelda Marcos >>>changed >>>shoes. >> >>Well, after months of reporting spam and not making a dent in the spam >>I received (several dozen a day), I got myself an uncapped ADSL line >>(2 actually, but that's another story) and started using SpamVampire >>on the spamvertised site, passing through to the REAL site and >>ignoring any zombies; I think it unfair to attack a zombied machine >>whose bandwidth the spammer isn't paying for anyway. >> >>SNIPPED > > > Well, If I had the skills, I would use trojanned machines to DDOS > spamvertizers. > > My volume of spam is to the point of a DDOS on my mail accounts. I no longer > sympathise with the compromised machine owners. If they get cut off by their > ISP's and clean up their hosts all the better. If they simply stay cut off > that's fine too., one less spam delivery vector. > > And No don't tell me about filters, having to poke through the Sh*te folder > to find false positives is no improvement on poking through my inbox ,which, > with my filters and whitelists, is now better than 99.95% spam.only. > > Spamcop mail is not an option for me, due to security policy my corporate > accounts cannot be forwarded or retrieved by SC. > > What about MailWasher, seems to work for me & because it is usually spam cop compatible (usually for the last week I haven't been able to send to sc) the learning filter actually works real good & since it's on your machine that should take care of your Corp. Problem???????? David 1 From bar_n0ne at hotmail.com Sat Dec 4 16:41:04 2004 From: bar_n0ne at hotmail.com (Berny) Date: Sat Dec 4 07:45:03 2004 Subject: [SpamCop-List] Re: make love not spam - I prefer another method References: Message-ID: "David 1" wrote in message news:cos9or$imq$1@news.spamcop.net... > > SNIP > > Spamcop mail is not an option for me, due to security policy my corporate > > accounts cannot be forwarded or retrieved by SC. > > > > > What about MailWasher, seems to work for me & because it is usually spam > cop compatible (usually for the last week I haven't been able to send to > sc) the learning filter actually works real good & since it's on your > machine that should take care of your Corp. Problem???????? > David 1 My filters already do that sweeping away my real mail to various folders, and leaving me with an Inbox full of spam (almost) I still have to check the Inbox for "false positives". For Filtering I simply want my mailserver to reject spam. based on DURBLS, that way legitimate senders can know their mail wasn't delivered, and hopefully why. Then I can report the rest leisurely. I think the only thing that will clean spam is Denial of services to clients from spammy systems. (ie rejecting their mails etc.) So far it hasn't happened much except for one or two well known instances. From rwmarbleAT at yahooDOT.com Sat Dec 4 09:43:59 2004 From: rwmarbleAT at yahooDOT.com (I'm_a_victim) Date: Sat Dec 4 09:45:02 2004 Subject: [SpamCop-List] Why won't this work? Message-ID: By viewing the full header I can normally identify the originator of spam and trace the owner of that URL to some ISP ( usually China, Russia, Italy, Germany or England location) . So now I have something like 64.234.123.123 I provide this specific URL to a Spam collector program. Once the spam collector program, which requires one of the new human readable letter sequences as verification receives say 100 complaints from 100 different individuals that URL is put on a black list. If the header is scanned by a gate keeper of all email entering the US and 100% of all email originating from that URL is blocked for 90 days this would effectively shut down that URL. Some big ISP's that make a living off of spam such as ChinaNet would soon find that they have to use other URL's and would eventually run out of available ID's. If an ISP discovers that none of it's customers can send email it would probably not have any customers so the ISP would be forced to stop accepting spammers as customers. OK so this sounds simple to me but is not being done. Can someone tell me the problem? real e-mail rwmarble at yahoo dot com From devnull at devnull.devnull Sat Dec 4 17:11:39 2004 From: devnull at devnull.devnull (Anty Spam) Date: Sat Dec 4 10:20:02 2004 Subject: [SpamCop-List] Mail to Yesnic Message-ID: I suggest now is time to mail similar complaints to Yesnic. Mail address as per ICANN is info@yesnic.com Cheers ================================ Dear Yesnic Staff I am starting off the procedure as per ICANN guidelines to resolve the issue of your non-compliance in repsponding to WHOIS complaints as submitted via ICANN's Whois Data Problem Report System, as found at http://wdprs.internic.net/ The domains as listed below have been reported via this mechanism, but the issues surrounding these domains has not yet been actioned or resolved. I would like to refer you to your registrar agreement whereby you are obliged to action such reports. This actioning is essential to the stability of the internet at large. I would appear that it has in fact become well known that Yesnic does not action these reports and are fast becoming a haven for parties that do not wish to comply to ICANN's whois policy. A search via various newsgroups related to network abuse prooves this. As for myself, I feel it is fast becoming a waste of time. This does however require an explanation from Yesnic. Also, based on the widespread abuse of your clients, this mail is being posted on the vrious newsgroups where this is pertinent. The following domains were reported by myself and are still incorrect and/or active. Note this is in fact all the domains I have reported that were not actioned: Domain: yayshop.com Submitted: 2004/07/01 13:08:08 Domain: g0get.com Submitted: 2004/07/16 16:19:23 Domain: easydatingoffers.com Submitted: 2004/07/23 19:39:50 Domain: namedservers.com Submitted: 2004/07/23 19:43:56 Domain: medoadk.com Submitted: 2004/07/29 15:13:23 Domain: oasbmedsw.com Submitted: 2004/07/29 15:22:46 Domain: qikcakmeds.com Submitted: 2004/07/29 15:28:35 Domain: medsabqh.com Submitted: 2004/08/01 13:15:30 Domain: asfdhnmeds.com Submitted: 2004/08/01 14:58:33 Domain: 111rx.com Submitted: 2004/08/01 16:34:43 Domain: hotsweetsingles.com Submitted: 2004/08/02 14:12:04 Domain: adsakdau.com Submitted: 2004/08/08 13:32:36 Domain: bombahakcx.com Submitted: 2004/08/15 15:45:02 Domain: kquwbajdfh.com Submitted: 2004/08/29 16:53:06 Domain: polarrate.net Submitted: 2004/10/25 14:12:27 Domain: moretgauge.net Submitted: 2004/11/29 16:08:10 Awaiting you reply. Thank you From devnull at devnull.devnull Sat Dec 4 17:49:03 2004 From: devnull at devnull.devnull (Anty Spam) Date: Sat Dec 4 11:00:04 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Jeff" wrote in message news:cooi49$9e2$1@news.spamcop.net... > Anybody see this yet? > http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html > > Is it not interesting that these exact domains have bad WHOIS ? Maybe that is why no abuse reports will be forthcoming ? Just thinking ....:-) Cheers E From devnull at devnull.devnull Sat Dec 4 17:52:49 2004 From: devnull at devnull.devnull (Anty Spam) Date: Sat Dec 4 11:05:03 2004 Subject: [SpamCop-List] Re: Easynet.co.uk null route a Trojaned DSL customer References: <01c4d8b7$6c15cf80$LocalHost@default> Message-ID: "Michael R N Dolbear" wrote in message news:01c4d8b7$6c15cf80$LocalHost@default... > In reply to a spamcop complaint that > dsl-212-135-217-67.dsl.easynet.co.uk (212.135.217.67) is an open proxy > (Sat, Nov 27, 2004 at 03:52:46AM) > > Easynet Abuse Team replied 02 December 2004 00:49 SNIP > All attempts to contact our customer concerning this incident having > failed Hmmm, bad WHOIS ? Just thinking ...;-) E From mrichter at cpl.net Sat Dec 4 10:17:54 2004 From: mrichter at cpl.net (Mike Richter) Date: Sat Dec 4 13:20:02 2004 Subject: [SpamCop-List] Re: Why won't this work? In-Reply-To: References: Message-ID: I'm_a_victim wrote: > By viewing the full header I can normally identify the originator of spam > and trace the owner of that URL to some ISP ( usually China, Russia, Italy, > Germany or England location) . > So now I have something like 64.234.123.123 > I provide this specific URL to a Spam collector program. > Once the spam collector program, which requires one of the new human > readable letter sequences as verification receives say 100 complaints from > 100 different individuals that URL is put on a black list. > If the header is scanned by a gate keeper of all email entering the US and > 100% of all email originating from that URL is blocked for 90 days this > would effectively shut down that URL. > Some big ISP's that make a living off of spam such as ChinaNet would soon > find that they have to use other URL's and would eventually run out of > available ID's. > If an ISP discovers that none of it's customers can send email it would > probably not have any customers so the ISP would be forced to stop accepting > spammers as customers. > > OK so this sounds simple to me but is not being done. Can someone tell me > the problem? Posted by a (mostly) happy SpamCop user, not an official. It's a different protocol for listing; its only uniqueness is "all email entering the US". Now, who would man the gate and who would run the verification program are minor problems - as in unsolvable. Heck, there's no way to tell what is "entering the U.S." since U.S. ISPs are used by international subscribers. (Cf. hotmail, yahoo, ...) Other problems: getting spamees to report; dealing with a concerted effort to shut down an innocent sending IP address by unpleasant folks (such as spammers); ... Less problematic (but still unworkable): nuke all spamhaus IP addresses. The problem there is you, SpamCop and I may do that, but they still get through to most of those to whom they're addressed. Mike -- mrichter@cpl.net http://www.mrichter.com/ From mfkmek820 at yahoo.com Sat Dec 4 09:33:20 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sat Dec 4 13:35:03 2004 Subject: [SpamCop-List] How can this be? Message-ID: Hey you guys that have graduated from Spam 105, could you tell me what is wrong with this picture? This mail was never sent from IP 80.96.118.176. Regards, DAinet Technical team ----- Original Message ----- From: "Spam Hater" <1305635226@reports.spamcop.net> To: Sent: Friday, December 03, 2004 4:42 PM Subject: [SpamCop (80.96.118.176) id:1305635226][Norton AntiSpam] >[ SpamCop V1.389 ] > This message is brief for your comfort. Please use links below for > details. > > Email from 80.96.118.176 / Fri, 03 Dec 2004 08:42:25 -0600 > http://www.spamcop.net/w3m?i=z1305635226zaa565c0b07d8bee54fd5a67e82aa36bcz Thanks Fred K From SpamNScamsReporter# at gmail#.com# Sat Dec 4 12:21:47 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Sat Dec 4 15:25:02 2004 Subject: [SpamCop-List] SC timeouts when reporting Message-ID: SC has been slow again this morning, with some reports not going through without resending. Fortunately, I'm doing other things and not just sitting here waiting for the page to load. Brian From mfkmek820 at yahoo.com Sat Dec 4 11:39:28 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sat Dec 4 15:45:04 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "geo_splash_12" wrote in message news:coqiso$huf$1@news.spamcop.net... > Jeff wrote: >> Anybody see this yet? >> http://www.cnn.com/2004/TECH/internet/12/02/anti.spamvigi.ap/index.html >> >> > > Lycos' screensaver attacking websites that generate spew is like poking a > 600 pound Grizzly bear sleeping in your backyard with a pointy stick. Not > a very smart idea. But millions of pointy sticks will prevail....... Fred K From SpamNScamsReporter# at gmail#.com# Sat Dec 4 12:48:03 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Sat Dec 4 15:50:02 2004 Subject: [SpamCop-List] Re: SC timeouts - Never Mind In-Reply-To: References: Message-ID: Spam N Scams Reporter wrote: > SC has been slow again this morning, with some reports not going through > without resending. Fortunately, I'm doing other things and not just > sitting here waiting for the page to load. > > Brian I'm just multi-tasking a little tooooo much. I had been uploading an 18 MB file in the background and I'm not sure if that was done before I had the slow down. Probably not. Brian From nobody at spamcop.net Sat Dec 4 16:12:02 2004 From: nobody at spamcop.net (Miss Betsy) Date: Sat Dec 4 16:10:02 2004 Subject: [SpamCop-List] Re: Why won't this work? References: Message-ID: "I'm_a_victim" wrote in message news:cosifg$nga$1@news.spamcop.net... > By viewing the full header I can normally identify the originator of spam > and trace the owner of that URL to some ISP ( usually China, Russia, Italy, > Germany or England location) . > So now I have something like 64.234.123.123 > I provide this specific URL to a Spam collector program. > Once the spam collector program, which requires one of the new human > readable letter sequences as verification receives say 100 complaints from > 100 different individuals that URL is put on a black list. > If the header is scanned by a gate keeper of all email entering the US and > 100% of all email originating from that URL is blocked for 90 days this > would effectively shut down that URL. > Some big ISP's that make a living off of spam such as ChinaNet would soon > find that they have to use other URL's and would eventually run out of > available ID's. > If an ISP discovers that none of it's customers can send email it would > probably not have any customers so the ISP would be forced to stop accepting > spammers as customers. > > OK so this sounds simple to me but is not being done. Can someone tell me > the problem? That is a description of what spamcop does except that it is only the IP address of the sender of the spam that is listed. There is also a list of spamvertized URL's to filter on that someone else has started, I believe. The main problem is that ISP's don't want to deal with email senders on that IP address who are not sending spam, but whose email gets blocked also. It is nonsensical since the sending end is the only place that spammers can be effectively stopped and any responsible person who is using email should choose a responsible ISP to send their email. But many ISP's just want to keep their customers happy and don't take the time to explain why they can't get email from their sister, mother, child, favorite Yahoo group and that they should complain to the *sender* and the sender's ISP. Instead ISP's use content filters to try and cut down the amount of spam that people receive and encourage people to use whitelists so that if they do use a block, then people still receive email from that IP address and so don't complain to the people (the other users of that IP address where the spammer is) so no one is responsible for the spam mess. OTOH, there are enough people using it so that responsible people can find an ISP who is responsible enough to both prevent spammers and to use blocklists. And it is hampering the spammers enough so that they are resorting to trojanizing computers to send their spew. Miss Betsy From Kilgallen at SpamCop.net Sat Dec 4 15:33:32 2004 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Sat Dec 4 16:35:02 2004 Subject: [SpamCop-List] Re: How can this be? References: Message-ID: <1eXKXT0LnDoI@eisner.encompasserve.org> In article , "Fred K" writes: > Hey you guys that have graduated from Spam 105, could you tell me what is > wrong with this picture? > > This mail was never sent from IP 80.96.118.176. >> Email from 80.96.118.176 / Fri, 03 Dec 2004 08:42:25 -0600 >> http://www.spamcop.net/w3m?i=z1305635226zaa565c0b07d8bee54fd5a67e82aa36bcz That page has a link called "Show how SpamCop traced this message" which shows the SpamCop logic. You should be specific regarding where you think that logic is faulty. From Merlyn at Spamcop.net Sat Dec 4 16:38:45 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Sat Dec 4 16:40:03 2004 Subject: [SpamCop-List] Re: How can this be? References: Message-ID: "Fred K" wrote in message news:cosvu5$vbe$1@news.spamcop.net... > Hey you guys that have graduated from Spam 105, could you tell me what is > wrong with this picture? > > This mail was never sent from IP 80.96.118.176. > > Regards, > DAinet Technical team > > ----- Original Message ----- > From: "Spam Hater" <1305635226@reports.spamcop.net> > To: > Sent: Friday, December 03, 2004 4:42 PM > Subject: [SpamCop (80.96.118.176) id:1305635226][Norton AntiSpam] > > >>[ SpamCop V1.389 ] >> This message is brief for your comfort. Please use links below for >> details. >> >> Email from 80.96.118.176 / Fri, 03 Dec 2004 08:42:25 -0600 >> http://www.spamcop.net/w3m?i=z1305635226zaa565c0b07d8bee54fd5a67e82aa36bcz > What makes you think it didn't come from there? BTW: You know the whole PLUSNET-ADVERTISING-SRL 80.96.118.0 - 80.96.119.255 is listed in SPEWS. According to Senderbase mail from that IP was up 823% yesterday. -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From nobody at spamcop.net Sat Dec 4 18:08:26 2004 From: nobody at spamcop.net (Pop) Date: Sat Dec 4 18:10:03 2004 Subject: [SpamCop-List] Piracy at Microsoft gone? Message-ID: Anyone know if Piracy-AT-microsoft-DOT-com (or NET for that matter) has gone away? I sent one to COM, it bounced, so I followed up with one to COM and NET both; all bounced back. ------------ This is the Postfix program at host mxb.MY ISP I'm sorry to have to inform you that your message ... ... delete your own text from the attached returned message. The Postfix program : connect to microsoft.net[207.46.130.108]: Connection timed out ----------------- Not a big deal, just wondered if I screwed up or missed something. Pop From TJLWBECGSGWU at spammotel.com Sat Dec 4 23:21:55 2004 From: TJLWBECGSGWU at spammotel.com (Mathew Hendry) Date: Sat Dec 4 18:25:02 2004 Subject: [SpamCop-List] Re: Piracy at Microsoft gone? References: Message-ID: <8dh4r0h6m9fsq2c974cmtca0uvs2bfuuon@4ax.com> On Sat, 4 Dec 2004 18:08:26 -0500, "Pop" wrote: >Anyone know if Piracy-AT-microsoft-DOT-com (or NET for that >matter) has gone away? I sent one to COM, it bounced, so I >followed up with one to COM and NET both; all bounced back. >... >: connect to microsoft.net[207.46.130.108]: >Connection > timed out >----------------- > >Not a big deal, just wondered if I screwed up or missed >something. piracy@microsoft.com is up according to http://www.dnsstuff.com/tools/mail.ch?domain=piracy%40microsoft.com although it did time out on one of the six servers tested. microsoft.net has no MX DNS record, so not too surprising that one didn't work. -- Mat. From nobody at spamcop.net Sat Dec 4 17:36:51 2004 From: nobody at spamcop.net (RW) Date: Sat Dec 4 18:40:02 2004 Subject: [SpamCop-List] Re: Piracy at Microsoft gone? References: Message-ID: "Pop" wrote in message news:cotg16$939$1@news.spamcop.net... > ------------ > This is the Postfix program at host mxb.MY ISP > I'm sorry to have to inform you that your message ... Looks like a network problem, not that the address doesn't exist. The address probably still exists, you just couldn't connect to the server. Richard From puoti at inwind.it Sun Dec 5 01:13:22 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Sat Dec 4 19:15:03 2004 Subject: [SpamCop-List] Re: Piracy at Microsoft gone? In-Reply-To: References: Message-ID: I send lots of reports to them, a couple bounced but all seems to be ok now. Ivan. From zypher at spamcop.net Sat Dec 4 18:35:45 2004 From: zypher at spamcop.net (Ron B.) Date: Sat Dec 4 19:40:03 2004 Subject: [SpamCop-List] Re: Mail to Yesnic References: Message-ID: On Sat, 04 Dec 2004 17:11:39 +0200, Anty Spam wrote: > Awaiting you reply. > > Thank you Don't hold your breath! From mfkmek820 at yahoo.com Sat Dec 4 16:25:42 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sat Dec 4 20:30:02 2004 Subject: [SpamCop-List] Re: How can this be? References: Message-ID: "Merlyn" wrote in message news:cotap5$5vt$1@news.spamcop.net... > "Fred K" wrote in message > news:cosvu5$vbe$1@news.spamcop.net... >> Hey you guys that have graduated from Spam 105, could you tell me what >> is wrong with this picture? >> >> This mail was never sent from IP 80.96.118.176. >Regards, DAinet Technical team> >> >> ----- Original Message ----- >> From: "Spam Hater" <1305635226@reports.spamcop.net> >> To: >> Sent: Friday, December 03, 2004 4:42 PM >> Subject: [SpamCop (80.96.118.176) id:1305635226][Norton AntiSpam] >> >> >>>[ SpamCop V1.389 ] >>> This message is brief for your comfort. Please use links below for >>> details. >>> >>> Email from 80.96.118.176 / Fri, 03 Dec 2004 08:42:25 -0600 >>> http://www.spamcop.net/w3m?i=z1305635226zaa565c0b07d8bee54fd5a67e82aa36bcz >> > > > What makes you think it didn't come from there? > > BTW: You know the whole PLUSNET-ADVERTISING-SRL 80.96.118.0 - > 80.96.119.255 is listed in SPEWS. > > According to Senderbase mail from that IP was up 823% yesterday. I was wondering why the ISP sent that reply through SC. Ok, what you are saying: The denial message is phony because they are a spammy ISP? Fred K From MikeE at ster.invalid Sat Dec 4 17:32:01 2004 From: MikeE at ster.invalid (Mike Easter) Date: Sat Dec 4 20:35:03 2004 Subject: [SpamCop-List] Re: How can this be? References: Message-ID: Fred K wrote: > Hey you guys that have graduated from Spam 105, could you tell me > what is wrong with this picture? Well, I don't know if I graduated, but I'll take a look. > This mail was never sent from IP 80.96.118.176. > > Regards, > DAinet Technical team I disagree. Message-ID: Bob W. wrote: > The thing is the address being spammed in all three cases was formerly > someone else's. Unfortunately, the man has been dead for more than > eight years. Why would any spammer ever remove an address from a list? With the possible very rare exception of troublesome anti-/s that is. "Hello, would you like to buy this list of 50 million addresses?" "Sure." "Oh, by the way, about 80% of them are dead [addresses, people, domains, whatever] already, but I don't know which ones those are." "It's not a problem. Doesn't matter to me." "Okey dokey, here ya' go" -- Mike Easter kibitzer, not SC admin From none at domain.invalid Sat Dec 4 22:06:50 2004 From: none at domain.invalid (Anonymous) Date: Sun Dec 5 01:10:02 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. References: Message-ID: "Bob W." wrote in message news:responseguard-07BB76.20564604122004@news.cesmail.net... > I've been append-spammed by two large organizations within the last two > weeks. First it was (and still is) the Smithsonian. CheetahMail handles > the delivery. Can you describe what append-spamming is? I've never heard that term before. Thanks. From flippetyfloo at fake.com Sun Dec 5 01:09:01 2004 From: flippetyfloo at fake.com (RandallW) Date: Sun Dec 5 04:10:19 2004 Subject: [SpamCop-List] Wiltel.com Message-ID: Anyone getting spam to their Hotmail accounts where the spam origin AND host of spamvertised sites is Wiltel.com? From bar_n0ne at hotmail.com Sun Dec 5 13:32:36 2004 From: bar_n0ne at hotmail.com (Berny) Date: Sun Dec 5 04:40:03 2004 Subject: [SpamCop-List] Re: Wiltel.com References: Message-ID: "RandallW" wrote in message news:couj7a$sgc$1@news.spamcop.net... > Anyone getting spam to their Hotmail accounts where the spam origin AND host > of spamvertised sites is Wiltel.com? Not to hotmail, but a few weeks ago I was on my corporate accounts, LARTED and griped about it here and elsewhere and it stoppped. I guess I was list washed. Too bad, I thought they had cleaned up their spammers. I get almost no spam on Hotmail. From bar_n0ne at hotmail.com Sun Dec 5 13:39:14 2004 From: bar_n0ne at hotmail.com (Berny) Date: Sun Dec 5 04:40:08 2004 Subject: [SpamCop-List] Re: Wiltel.com References: Message-ID: "RandallW" wrote in message news:couj7a$sgc$1@news.spamcop.net... > Anyone getting spam to their Hotmail accounts where the spam origin AND host > of spamvertised sites is Wiltel.com? Not to hotmail, but a few weeks ago I was on my corporate accounts, LARTED and griped about it here and elsewhere and it stoppped. I guess I was list washed. Too bad, I thought they had cleaned up their spammers. I get almost no spam on Hotmail. From David1 at suescornerweb.com Sun Dec 5 09:16:12 2004 From: David1 at suescornerweb.com (David 1) Date: Sun Dec 5 09:20:02 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. In-Reply-To: References: Message-ID: Anonymous wrote: > "Bob W." wrote in message > news:responseguard-07BB76.20564604122004@news.cesmail.net... > >> I've been append-spammed by two large organizations within the last two >> weeks. First it was (and still is) the Smithsonian. CheetahMail handles >> the delivery. > > > Can you describe what append-spamming is? I've never heard that term > before. Thanks. > Looking forward to this answer myself David 1 From nobody at spamcop.net Sun Dec 5 11:18:51 2004 From: nobody at spamcop.net (Pop) Date: Sun Dec 5 11:20:03 2004 Subject: [SpamCop-List] Re: Piracy at Microsoft gone? References: Message-ID: Huh, it's still gone for me this morning. But, the whole net's sloooowwww, this morning, so maybe it's weather somewhere pulling stuff apart. Thanks for the comebacks; appreciate it. If I'm paitent enough, I can get to the URLs now at least, but it's ng to try to use them. I'll try again Monday - Regards, Pop "Ivan Leo Puoti" wrote in message news:cotjsc$bcj$1@news.spamcop.net... |I send lots of reports to them, a couple bounced but all seems to be ok now. | | Ivan. From michael.spamcop at michaellefevre.com Sun Dec 5 16:20:51 2004 From: michael.spamcop at michaellefevre.com (Michael Lefevre) Date: Sun Dec 5 11:25:02 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. References: Message-ID: David 1 wrote: > Anonymous wrote: >> "Bob W." wrote in message >> news:responseguard-07BB76.20564604122004@news.cesmail.net... >> >>> I've been append-spammed by two large organizations within the last two >>> weeks. First it was (and still is) the Smithsonian. CheetahMail handles >>> the delivery. >> >> >> Can you describe what append-spamming is? I've never heard that term >> before. Thanks. >> > Looking forward to this answer myself Basically, it involves taking a list of names (and addresses or whatever else) that a company already has, and then attaching email addresses (which the "appender" may have been collected from elsewhere, or created using standard patterns, or whatever) to them. So, if a company has a record for a Fred Johnson who lives in California, and the appender has record of a Fred Johnson with an address in California, they would attach the email address from their record onto the company's record for that person. Of course, the trouble is that one or other of the databases may be inaccurate or out of date, or there may just be multiple people with similar names/addresses/whatever so information for different people will be matched together incorrectly. The quality of the resulting information will be lower than the quality of the data they started with, which probably wouldn't have been all that great. If they then email the resulting list, they'll end up hitting a whole number of email addresses that are not correct. It is (according to some, at least) possible to do this without spamming, if the appender gets explicit permission from the owner of the email address before they pass it on. A description of the service from someone that does it is at: http://www.experian.com/products/email_append.html You can find more by doing a google search for "email append". -- Michael From eatmy at grits.com Sun Dec 5 11:34:45 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 13:35:21 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: I've left my computer running all night for the past few days with the MLNS screensaver running. I think I'll start leaving it on all day too while I'm at work. And all the idle computers in my building will be running it as well. "Mike Easter" wrote in message news:corcj8$2k5$1@news.spamcop.net... > Jeff wrote: > > LEMMING POWER!!!!! WOOOOOOOOOOOO HOOOOOOOOOOOOO!!!!!! > > Ha! > > -- > Mike Easter > kibitzer, not SC admin From nobody at spamcop.net Sun Dec 5 13:05:43 2004 From: nobody at spamcop.net (RW) Date: Sun Dec 5 14:10:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Jeff" wrote in message news:covkc0$fim$1@news.spamcop.net... > I've left my computer running all night for the past few days with the > MLNS > screensaver running. I think I'll start leaving it on all day too while > I'm > at work. And all the idle computers in my building will be running it as > well. I'm not sure it's even doing anything. Since the service was suspended I would imagine you are no longer being fed URLs. You should also check where your service provider stands on this issue. Most have denounced the whole idea, not in support of spammers but as a good Netizen, don't fight abuse with abuse, etc. They also have to pay for that bandwidth you are using. Most service providers have provisions in the AUPs regarding this type of misuse, meaning you could find wire cutters coming towards your line. Richard From eatmy at grits.com Sun Dec 5 12:35:06 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 14:35:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "RW" wrote in message news:covm65$gt0$1@news.spamcop.net... > > You should also check where your service provider stands on this issue. > Most have denounced the whole idea, not in support of spammers but as a good > Netizen, don't fight abuse with abuse, etc. They also have to pay for that > bandwidth you are using. > > Most service providers have provisions in the AUPs regarding this type of > misuse, meaning you could find wire cutters coming towards your line. It would be nice if they also had provisions for spammers who abuse their system, but they don't. My service provider is also paying for the millions of spam email they have to process daily, but I don't see them cutting off the spammers in any way. They've ignored all my complaints and they're never going to take any action against the spammers, nor are they going to block incoming spam. If they prefer to cut off a paying customer and keep the spammers, they can go right ahead and do it. Nothing I can do about it. From eatmy at grits.com Sun Dec 5 12:40:22 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 14:45:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "RW" wrote in message news:covm65$gt0$1@news.spamcop.net... > > I'm not sure it's even doing anything. Since the service was suspended I > would imagine you are no longer being fed URLs. Amazing how quickly the anti-spammers are stopped while the spammers run free, isn't it? I'm starting to wonder if I'm on the wrong side. Perhaps I should begin studying the profitability of becoming a spammer. I'd have all kinds of laws and ISPs protecting me. From nobody at spamcop.net Sun Dec 5 16:14:52 2004 From: nobody at spamcop.net (Pop) Date: Sun Dec 5 16:15:02 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. References: Message-ID: Michael Lefevre" wrote in message news:covch3$amu$1@news.spamcop.net... | David 1 wrote: | > Anonymous wrote: | >> "Bob W." wrote in message | >> news:responseguard-07BB76.20564604122004@news.cesmail.net... | >> | >>> I've been append-spammed by two large organizations within the last two ... | | It is (according to some, at least) possible to do this without spamming, | if the appender gets explicit permission from the owner of the email | address before they pass it on. | | A description of the service from someone that does it is at: | http://www.experian.com/products/email_append.html | You can find more by doing a google search for "email append". | | -- | Michael Well, I'll be damned. Experian, of all people! I used them once a couple years ago for something I was selling - their after-market support is dismal and totally unresponsive. Like they say about power and corruption ... . I wonder who else is doing this? I DO have to say though, that it's still spam if it lands in MY inbox, and if there was any doubt, which there wasn't, it was cemented by the following copied from their site: ---------------- "We collect opt-out requests We return your customer file with appended deliverable email addresses and opt out flags." ------------------- Spam is spam, is spam ... shades of Monty Python! I havent' seen one of these yet, but when I do I'll be sure to not use SC to report it so I can go to extremely extreme prejudice mode. It would even be worth using my congress critter's online forms to send to them. This deserves to get into print somehow; think I'll go see what I can dig up. Anyone else done that yet? No sense reinventing the wheel. Regards, Pop From nobody at spamcop.net Sun Dec 5 16:16:12 2004 From: nobody at spamcop.net (Pop) Date: Sun Dec 5 16:20:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "RW" wrote in message news:covm65$gt0$1@news.spamcop.net... | "Jeff" wrote in message | news:covkc0$fim$1@news.spamcop.net... | > I've left my computer running all night for the past few days with the | > MLNS | > screensaver running. I think I'll start leaving it on all day too while | > I'm | > at work. And all the idle computers in my building will be running it as | > well. | | I'm not sure it's even doing anything. Since the service was suspended I | would imagine you are no longer being fed URLs. | | You should also check where your service provider stands on this issue. | Most have denounced the whole idea, not in support of spammers but as a good | Netizen, don't fight abuse with abuse, etc. They also have to pay for that | bandwidth you are using. | | Most service providers have provisions in the AUPs regarding this type of | misuse, meaning you could find wire cutters coming towards your line. | | Richard | | Not to mention a lawsuit. From nobody at spamcop.net Sun Dec 5 16:20:31 2004 From: nobody at spamcop.net (Pop) Date: Sun Dec 5 16:25:02 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Jeff" wrote in message news:covnt5$hrk$1@news.spamcop.net... | "RW" wrote in message | news:covm65$gt0$1@news.spamcop.net... | > ... | > Most service providers have provisions in the AUPs regarding this type of | > misuse, meaning you could find wire cutters coming towards your line. | | It would be nice if they also had provisions for spammers who abuse their | system, but they don't. My service provider is also paying for the millions | of spam email they have to process daily, but I don't see them cutting off | the spammers in any way. They've ignored all my complaints and they're | never going to take any action against the spammers, nor are they going to | block incoming spam. If they prefer to cut off a paying customer and keep | the spammers, they can go right ahead and do it. Nothing I can do about it. ... True enough in too many places: That's why it's worth a few minutes to pick a good ISP and stick with them and support them as much as possible. My ISP will deny they use blocklists, scan for viruses, and do anything at all about spam, but guess what? They actually do all that, IFF you climb the techie ladder far enoug to talk to someone that knows what the words mean. And, they're pretty danged good at it too! Naturally the less travelled paths still let some spam thru, but it's a pleasure to have them working for me. If it sounds like I work for them, I do not; but I DO work WITH them! Regards, & done bragging, Pop From eatmy at grits.com Sun Dec 5 14:34:13 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 16:35:06 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Pop" wrote in message news:covtql$li4$1@news.spamcop.net... > > Not to mention a lawsuit. Good. As soon as they do that, I'll go to the local news station and newspapers and do an interview denouncing my ISP for suing the customer while protecting the spammers. I know it won't do any good, but I'll do it anyway. From David1 at suescornerweb.com Sun Dec 5 16:39:50 2004 From: David1 at suescornerweb.com (David 1) Date: Sun Dec 5 16:40:04 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: Jeff wrote: > "Pop" wrote in message > news:covtql$li4$1@news.spamcop.net... > > >>Not to mention a lawsuit. > > > > Good. As soon as they do that, I'll go to the local news station and > newspapers and do an interview denouncing my ISP for suing the customer > while protecting the spammers. I know it won't do any good, but I'll do it > anyway. > > Actually it might if done right & with some #s & some proof to back it up, In other words do the reporters job for them & make verification easy on them. They might blow it up as a David & Goliath if hard news is slow. David 1 From me at privacy.net Sun Dec 5 16:56:37 2004 From: me at privacy.net (Frog Prince) Date: Sun Dec 5 17:00:07 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Pop" | | Not to mention a lawsuit. With a jury trial what's the odds of a conviction? From eatmy at grits.com Sun Dec 5 15:46:17 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 17:50:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Frog Prince" wrote in message news:cp0072$nal$1@news.spamcop.net... > > "Pop" > | > | Not to mention a lawsuit. > > With a jury trial what's the odds of a conviction? Pretty high, I'd say. Anti-spammers are hated even more than spammers. This group is evidence of that. From tlsimpson at citlink.net Sun Dec 5 18:23:38 2004 From: tlsimpson at citlink.net (Terry Simpson) Date: Sun Dec 5 18:25:03 2004 Subject: [SpamCop-List] LARTED? Message-ID: What is LARTED? Thanks! From TMHRVMFWREVN at spammotel.com Sun Dec 5 23:21:58 2004 From: TMHRVMFWREVN at spammotel.com (Rob) Date: Sun Dec 5 18:30:05 2004 Subject: [SpamCop-List] Re: SC timeouts - Never Mind References: Message-ID: "Spam N Scams Reporter" wrote in message news:cot7qe$451$1@news.spamcop.net... > Spam N Scams Reporter wrote: > > SC has been slow again this morning, with some reports not going through > > without resending. Fortunately, I'm doing other things and not just > > sitting here waiting for the page to load. > > > > Brian > > I'm just multi-tasking a little tooooo much. > > I had been uploading an 18 MB file in the background and I'm not sure if > that was done before I had the slow down. Probably not. > > Brian No, I'm getting Gateway Time Out errors "The proxy server did not receive a timely response from the upstream server." In all the years of surfing I've never seen this error before, Page Not available, OK, but, not this one. Now it's getting as far as parsing, but, not as far as showing who it's to report to or the report now button. Rob From nobody at devnull.spamcop.net Sun Dec 5 17:38:19 2004 From: nobody at devnull.spamcop.net (Cat) Date: Sun Dec 5 18:40:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Terry Simpson wrote: > What is LARTED? > > Thanks! http://www.acronymfinder.com Also, Google is your friend. A simple search of the word LART on Google comes up with several web sites giving you a definition. From TMHRVMFWREVN at spammotel.com Sun Dec 5 23:35:56 2004 From: TMHRVMFWREVN at spammotel.com (Rob) Date: Sun Dec 5 18:45:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... > What is LARTED? > > Thanks! Losers Attitude Rearrangement Therapy From TMHRVMFWREVN at spammotel.com Sun Dec 5 23:40:46 2004 From: TMHRVMFWREVN at spammotel.com (Rob) Date: Sun Dec 5 18:45:09 2004 Subject: [SpamCop-List] Re: SC timeouts - Never Mind References: Message-ID: "Rob" wrote in message news:cp05f0$qt9$1@news.spamcop.net... > > "Spam N Scams Reporter" wrote in message > news:cot7qe$451$1@news.spamcop.net... > > Spam N Scams Reporter wrote: > > > SC has been slow again this morning, with some reports not going through > > > without resending. Fortunately, I'm doing other things and not just > > > sitting here waiting for the page to load. > > > > > > Brian > > > > I'm just multi-tasking a little tooooo much. > > > > I had been uploading an 18 MB file in the background and I'm not sure if > > that was done before I had the slow down. Probably not. > > > > Brian > > No, I'm getting Gateway Time Out errors "The proxy server did not receive a > timely response from the upstream server." > > In all the years of surfing I've never seen this error before, Page Not > available, OK, but, not this one. > > Now it's getting as far as parsing, but, not as far as showing who it's to > report to or the report now button. > > Rob > > After taking 40 minutes to finally report one spam then the site looking as if it had finally given up the ghost I was about to give up for the night myself...then it suddenly sprang back into life quicker that ever. Something must have got fixed :-) Rob From pete at heypete.com Sun Dec 5 15:44:24 2004 From: pete at heypete.com (Pete Stephenson) Date: Sun Dec 5 18:45:15 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: In article , "Terry Simpson" wrote: > What is LARTED? http://www.retrologic.com/jargon/L/LART.html Luser Attitude Readjustment Tool. 1. n. In the collective mythos of scary devil monastery, this is an essential item in the toolkit of every BOFH. The LART classic is a 2x4 or other large billet of wood usable as a club, to be applied upside the head of spammers and other people who cause sysadmins more grief than just naturally goes with the job. Perennial debates rage on alt.sysadmin.recovery over what constitutes the truly effective LART; knobkerries, automatic weapons, flamethrowers, and tactical nukes all have their partisans. Compare clue-by-four. 2. v. To use a LART. Some would add ³in malice², but some sysadmins do prefer to gently lart their users as a first (and sometimes final) warning. 3. interj. Calling for one's LART, much as a surgeon might call ³Scalpel!². 4. interj. [rare] Used in flames as a rebuke. ³LART! LART! LART!² -- Pete Stephenson HeyPete.com From mfkmek820 at yahoo.com Sun Dec 5 14:47:26 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sun Dec 5 18:50:02 2004 Subject: [SpamCop-List] Re: SC timeouts - Never Mind References: Message-ID: "Rob" wrote in message news:cp05f0$qt9$1@news.spamcop.net... > > > Now it's getting as far as parsing, but, not as far as showing who it's to > report to or the report now button. > > Rob Too much traffic from makelovenotspam and spam colliding on the net. We better terminate the lovenotspam crowd so that the spam can again flow freely. Fred K From mfkmek820 at yahoo.com Sun Dec 5 14:55:06 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sun Dec 5 19:00:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Cat" wrote in message news:cp0650$rhi$1@news.spamcop.net... > Also, Google is your friend. A simple search of the word LART on Google > comes up with several web sites giving you a definition. Ah but alas, the poor person wanted a simple definition of lart as it is used here. Following the kind brush-off by cat leads one on an adventure and after doing it I a gave up weeding through numerous definitions that do not clearly define the term as it seems to be used in this NG. Fred K P.S. If I was sure as to what it means I would tell. From puoti at inwind.it Mon Dec 6 01:02:46 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Sun Dec 5 19:05:03 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: The lycos screensaver isn't working at the moment, in the mean time you can use this page instead http://www003.portalis.it/115/spammustdie.html Ivan. From eatmy at grits.com Sun Dec 5 17:32:30 2004 From: eatmy at grits.com (Jeff) Date: Sun Dec 5 19:35:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: COOL! I'll run anything I can get my hands on and leave it running as long as possible! Thanks! "Ivan Leo Puoti" wrote in message news:cp07kn$sor$1@news.spamcop.net... > The lycos screensaver isn't working at the moment, in the mean time you > can use this page instead > http://www003.portalis.it/115/spammustdie.html > > Ivan. From baloo at ursine.dyndns.org Sun Dec 5 16:59:06 2004 From: baloo at ursine.dyndns.org (Paul Johnson) Date: Sun Dec 5 20:00:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <1102294783.600602@ursine.dyndns.org> Terry Simpson wrote: > What is LARTED? Look it up, it's in the Jargon File. http://ursine.dyndns.org/Jargon:LART -- Paul Johnson baloo@ursine.dyndns.org http://ursine.dyndns.org/ From nobody at spamcop.net Sun Dec 5 19:55:12 2004 From: nobody at spamcop.net (RW) Date: Sun Dec 5 21:00:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Jeff" wrote in message news:covush$m82$1@news.spamcop.net... > "Pop" wrote in message > news:covtql$li4$1@news.spamcop.net... > >> >> Not to mention a lawsuit. > > > Good. As soon as they do that, I'll go to the local news station and > newspapers and do an interview denouncing my ISP for suing the customer > while protecting the spammers. I know it won't do any good, but I'll do > it > anyway. That isn't the fear. The fear is a) the spammer or b) legit customers on the targeted server suing your service provider for allowing their network to be used in a ddos against their server. I don't argue spam is costing your ISP (and hence you) a fortune. We are extremely lucky broadband is still a very competitive market and these cost increases haven't been passed on to the consumer -- yet. We do need a few more ISPs taking the big five route and suing the persistant spammers. Unfortunately few can afford to spend the millions necessary to collect nothing, knowing the spammers will simply slither out from under a different rock to spin their game again. Richard From nobody at spamcop.net Sun Dec 5 20:02:09 2004 From: nobody at spamcop.net (RW) Date: Sun Dec 5 21:05:03 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: "Ivan Leo Puoti" wrote in message news:cp07kn$sor$1@news.spamcop.net... > The lycos screensaver isn't working at the moment, in the mean time you > can use this page instead > http://www003.portalis.it/115/spammustdie.html > > Ivan. Not that I'm condoning it, but having multiple windows open would hit them harder. You also have to make sure you aren't running through your ISP's proxy, otherwise you'll just be reloading off the proxy and not touching the website's bandwidth. Richard From MikeE at ster.invalid Sun Dec 5 18:31:01 2004 From: MikeE at ster.invalid (Mike Easter) Date: Sun Dec 5 21:35:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: Fred K wrote: > "Cat" >> Also, Google is your friend. A simple search of the word LART on >> Google comes up with several web sites giving you a definition. > > Ah but alas, the poor person wanted a simple definition of lart as it > is used here. Some people are into spoonfeeding the hapless or uninformed, while others would rather show them the way to get information, including some dirty work. > Following the kind brush-off by cat leads one on an > adventure and after doing it I a gave up weeding through numerous > definitions that do not clearly define the term as it seems to be > used in this NG. And therein lies the 'educational' process. It's just like troubleshooting. The hours you spend chasing the wrong ponies are all part of the overall process that lead to the greater wisdom based on all experiences in the longrun. While there is some 'education' in being pointed to exactly the right page without superfluous effort, the /extra/ effort shows you/the novice/ pathways which will/might be invaluable in some future effort, and are certainly valuable in teaching one some pathways and experiences that don't work very well. -- Mike Easter kibitzer, not SC admin From nobody at xyzzy.claranet.de Mon Dec 6 03:30:46 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Sun Dec 5 21:40:03 2004 Subject: [SpamCop-List] Re: How can this be? References: Message-ID: <41B3C456.5B92@xyzzy.claranet.de> Fred K wrote: > could you tell me what is wrong with this picture? [...] > [Norton Spam] http://groups.google.com/groups?q=author%3A@symantec.invalid From MikeE at ster.invalid Sun Dec 5 18:46:39 2004 From: MikeE at ster.invalid (Mike Easter) Date: Sun Dec 5 21:50:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: Terry Simpson wrote: > What is LARTED? IMO The term has lost its relevance and should be considered pass? - that particular word looks to me like p a s s then [e acute]. That is, once upon a time, a notify had some 'impact' -- the notify would 'affect' the spammer adversely; but no more. Nowadays, a 'luser attitude readjustment tool' is instead a rather ineffectual notify, which isn't a 'clue by four' upside the head of the spammer at all. The spammer is laughing all the way to the bank and the spam reporter is only pretending to be 'larting' The spam reporter isn't actually swinging a cluebyfour, and the spammer therefore isn't getting 'larted'. So the term should be dead and buried. In its current iteration it is an 'embarassment' - a notion of times gone by, as far as I'm concerned. It is all jivetalk 'jargon' which doesn't have the same meaning which it once did. It implies a power or significance greater than a typical notify deserves. IMO. -- Mike Easter kibitzer, not SC admin From mfkmek820 at yahoo.com Sun Dec 5 17:55:27 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Sun Dec 5 22:00:16 2004 Subject: [SpamCop-List] Re: How can this be? References: <41B3C456.5B92@xyzzy.claranet.de> Message-ID: "Frank Ellermann" wrote in message news:41B3C456.5B92@xyzzy.claranet.de... > Fred K wrote: > >> could you tell me what is wrong with this picture? > [...] >> [Norton Spam] > > http://groups.google.com/groups?q=author%3A@symantec.invalid > Could you please tell me what I am supposed to look for on that page. Fred K From nobody at xyzzy.claranet.de Mon Dec 6 04:34:51 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Sun Dec 5 22:40:01 2004 Subject: [SpamCop-List] Re: How can this be? References: <41B3C456.5B92@xyzzy.claranet.de> Message-ID: <41B3D35A.32AC@xyzzy.claranet.de> Fred K wrote: > Could you please tell me what I am supposed to look for > on that page. You're supposed to identify "symantec" and "norton" in mail as synonyms for "FUBAR" and "clueless user". In your case they apparently "protect" their abuse@ mailbox with a tool claiming to identify spam, and in fact your spam report was about spam. Game over, tilt, report it to the deputies@SC Bye, Frank From tdy at blackhole.invalid Sun Dec 5 19:45:58 2004 From: tdy at blackhole.invalid (N. Miller) Date: Sun Dec 5 22:50:02 2004 Subject: [SpamCop-List] Re: Why won't this work? References: Message-ID: In article , I'm_a_victim says... > If the header is scanned by a gate keeper of all email entering the US... There is no such thing. There can be no such thing; at least not until the U.S. Government takes over the U.S. part of the Internet. Companies like TWT and SBC "own"[1] the U.S. government, so that will never happen. [1] As in making significant political contributions to legislators who will, in turn, act on legislation which favors them over competition. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From tdy at blackhole.invalid Sun Dec 5 19:48:38 2004 From: tdy at blackhole.invalid (N. Miller) Date: Sun Dec 5 22:50:09 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. References: Message-ID: In article , Anonymous says... > "Bob W." wrote in message > news:responseguard-07BB76.20564604122004@news.cesmail.net... > > I've been append-spammed by two large organizations within the last two > > weeks. First it was (and still is) the Smithsonian. CheetahMail handles > > the delivery. > Can you describe what append-spamming is? I've never heard that term > before. Thanks. Could it be that the OP was referring to "epending"? -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From tdy at blackhole.invalid Sun Dec 5 19:53:39 2004 From: tdy at blackhole.invalid (N. Miller) Date: Sun Dec 5 22:55:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: In article , Mike Easter says... > Terry Simpson wrote: > > What is LARTED? > IMO > The term has lost its relevance and should be considered pass? - that > particular word looks to me like p a s s then [e acute]. In other words, contemporary notifies have no impact. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint From nobody at spamcop.net Sun Dec 5 23:14:18 2004 From: nobody at spamcop.net (Tom) Date: Mon Dec 6 00:15:02 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: On Sun, 5 Dec 2004 18:31:01 -0800, Mike Easter wrote: >While there is some 'education' in being pointed to exactly the right >page without superfluous effort, the /extra/ effort shows you/the >novice/ pathways which will/might be invaluable in some future effort, >and are certainly valuable in teaching one some pathways and experiences >that don't work very well. Boy, Mike, but you use big words Commenting on some of your snipped stuff, I'm of the opinion that there is a time for each approach. Usually, when I run across something that I don't have a clue on, I just wait to see if someone else is floating in the same boat as I... and then I get the answer without looking stupid or drawing negative comments. I agree, by the way, with your assessment (at least, partially), but sometimes prefer the clue-by-four route... From nobody at spamcop.net Sun Dec 5 23:16:50 2004 From: nobody at spamcop.net (Tom) Date: Mon Dec 6 00:20:02 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: On Sun, 5 Dec 2004 19:53:39 -0800, N. Miller wrote: >> The term has lost its relevance and should be considered pass? - that >> particular word looks to me like p a s s then [e acute]. > >In other words, contemporary notifies have no impact. Except to build black/block lists. Which is why to sooner you can report spam to the time it was delievered, the better. From David1 at suescornerweb.com Mon Dec 6 00:43:17 2004 From: David1 at suescornerweb.com (David 1) Date: Mon Dec 6 00:45:07 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Tom wrote: > On Sun, 5 Dec 2004 19:53:39 -0800, N. Miller wrote: > > >>>The term has lost its relevance and should be considered pass? - that >>>particular word looks to me like p a s s then [e acute]. >> >>In other words, contemporary notifies have no impact. > > > Except to build black/block lists. > > Which is why to sooner you can report spam to the time it was > delievered, the better. > My avg. According to spam cop usually runs between 2 - 5 hours, is that considered ok??? David 1 From nobody at spamcop.net Sun Dec 5 21:52:23 2004 From: nobody at spamcop.net (Dar) Date: Mon Dec 6 00:55:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: > > "Cat" wrote in message > > Also, Google is your friend. A simple search of the word LART on Google > > comes up with several web sites giving you a definition. > "Fred K" wrote in message > Ah but alas, the poor person wanted a simple definition of lart as it is > used here. Following the kind brush-off by cat leads one on an adventure and > after doing it I a gave up weeding through numerous definitions that do not > clearly define the term as it seems to be used in this NG. > > Fred K > P.S. If I was sure as to what it means I would tell. Or, as I used to tell my children, "If I *tell* you how it's spelled, you'll forget. If you look it up, you're more likely to remember." In the case of *Google is your friend*, there's always the possibility of even *more* you'll learn in the process. If may not be specific to your original question, but what's wrong with that? Learning is learning and that's never a bad thing. I've already forgotten what the term LARTED means. Dar From nobody at devnull.spamcop.net Mon Dec 6 00:40:53 2004 From: nobody at devnull.spamcop.net (Cat) Date: Mon Dec 6 01:45:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pete Stephenson wrote: > In article , > "Terry Simpson" wrote: > > >>What is LARTED? > > > http://www.retrologic.com/jargon/L/LART.html > > Luser Attitude Readjustment Tool. You were supposed to show him how to look it up on his own. :-P From nobody at devnull.spamcop.net Mon Dec 6 00:48:08 2004 From: nobody at devnull.spamcop.net (Cat) Date: Mon Dec 6 01:50:02 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Mike Easter wrote: > Fred K wrote: >>Ah but alas, the poor person wanted a simple definition of lart as it >>is used here. My point was that people should learn to look it up. I was always taught "If you don't know the answer, look it up" when I was a kid. It taught me how to research things and how to think for myself instead of having everyone hand me all the answers. Then if I still can't find the answer, I'll ask. > Some people are into spoonfeeding the hapless or uninformed, while > others would rather show them the way to get information, including some > dirty work. Agreed. I think people get too lazy and don't want to do any work for themselves and instead expect other people to spoon feed them all the time. >>Following the kind brush-off by cat leads one on an Note to Frank: That's Cat with a capital C, and it wasn't a brush off. I showed him how to look up information on his own. Seriously, when the answers to things like that can be found through a simple Google search of the term, people shouldn't ask them here. From SpamNScamsReporter# at gmail#.com# Sun Dec 5 22:51:29 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Mon Dec 6 01:55:04 2004 Subject: [SpamCop-List] Re: SC timeouts - Never Mind In-Reply-To: References: Message-ID: Rob wrote: > "Spam N Scams Reporter" wrote in message > news:cot7qe$451$1@news.spamcop.net... > >>Spam N Scams Reporter wrote: >> >>>SC has been slow again this morning, with some reports not going through >>>without resending. Fortunately, I'm doing other things and not just >>>sitting here waiting for the page to load. >>> >>>Brian >> >>I'm just multi-tasking a little tooooo much. >> >>I had been uploading an 18 MB file in the background and I'm not sure if >>that was done before I had the slow down. Probably not. >> >>Brian > > > No, I'm getting Gateway Time Out errors "The proxy server did not receive a > timely response from the upstream server." > > In all the years of surfing I've never seen this error before, Page Not > available, OK, but, not this one. > > Now it's getting as far as parsing, but, not as far as showing who it's to > report to or the report now button. > > Rob > > I was running into that somewhat frequently, which was the reason for my original post. Then I realized that this time may have been due to me uploading a 17 MB database file. I don't know if it was or not. I have a fairly fast connection. Brian From vincehoran at gmail.com Mon Dec 6 11:56:46 2004 From: vincehoran at gmail.com (Vince Horan) Date: Mon Dec 6 06:56:50 2004 Subject: [SpamCop-List] Did Clara Net abuse all its customers today? Message-ID: In my pile of mails from overnight were a few dumbers auto-responding to viruses. Nothing unusual about that, other than when I looked at the original header, there was no mention of any of my domains. The reply address was annlist@clara.net. As a few more of these poured in, also directed to annlist@clara.net, it became apparent that this was publically exploitable way of emailing Clara Net customers. A call the Clara Net found they were aware of the problem and had shut it down. Thanks Clara Net. From michael.spamcop at michaellefevre.com Mon Dec 6 12:39:01 2004 From: michael.spamcop at michaellefevre.com (Michael Lefevre) Date: Mon Dec 6 07:40:03 2004 Subject: [SpamCop-List] Re: United Airlines: Spamming a dead man. References: Message-ID: Pop wrote: > Michael Lefevre" wrote in > message news:covch3$amu$1@news.spamcop.net... [snip] >| A description of the service from someone that does it is at: >| http://www.experian.com/products/email_append.html >| You can find more by doing a google search for "email append". > > Well, I'll be damned. Experian, of all people! I used them once > a couple years ago for something I was selling - their > after-market support is dismal and totally unresponsive. Like > they say about power and corruption ... . > > I wonder who else is doing this? Abacus/Doubleclick Omnipoint I'm sure there are others that whose names would be familiar... -- Michael From puoti at inwind.it Mon Dec 6 14:40:39 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Mon Dec 6 08:45:03 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: > Not that I'm condoning it, but having multiple windows open would hit them > harder. It won't, you'll use the same bandwidth. If anyone sees that only part of his bandwidth is being used, let me know and I'll add more spamvertised sites. Ivan. From bar_n0ne at hotmail.com Mon Dec 6 17:53:51 2004 From: bar_n0ne at hotmail.com (Berny) Date: Mon Dec 6 08:55:02 2004 Subject: [SpamCop-List] who is pdlweb@yahoo.com (3d party interested)? Message-ID: seeing them a lot lately on my Rx spams for *.abbey1eater.com. Also looks like someone is using yahoo for commercial purposes. From puoti at inwind.it Mon Dec 6 15:05:10 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Mon Dec 6 09:10:03 2004 Subject: [SpamCop-List] Want to get to a spammer? Message-ID: I've got a spam in russian spamvertising some sort of event, a physical address is given, I take no responsibility if someone turns up to the event and beats up the organizer :) http://www.spamcop.net/sc?id=z699774522z227efe462e0c7c11f6502a15111aa39bz;action=display Babelfish translation The palace of the culture Of mIITa, the club of amateurs KVN "perchbox" propose to your attention NEW-YEAR IDEA for the children and schoolboys "MAN- SPIDER AGAINST Ram- Yagi". Captivating adventures occur in the magic fairytale scaffolding. Dark forces headed by the ram Of yagoy want to prevent good new-year history. Insidious concept and ominous intrigues could be carried out, if not super-hero. New-year musical fairy tale with the specials-effect, the splendid suits and the amusing jokes will be interesting not only to children, but also to their parents. Holiday will begin already in the foyer of the palace of the culture, where the heroes of the fairy tales caught the fancy by it and cartoons will meet the children. And, of course, it will not manage without the surprises and the new-year magic. New-year idea is passed daily from 25 December through 09 January (10:30, 13:00, 15:30). With the address: m. is novoslobodskaya, Novosushchevskiy alley, house 6, the palace of the culture Of mIITa. Duration of play - 1 hour. Interludes in fir tree - 30 minutes. Cost of one entrance ticket with the gift - 180 rubles, the cost of one entrance ticket for the parents - 90 rubles (payment with available and by clearing order). On questions of the acquisition of tickets be turned on the telephones: 973-35-52, 973-49-90 (from 9:00 to 22:00) is possible the delivery of tickets. Passage: m. is novoslobodskaya, is Mendeleyev's, is Belorussian, tr. ? 19, to the stoppage: &.tsuot;DK Of mIITa&.tsuot;. Gotovtes' to become rukovoditelem&.tsuot;. a similar type it reached to me pleasure. I showed, who here owner, it decided to send personal representative, emissary of peace, for negotiations c From puoti at inwind.it Mon Dec 6 15:08:07 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Mon Dec 6 09:10:10 2004 Subject: [SpamCop-List] gdeter@ns.cr does NOT bounce. Message-ID: This address does not bounce, please stop devnulling. From ng.fjxrp at jondh.me.uk Mon Dec 6 14:27:49 2004 From: ng.fjxrp at jondh.me.uk (Jon (spamtrap)) Date: Mon Dec 6 09:30:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: > "Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... > > What is LARTED? > > Thanks! To all ... IMHO this sounded like a perfectly reasonable question. Yes, it can be looked up on Google, but Terry chose a much more sociable method - and asked real people. Yet sometimes respondents prefer to get snippy - which reflects badly on the rest of us. Netiquette isn't about being rude to people - AFAIK anyway - it is a method which helps us all to get along in our virtual environment. Most of us wouldn't abuse a co-worker and accuse them of wanting "spoonfeeding" if they approached us at our desk to ask a (possibly obvious) question - so why do we do it when we are online? Apologies all - I have just seen too much unnecessary unhelpfulness in this NG to not say anything. Anyway, have a nice day all :o) Jon -- Please don't mail ng.fjxrp@jondh.me.uk as it is a spamtrap. From nospam at nospam.org Mon Dec 6 17:12:55 2004 From: nospam at nospam.org (geo_splash_12) Date: Mon Dec 6 11:15:02 2004 Subject: [SpamCop-List] SPAMCOP down? Message-ID: No response here at 17:10 MET, but ping seems to work, is the web server down? -- And your Chinese exchange student asks: what does it mean "I'm busy". Location 51 57'N 4 28'E From Kilgallen at SpamCop.net Mon Dec 6 10:25:57 2004 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Mon Dec 6 11:30:07 2004 Subject: [SpamCop-List] Re: Want to get to a spammer? References: Message-ID: In article , Ivan Leo Puoti writes: > I've got a spam in russian spamvertising some sort of event, a physical > address is given, I take no responsibility if someone turns up to the > event and beats up the organizer :) Even if you have promoted violence in response to a joe job ? From nobody at spamcop.net Mon Dec 6 11:58:44 2004 From: nobody at spamcop.net (Ellen) Date: Mon Dec 6 12:10:04 2004 Subject: [SpamCop-List] Re: who is pdlweb@yahoo.com (3d party interested)? References: Message-ID: "Berny" wrote in message news:cp1o9k$ph5$1@news.spamcop.net... > seeing them a lot lately on my Rx spams for *.abbey1eater.com. > > Also looks like someone is using yahoo for commercial purposes. > > > IP? full spamvertized url? No way I can even attempt to answer your question without that information. Ellen From nobody at devnull.spamcop.net Mon Dec 6 11:50:34 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Mon Dec 6 12:55:03 2004 Subject: [SpamCop-List] Re: gdeter@ns.cr does NOT bounce. References: Message-ID: "Ivan Leo Puoti" wrote in message news:cp1p5t$qg9$1@news.spamcop.net... > This address does not bounce, please stop devnulling. Can you guarantee that this ISP is not bouncing e-mail from SpamCop? From David1 at suescornerweb.com Mon Dec 6 12:52:46 2004 From: David1 at suescornerweb.com (David 1) Date: Mon Dec 6 12:55:14 2004 Subject: [SpamCop-List] Re: gdeter@ns.cr does NOT bounce. In-Reply-To: References: Message-ID: Ivan Leo Puoti wrote: > This address does not bounce, please stop devnulling. um could it be that a program like Mailwasher is bouncing it ???? At the users request. From David1 at suescornerweb.com Mon Dec 6 13:34:37 2004 From: David1 at suescornerweb.com (David 1) Date: Mon Dec 6 13:35:03 2004 Subject: [SpamCop-List] sc Black listed Message-ID: I posted the following knowing that one of the folks there would tell me what to do with it one way or the other so after an answer I'll post it here. ************************ Look, I'm new, I dont' know where to go with this or if it's even worth it so I'll just throw it the source out here & leave it up to those that know what to do to do something with it if needed # spamcop is fucked up spamcop.net 554 blocked dom We are sorry, but we cannot accept any more guaranteed 100% nonsense misdirected and false spamcop reports. Matter referred to Julian Haight, but he cannot fix spamcop reporting without breaking other features he considers more important. See Taken from http://www.river.com/ops/spam/bad-domains.txt It was the last entry at the time I posted this. I found it while I was doing a scam search on something else. David 1 From tmcgraw at spamcop.net Mon Dec 6 13:10:37 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon Dec 6 16:15:02 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Jon (spamtrap) wrote: >>"Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... >> >>What is LARTED? >> >>Thanks! > > I just read the entire thread and thought the only rude post was by Fred K. From kenbrody at spamcop.net Mon Dec 6 15:47:17 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Mon Dec 6 16:15:14 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <41B4C555.8EC4D206@spamcop.net> Cat wrote: > > Mike Easter wrote: > > Fred K wrote: > > > > >>Ah but alas, the poor person wanted a simple definition of lart as it > >>is used here. > > My point was that people should learn to look it up. I was always taught > "If you don't know the answer, look it up" when I was a kid. It taught > me how to research things and how to think for myself instead of having > everyone hand me all the answers. Then if I still can't find the answer, > I'll ask. Or, as I like to say, "I'm trying to teach them to fish". > > Some people are into spoonfeeding the hapless or uninformed, while > > others would rather show them the way to get information, including some > > dirty work. > > Agreed. I think people get too lazy and don't want to do any work for > themselves and instead expect other people to spoon feed them all the time. Although acronymfinder is a better choice for this particular task, Google for both "lart" and "larted" bring relevent pages as the third ranking entry for each search. I'm not sure how much weeding needs to be done to find the "right" answer. [...] -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Mon Dec 6 15:48:57 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Mon Dec 6 16:15:20 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <41B4C5B9.8D629AF5@spamcop.net> Dar wrote: [...] > I've already forgotten what the term LARTED means. Actually, I think it's more accurately "LARTed", as "LART" is the acronym, and "ed" is the suffix to make it past tense. -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From kenbrody at spamcop.net Mon Dec 6 16:14:29 2004 From: kenbrody at spamcop.net (Kenneth Brody) Date: Mon Dec 6 16:15:28 2004 Subject: [SpamCop-List] Re: sc Black listed References: Message-ID: <41B4CBB5.BF5DDB19@spamcop.net> David 1 wrote: [...] > # spamcop is fucked up > spamcop.net 554 blocked dom We are sorry, but we cannot accept any > more guaranteed 100% nonsense misdirected and false spamcop reports. > Matter referred to Julian Haight, but he cannot fix spamcop reporting > without breaking other features he considers more important. See > > > Taken from http://www.river.com/ops/spam/bad-domains.txt > > It was the last entry at the time I posted this. I found it while I was > doing a scam search on something else. I though SpamCop can be told "I don't want any reports", and they'll automatically be /dev/null'ed? I'd love to know what sort of "guaranteed 100% nonsense misdirected and false spamcop reports" this person gets? -- +-------------------------+--------------------+-----------------------------+ | Kenneth J. Brody | www.hvcomputer.com | | | kenbrody/at\spamcop.net | www.fptech.com | #include | +-------------------------+--------------------+-----------------------------+ Don't e-mail me at: From tmcgraw at spamcop.net Mon Dec 6 13:15:30 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon Dec 6 16:20:04 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? In-Reply-To: References: Message-ID: Possum Trot wrote: > Ellen, and all, > > The article says that the targets for the attack are obtained from > SPAMCOP.COM, not our SPAMCOP.NET. The article at http://www.heise.de/english/newsticker/news/53697 says "SpamCop" and links to spamcop.net But as we all know by now, this program has ben suspended indefinitely by Lycos. From Merlyn at Spamcop.net Mon Dec 6 16:20:31 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Mon Dec 6 16:25:04 2004 Subject: [SpamCop-List] Re: sc Black listed References: Message-ID: "David 1" wrote in message news:cp28nu$5ce$2@news.spamcop.net... >I posted the following knowing that one of the folks there would tell me >what to do with it one way or the other so after an answer I'll post it >here. > ************************ > Look, I'm new, I dont' know where to go with this or if it's even worth it > so I'll just throw it the source out here & leave it up to those that > know what to do to do something with it if needed > > # spamcop is fucked up > spamcop.net 554 blocked dom We are sorry, but we cannot accept any more > guaranteed 100% nonsense misdirected and false spamcop reports. Matter > referred to Julian Haight, but he cannot fix spamcop reporting without > breaking other features he considers more important. See > > > Taken from http://www.river.com/ops/spam/bad-domains.txt > > It was the last entry at the time I posted this. I found it while I was > doing a scam search on something else. They should just add themselves to their own BOFH List. -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From MikeE at ster.invalid Mon Dec 6 14:09:41 2004 From: MikeE at ster.invalid (Mike Easter) Date: Mon Dec 6 17:10:03 2004 Subject: [SpamCop-List] Re: sc Black listed References: Message-ID: David 1 wrote: > I posted the following knowing that one of the folks there would tell > me what to do with it one way or the other so after an answer I'll > post it here. > http://www.river.com/ops/nospam/ river's nospam page explains that their users can choose one of 6 levels of spamblocking. The first level is/ could be/ very sensible, except for the fact that it is extremely outdated. Its intention is to use dnsbl/s to block open smtp relays and proxies which is a good idea. That would be a good thing to block, but over half of the dnsbl/s chosen are way outawhack because they don't exist anymore, so that is evidence that either river doesn't know what they are doing, or this is actually an old outdated page of no relevance. Since my search for a link to the page shows it to appear to being currently used or referred to, I have to assume there is some kind of currently operational functionality there. > Taken from http://www.river.com/ops/spam/bad-domains.txt Unfortunately, the very next level up starts getting even more stupid. Not only does it add some more old outdated lists, such as two more from easynet whose functions have gone over to a different blocklister, but then it adds domain blocking, which is generally way dumb, and it appears that their netblock list is also pretty dumb. It is the domainblocking that includes spamcop. Surprisingly, they /claim/ that the next level up, which adds spews and tons of freemail provider domainnames in addition to the other both bad and outdated choices is both their default and most popular method. When I try to find my way to river's 'front page' - if they are functioning as an ISP or some other kinds of mailservice provider - I don't have much luck. They are in netrack.net's blockspace. I would have to hear from someone who is actually a river mail user to believe that the river MX, which is mail.river.com DNS 206.168.117.188 actually functions like that. The poster who is posting in sightings and 'referring' to the river pages above is unfortunately not posting to sightings properly, since he doesn't post the full headers of the spam. Doh! The poster who is citing those pages in nanae and sightings is Richard Johnson, who uses a whirlpool.river.com address in his From; so apparently the page is getting stamped onto spam, and the 2 MXes for whirlpool are different from river, but in the same netblock. -- Mike Easter kibitzer, not SC admin From spamcop at oitc.com Mon Dec 6 18:22:18 2004 From: spamcop at oitc.com (spamcop) Date: Mon Dec 6 18:25:08 2004 Subject: [SpamCop-List] 3rd party suspect Message-ID: RE: http://www.spamcop.net/sc?id=z699944393zfb471cc9c9d73d688c524882956fa215z Has Re: http://jngo.net/y.z?l=https://secure.directtrac... (Third party interested in spamvertized web site) To: spamcop@us.jangomail.com (Notes) Well jangomail.com is owned by Ajay Goel who looks awefully fishy to me (http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK2149) Organization: Silicomm Corporation Ajay Goel 5335 Far Hills Avenue, Suite 222 Dayton, OH 45429 US Phone: 9374358122 Fax..: 6306044082 Email: ajay@silicomm.com Registrar Name....: Register.com Registrar Whois...: whois.register.com Registrar Homepage: http://www.register.com Domain Name: JANGOMAIL.COM Created on..............: Fri, Sep 20, 2002 Expires on..............: Thu, Sep 20, 2007 Record last updated on..: Fri, Apr 16, 2004 Administrative Contact: Silicomm Corporation Ajay Goel 5335 Far Hills Avenue, Suite 222 Dayton, OH 45429 US Phone: 9374358122 Fax..: 6306044082 Email: ajay@silicomm.com Technical Contact, Zone Contact: Register.Com Domain Registrar 575 8th Avenue - 11th Floor New York, NY 10018 US Phone: 902-749-2701 Fax..: 902-749-5429 Email: domain-registrar@register.com Domain servers in listed order: DNS2.SILICOMM.COM 64.56.108.182 NS0.DNSMADEEASY.COM 63.219.151.3 NS1.DNSMADEEASY.COM 69.10.137.166 NS3.DNSMADEEASY.COM 64.246.42.123 From TMHRVMFWREVN at spammotel.com Mon Dec 6 23:32:36 2004 From: TMHRVMFWREVN at spammotel.com (Rob) Date: Mon Dec 6 18:35:02 2004 Subject: [SpamCop-List] Re: SPAMCOP down? References: Message-ID: "geo_splash_12" wrote in message news:cp20e8$vf9$1@news.spamcop.net... > No response here at 17:10 MET, but ping seems to work, is the web server > down? > > -- > And your Chinese exchange student asks: what does it mean "I'm busy". > Location 51 57'N 4 28'E Not quite down. It's very slow, taking me 10+ mins to get half way through a parse then it fails. Same as yesterday about the same time. From TMHRVMFWREVN at spammotel.com Mon Dec 6 23:43:33 2004 From: TMHRVMFWREVN at spammotel.com (Rob) Date: Mon Dec 6 18:45:03 2004 Subject: [SpamCop-List] Re: SPAMCOP down? References: Message-ID: "Rob" wrote in message news:cp2q76$h5l$1@news.spamcop.net... > > "geo_splash_12" wrote in message > news:cp20e8$vf9$1@news.spamcop.net... > > No response here at 17:10 MET, but ping seems to work, is the web server > > down? > > > > -- > > And your Chinese exchange student asks: what does it mean "I'm busy". > > Location 51 57'N 4 28'E > > Not quite down. It's very slow, taking me 10+ mins to get half way through > a parse then it fails. Same as yesterday about the same time. > > After about 45 mins it returned to normal. Seems to have happened same time two nights in a row. From MikeE at ster.invalid Mon Dec 6 15:47:18 2004 From: MikeE at ster.invalid (Mike Easter) Date: Mon Dec 6 18:50:03 2004 Subject: [SpamCop-List] Re: Lycos DDos Screensaver ? References: Message-ID: Tim McGraw wrote: > The article at http://www.heise.de/english/newsticker/news/53697 says > "SpamCop" and links to spamcop.net The spamcop statement in that article isn't at all accurate. It sez: "Currently, Lycos is waging war against the notorious spammers blacklisted at Spamcop." where 'Spamcop' links to http://www.spamcop.net/ When, in fact, the spamvertisers which were being targetted were not /blacklisted at spamcop/ at all, since SC doesn't blacklist spamvertisers, but simply posts them on the stats page -- and those spamsource IPs, which /are/ blacklisted by the SCbl, are *not* the targets of the now defunct MLNS screensaver. Poorly written articles are a pain. -- Mike Easter kibitzer, not SC admin From eatmy at grits.com Mon Dec 6 17:40:15 2004 From: eatmy at grits.com (Jeff) Date: Mon Dec 6 19:45:08 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: GIMME GIMME GIMME!!! "Ivan Leo Puoti" wrote in message news:cp1nid$p0e$1@news.spamcop.net... > > Not that I'm condoning it, but having multiple windows open would > hit them > > harder. > > It won't, you'll use the same bandwidth. If anyone sees that only part > of his bandwidth is being used, let me know and I'll add more > spamvertised sites. > > Ivan. From nobody at spamcop.net Mon Dec 6 18:26:16 2004 From: nobody at spamcop.net (Dar) Date: Mon Dec 6 21:30:05 2004 Subject: [SpamCop-List] Spammer Software Message-ID: I'm finding conflicting answers to this question: Can spammer software spider database generated web pages? I have concern for a listing of Chamber of Commerce members on a local web site. I've smacked two Chamber members who were caught spamming other members one by one, but what about the pros? Dar From nobody at spamcop.net Mon Dec 6 21:17:34 2004 From: nobody at spamcop.net (Ellen) Date: Mon Dec 6 21:35:02 2004 Subject: [SpamCop-List] Re: 3rd party suspect References: Message-ID: "spamcop" wrote in message news:BDDA53DA.EF2E%spamcop@oitc.com... > RE: > http://www.spamcop.net/sc?id=z699944393zfb471cc9c9d73d688c524882956fa215z > > Has Re: http://jngo.net/y.z?l=https://secure.directtrac... (Third party > interested in spamvertized web site) > To: spamcop@us.jangomail.com (Notes) > > Well jangomail.com is owned by Ajay Goel who looks awefully fishy to me > (http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK2149) > > Organization: > Silicomm Corporation > Ajay Goel > 5335 Far Hills Avenue, Suite 222 > Dayton, OH 45429 > US > Phone: 9374358122 > Fax..: 6306044082 > Email: ajay@silicomm.com > > Registrar Name....: Register.com > Registrar Whois...: whois.register.com > Registrar Homepage: http://www.register.com > > Domain Name: JANGOMAIL.COM > > Created on..............: Fri, Sep 20, 2002 > Expires on..............: Thu, Sep 20, 2007 > Record last updated on..: Fri, Apr 16, 2004 > > Administrative Contact: > Silicomm Corporation > Ajay Goel > 5335 Far Hills Avenue, Suite 222 > Dayton, OH 45429 > US > Phone: 9374358122 > Fax..: 6306044082 > Email: ajay@silicomm.com > > Technical Contact, Zone Contact: > Register.Com > Domain Registrar > 575 8th Avenue - 11th Floor > New York, NY 10018 > US > Phone: 902-749-2701 > Fax..: 902-749-5429 > Email: domain-registrar@register.com > > Domain servers in listed order: > > DNS2.SILICOMM.COM 64.56.108.182 > NS0.DNSMADEEASY.COM 63.219.151.3 > NS1.DNSMADEEASY.COM 69.10.137.166 > NS3.DNSMADEEASY.COM 64.246.42.123 > I'm sorry but I do not see anything about jangomail or Ajay Goel at your rosko reference other than this line: *AntiSpews.org identified as Ajay Goel (Silicomm Corporation, WangoMail). which appears to be a link to google (gah what did google do to newgroups) and after looking at 20 or so posts in that thread I don't see any "identification" -- if you want to point me at the exact post I would be happy to look at it. Ellen From nobody at spamcop.net Tue Dec 7 07:12:33 2004 From: nobody at spamcop.net (nospam) Date: Mon Dec 6 22:15:17 2004 Subject: [SpamCop-List] Re: who is pdlweb@yahoo.com (3d party interested)? References: Message-ID: in article cp23h8$1t6$1@news.spamcop.net, Ellen at nobody@spamcop.net wrote on 12/6/04 8:58 PM: > > > "Berny" wrote in message > news:cp1o9k$ph5$1@news.spamcop.net... >> seeing them a lot lately on my Rx spams for *.abbey1eater.com . >> >> Also looks like someone is using yahoo for commercial purposes. >> >> >> > > IP? full spamvertized url? No way I can even attempt to answer your question > without that information. > > Ellen > > That is an interested 3d party for spamvertized URLS, among them: http://(various random strings -hence the "*").abbey1eater.com From MikeE at ster.invalid Mon Dec 6 19:14:15 2004 From: MikeE at ster.invalid (Mike Easter) Date: Mon Dec 6 22:15:43 2004 Subject: [SpamCop-List] Re: 3rd party suspect References: Message-ID: Ellen wrote: > (gah what did google > do to newgroups) Ain't 'dat 'de troof! Slashdotters to campaign for the old googlegroups < /. cite follows> "[...] Unfortunately, as of December 5th, Google Groups Beta is back and you can't get to the original (wonderful) Google Groups anymore. Be sure to share your opinion with Google." However, not to be 'daunted', searching google groups on 'google groups' and also seeing that 'everyone' hates the new googlegroups beta -- I found a Brit sed [and so far it is still true] that the old google groups is still available at google.co.uk. -- Mike Easter kibitzer, not SC admin From baloo at ursine.dyndns.org Mon Dec 6 19:33:52 2004 From: baloo at ursine.dyndns.org (Paul Johnson) Date: Mon Dec 6 22:45:03 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: <1102390991.339034@ursine.dyndns.org> Dar wrote: > I'm finding conflicting answers to this question: Can spammer software > spider database generated web pages? I have concern for a listing of > Chamber of Commerce members on a local web site. I've smacked two > Chamber members who were caught spamming other members one by one, > but what about the pros? You answered your own question. The answer is yes, spammer's software can spider through database generated web pages. However, on the flip side of the coin, any kind of munging (be it copy protection on CDs or munging email addresses) is considered harmful as it only hinders legitimate use while doing *ZERO* to stop illegitimate use. Just as DVD copy protection and region encoding was rendered irrelevant by a single, nearly 40-year-old UNIX command and regionless drives, email munging has long since been rendered stupid as it hinders the ability of real people to quickly and easily send you an email while doing nothing to slow down the spammers with automated demungers. Address-specific arguments: http://www.interhack.net/pubs/munging-harmful/ -- Paul Johnson baloo@ursine.dyndns.org http://ursine.dyndns.org/ From baloo at ursine.dyndns.org Mon Dec 6 19:35:58 2004 From: baloo at ursine.dyndns.org (Paul Johnson) Date: Mon Dec 6 22:45:10 2004 Subject: [SpamCop-List] Re: sc Black listed References: Message-ID: <1102390992.283602@ursine.dyndns.org> David 1 wrote: > I posted the following knowing that one of the folks there would tell me > what to do with it one way or the other so after an answer I'll post it > here. > ************************ > Look, I'm new, I dont' know where to go with this or if it's even worth > it so I'll just throw it the source out here & leave it up to those > that know what to do to do something with it if needed You posted what you need to know already. > # spamcop is fucked up > spamcop.net 554 blocked dom We are sorry, but we cannot accept any > more guaranteed 100% nonsense misdirected and false spamcop reports. > Matter referred to Julian Haight, but he cannot fix spamcop reporting > without breaking other features he considers more important. See > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ That's where you need to go for more information about this problem, not Spamcop. -- Paul Johnson baloo@ursine.dyndns.org http://ursine.dyndns.org/ From baloo at ursine.dyndns.org Mon Dec 6 19:38:41 2004 From: baloo at ursine.dyndns.org (Paul Johnson) Date: Mon Dec 6 22:45:17 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <1102390992.772592@ursine.dyndns.org> Jon (spamtrap) wrote: >> "Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... >> >> What is LARTED? >> >> Thanks! > > To all ... IMHO this sounded like a perfectly reasonable question. Yes, it > can be looked up on Google, but Terry chose a much more sociable method - > and asked real people. Yet sometimes respondents prefer to get snippy - > which reflects badly on the rest of us. Asking a question that is 1) Already answered in the archives, 2) is posted on the web, and 3) Google is capable of finding 1 and 2, then it's *not* sociable, it's antisocial. > Netiquette isn't about being rude to people - AFAIK anyway - it is a > method which helps us all to get along in our virtual environment. Most of > us wouldn't abuse a co-worker and accuse them of wanting "spoonfeeding" if > they approached us at our desk to ask a (possibly obvious) question - so > why do we do it when we are online? Not all of us are doomed to work among the clueless, please don't assume everyone else is forced to, either. It's patronizing and makes you look bad. -- Paul Johnson baloo@ursine.dyndns.org http://ursine.dyndns.org/ From nobody at spamcop.net Mon Dec 6 19:43:17 2004 From: nobody at spamcop.net (Dar) Date: Mon Dec 6 22:45:21 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: > I'm finding conflicting answers to this question: Can spammer software > spider database generated web pages? I have concern for a listing of > Chamber of Commerce members on a local web site. I've smacked two > Chamber members who were caught spamming other members one by one, > but what about the pros? > > Dar On second thought, this is not an appropriate question for this group. Please forgive me. From nobody at spamcop.net Mon Dec 6 19:56:20 2004 From: nobody at spamcop.net (Dar) Date: Mon Dec 6 23:00:02 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: > > I'm finding conflicting answers to this question: Can spammer software > > spider database generated web pages? I have concern for a listing of > > Chamber of Commerce members on a local web site. I've smacked two > > Chamber members who were caught spamming other members one by one, > > but what about the pros? > > You answered your own question. The answer is yes, spammer's software can > spider through database generated web pages. However, on the flip side of > the coin, any kind of munging (be it copy protection on CDs or munging > email addresses) is considered harmful as it only hinders legitimate use > while doing *ZERO* to stop illegitimate use. Just as DVD copy protection > and region encoding was rendered irrelevant by a single, nearly 40-year-old > UNIX command and regionless drives, email munging has long since been > rendered stupid as it hinders the ability of real people to quickly and > easily send you an email while doing nothing to slow down the spammers with > automated demungers. > > Address-specific arguments: > http://www.interhack.net/pubs/munging-harmful/ > > -- > Paul Johnson > baloo@ursine.dyndns.org > http://ursine.dyndns.org/ Thanks for the education. This is a tough one for me. I can protect my own hosting clients listed in this database, but I can't protect the other 99% who are listed. The one member who abused simply went through and clicked on each email address and began sending a separate email to each member (I caught him before he made it very far down the list). Otherwise, I've noticed no *other* spam has been sent to my 10 or so clients listed there and thought perhaps any harvesting may have to be done manually. From mfkmek820 at yahoo.com Mon Dec 6 19:50:18 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Mon Dec 6 23:55:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Jon (spamtrap)" wrote in message news:cp1q9r$ral$1@news.spamcop.net... >> "Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... >> >> What is LARTED? >> >> Thanks! > And after reading this thread through, and having looked it up before myself, the action "I LARTED so and so" is still not clear to me. Does that mean a SC report, or some separate complaint to some ISP et. al., through emails, phone calls, snailmail etc. Fred k From nobody at spamcop.net Mon Dec 6 22:56:47 2004 From: nobody at spamcop.net (John Anderson) Date: Tue Dec 7 00:00:03 2004 Subject: [SpamCop-List] Re: SPAMCOP down? References: Message-ID: "Rob" wrote in message news:cp2q76$h5l$1@news.spamcop.net... Not quite down. It's very slow, taking me 10+ mins to get half way through a parse then it fails. Same as yesterday about the same time. >>>>>>..... I am glad that my spam level is down to one spam every 3 months! . From tmcgraw at spamcop.net Mon Dec 6 20:57:12 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 00:00:10 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Fred K wrote: > Jon wrote: >>>"Terry Simpson" wrote: >>> >>>What is LARTED? >>> >>>Thanks! >> > And after reading this thread through, and having looked it up before > myself, the action "I LARTED so and so" is still not clear to me. Does that > mean a SC report, or some separate complaint to some ISP et. al., through > emails, phone calls, snailmail etc. > Fred k An email directly from the spam victim to the party responsible. Mine are very short, often merely: "You have an open proxy at . Please take corrective action. Thank you." A LART is exclusively manual, else you would not need pages like http://multilinguallart.spamblocked.com From nobody at xyzzy.claranet.de Tue Dec 7 05:59:49 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Tue Dec 7 00:05:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <41B538C5.3FD5@xyzzy.claranet.de> Cat wrote: > Mike Easter wrote: >> Fred K wrote: > [...] > Note to Frank: Fred, IIRC there was no "Frank" in this thread until now ;-) From tmcgraw at spamcop.net Mon Dec 6 21:05:46 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 00:10:02 2004 Subject: [SpamCop-List] Re: Spammer Software In-Reply-To: References: Message-ID: Dar wrote: > > Thanks for the education. This is a tough one for me. I can protect my > own hosting clients listed in this database, but I can't protect the > other 99% who are listed. The one member who abused simply went through > and clicked on each email address and began sending a separate email to > each member (I caught him before he made it very far down the list). Sticky wicket you've got there. It is, after all, the Chamber of Commerce. You can't expect everyone to be clued re: proper way to network and understanding of netiquette. If you can set up email addresses @yourchamberURL it could be offered as a benefit membership. If you can set up a listserv strictly for networking that could also be listed under benefit of membership. Even Yahoo Groups is feasible for smaller groups. Some here will disagree, but it works great for our dog park group. From tmcgraw at spamcop.net Mon Dec 6 21:10:57 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 00:15:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: <41B538C5.3FD5@xyzzy.claranet.de> References: <41B538C5.3FD5@xyzzy.claranet.de> Message-ID: Frank Ellermann wrote: > Cat wrote: > > Fred, IIRC there was no "Frank" in this thread until now ;-) We have clearance Clarence. Roger, Roger. What's our vector Victor? From nobody at spamcop.net Mon Dec 6 21:39:49 2004 From: nobody at spamcop.net (Dar) Date: Tue Dec 7 00:45:03 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: > Dar wrote: > > > > Thanks for the education. This is a tough one for me. I can protect my > > own hosting clients listed in this database, but I can't protect the > > other 99% who are listed. The one member who abused simply went through > > and clicked on each email address and began sending a separate email to > > each member (I caught him before he made it very far down the list). > Tim McGraw wrote: > Sticky wicket you've got there. It is, after all, the Chamber of > Commerce. You can't expect everyone to be clued re: proper way to > network and understanding of netiquette. Well, there's a notice at the top of the default page now: Chamber Members Notice: Sending unsolicited commercial email to other members ( spamming ) is strictly forbidden! You risk losing your own listing here. > If you can set up email addresses @yourchamberURL it could be offered as > a benefit membership. That's an excellent idea, but not too feasible in my situation. This is actually a *town* web site and there are so many email addresses set up for town officials, I simply don't have the time to set up and maintain email addresses, even forwarding email addresses, for all the Chamber members as well. > If you can set up a listserv strictly for > networking that could also be listed under benefit of membership. Even > Yahoo Groups is feasible for smaller groups. Some here will disagree, > but it works great for our dog park group. If they wish to network, they attend Chamber meetings. Most of the members, I promise, don't want to be bothered by other members and their spam type email. This is a very small town in Washington State with a total population of approximately 6,500 maybe. There are members who do business outside of our 2.1 square mile town, but for the most part, most every member of the Chamber knows most every other member of the Chamber. The listings on the site are primarily for generating business from the general population, one air force base, one army base, and the local area outside of town. Dar From nobody at spamcop.net Mon Dec 6 21:42:51 2004 From: nobody at spamcop.net (Dar) Date: Tue Dec 7 00:45:10 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: Mostly, to do with my original question, I was hoping spammers (non members) couldn't harvest email addresses from database generated web pages using software. I realize anyone can get to them manually, I was just hoping the spammer software wouldn't work. Dar From mfkmek820 at yahoo.com Mon Dec 6 20:47:52 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Tue Dec 7 00:50:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Tim McGraw" wrote in message news:cp3d79$t1q$1@news.spamcop.net... > Fred K wrote: >> Jon wrote: >>>>"Terry Simpson" wrote: >>>> >>>>What is LARTED? >>>> >>>>Thanks! > An email directly from the spam victim to the party responsible. Mine are > very short, often merely: "You have an open proxy at . Please take > corrective action. Thank you." > > A LART is exclusively manual, else you would not need pages like > http://multilinguallart.spamblocked.com > How simple and to the point.It is probably the answer that should have been given as a direct reply to Terry's question. Instead it took 23 responses.. Thank you Fred k From tmcgraw at spamcop.net Mon Dec 6 21:52:56 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 00:55:03 2004 Subject: [SpamCop-List] Re: Spammer Software In-Reply-To: References: Message-ID: Dar wrote: >>Tim McGraw wrote: > >>If you can set up email addresses @yourchamberURL it could be offered as >>a benefit membership. >> >>If you can set up a listserv strictly for >>networking that could also be listed under benefit of membership. Even >>Yahoo Groups is feasible for smaller groups. Some here will disagree, >>but it works great for our dog park group. > > If they wish to network, they attend Chamber meetings. That's what I thought. > This is a very small town in Washington State That's what I thought. Secure access is probably out of the question too. An autoack to a request for the database? At least then the boilerplate could include the "Members Notice." From tmcgraw at spamcop.net Mon Dec 6 22:07:17 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 01:10:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Fred K wrote: > Tim McGraw wrote: > >>An email directly from the spam victim to the party responsible. Mine are >>very short, often merely: "You have an open proxy at . Please take >>corrective action. Thank you." >> >>A LART is exclusively manual, else you would not need pages like >>http://multilinguallart.spamblocked.com > > How simple and to the point.It is probably the answer that should have been > given as a direct reply to Terry's question. Instead it took 23 responses.. At least no one responded STFW, which is the typicaly ng guff. What is so hard about putting "what is a lart" in Google? Tip: use the quote marks. > Thank you You're welcome. Have you ever worked somewhere and the customers ask the same questions over and over and over again? And the answer is typically as inane, like "over by the sign that says ____," where blank is the thing they asked about. LART is in some spam FAQs, like http://www.spamfaq.net/terminology.shtml#lart From nobody at spamcop.net Mon Dec 6 22:26:19 2004 From: nobody at spamcop.net (Dar) Date: Tue Dec 7 01:30:03 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: > >>Tim McGraw wrote: > > > >>If you can set up email addresses @yourchamberURL it could be offered as > >>a benefit membership. > >> > >>If you can set up a listserv strictly for > >>networking that could also be listed under benefit of membership. Even > >>Yahoo Groups is feasible for smaller groups. Some here will disagree, > >>but it works great for our dog park group. > > > > If they wish to network, they attend Chamber meetings. > > That's what I thought. > > > This is a very small town in Washington State > > That's what I thought. > > Secure access is probably out of the question too. > > An autoack to a request for the database? At least then the boilerplate > could include the "Members Notice." Good suggestion, but I think I'll let it go and see what happens from here on. The "Members Notice" is added in such a way that it shows up at the top of any/all database generated pages. I'm hoping it's only the old "there's one (or two) in every bunch" who is stupid enough to spam in this manner. And, hopefully, the notice is obvious enough to prevent spamming (from member to members) in the future. Thanks, Tim. I was very nervous after posting the original message for fear it was an out of order subject. Thanks for responding in an intelligent and non-controversial manner -- sincerely. Dar From SpamNScamsReporter# at gmail#.com# Mon Dec 6 23:06:30 2004 From: SpamNScamsReporter# at gmail#.com# (Spam N Scams Reporter) Date: Tue Dec 7 02:10:09 2004 Subject: [SpamCop-List] Humor: A 419er that can't spell his name correctly Message-ID: All I require is your honest co-operation to enable us see this business through. I guarantee that this will be executed under a legitimate arrangement that will protect you from any breach of the law. Get in touch with me through my email address (raysithole@myway.com) and my mobile phone number (234-803-419-8035)so that we can proceed. Sincerely yours, Barrister Raymond Sithole Esq. From nobody at devnull.spamcop.net Tue Dec 7 01:36:57 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 02:40:27 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: <41B538C5.3FD5@xyzzy.claranet.de> References: <41B538C5.3FD5@xyzzy.claranet.de> Message-ID: Frank Ellermann wrote: > Cat wrote: >>Note to Frank: > > > Fred, IIRC there was no "Frank" in this thread until now ;-) Heh, oops! Don't know why, but I read that as Frank K for some reason instead of Fred K. From bar_n0ne at hotmail.com Tue Dec 7 11:44:33 2004 From: bar_n0ne at hotmail.com (Berny) Date: Tue Dec 7 02:45:06 2004 Subject: [SpamCop-List] Re: who is pdlweb@yahoo.com (3d party interested)? -sites References: Message-ID: "nospam" wrote in message news:BDDB0861.12E07%nobody@spamcop.net... > in article cp23h8$1t6$1@news.spamcop.net, Ellen at nobody@spamcop.net wrote > on 12/6/04 8:58 PM: > > "Berny" wrote in message > > news:cp1o9k$ph5$1@news.spamcop.net... > >> seeing them a lot lately on my Rx spams for *.abbey1eater.com . > > SNIP > > IP? full spamvertized url? No way I can even attempt to answer your question > > without that information. > That is an interested 3d party for spamvertized URLS, among them: > > http://(various random strings -hence the "*").abbey1eater.com > and Re: http://auriferous6tabernacle.com/?nwk=4wah&... (Third party interested in spamvertized web site) To: pdlweb@yahoo.com (Notes) From nobody at devnull.spamcop.net Tue Dec 7 01:50:09 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 02:55:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Jon (spamtrap) wrote: > To all ... IMHO this sounded like a perfectly reasonable question. Yes, it > can be looked up on Google, but Terry chose a much more sociable method - > and asked real people. Yet sometimes respondents prefer to get snippy - > which reflects badly on the rest of us. > > Netiquette isn't about being rude to people There was absolutely nothing rude or snippy about my reply. I simply showed him how to look it up on his own, which would teach him good research habits for the future. Like someone else said, this was something that could have been easily looked up. Maybe you and Fred should consider not being so overly sensitive and stop expecting everyone else to hold your hands through life. In some forums, people will just reply with the FAQ link and let the person go read that. This is sometimes done here, and LiveJournal.com's support forum also does the same thing, just replying with the FAQ link when it's something easily found there. Just using LiveJournal as a similar example, I see support requests there all the time that should never even have been asked if the person had done a quick search of their very user friendly FAQ. Now maybe SpamCop's FAQ isn't quite so user friendly, but the definition of LART is something that can be easily be found without contributing to the other 80,000 times it's been asked about here. From nobody at devnull.spamcop.net Tue Dec 7 01:55:14 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 03:00:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Tim McGraw wrote: > Fred K wrote: > >> Tim McGraw wrote: >> >>> An email directly from the spam victim to the party responsible. Mine >>> are very short, often merely: "You have an open proxy at . >>> Please take corrective action. Thank you." >>> >>> A LART is exclusively manual, else you would not need pages like >>> http://multilinguallart.spamblocked.com >> >> >> How simple and to the point.It is probably the answer that should have >> been given as a direct reply to Terry's question. Instead it took 23 >> responses.. Um, no. It required only one reply. Didn't someone else here use the fishing analogy? If you give a man a fish, he'll eat for a day. If you teach a man to fish, he'll eat for a lifetime. I just don't understand why some people expect everyone else to do their thinking for them and then get all upset when they're shown how to think for themselves. > At least no one responded STFW, which is the typicaly ng guff. > > What is so hard about putting "what is a lart" in Google? Tip: use the > quote marks. I'm guessing laziness and refusal to think for themselves. > Have you ever worked somewhere and the customers ask the same questions > over and over and over again? And the answer is typically as inane, like > "over by the sign that says ____," where blank is the thing they asked > about. Good explanation. From David1 at suescornerweb.com Tue Dec 7 03:14:16 2004 From: David1 at suescornerweb.com (David 1) Date: Tue Dec 7 03:15:14 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Cat wrote: > Jon (spamtrap) wrote: > > > >> To all ... IMHO this sounded like a perfectly reasonable question. >> Yes, it >> can be looked up on Google, but Terry chose a much more sociable method - >> and asked real people. Yet sometimes respondents prefer to get snippy - >> which reflects badly on the rest of us. >> >> Netiquette isn't about being rude to people > > > > > There was absolutely nothing rude or snippy about my reply. I simply > showed him how to look it up on his own, which would teach him good > research habits for the future. Like someone else said, this was > something that could have been easily looked up. > > > Maybe you and Fred should consider not being so overly sensitive and > stop expecting everyone else to hold your hands through life. In some > forums, people will just reply with the FAQ link and let the person go > read that. This is sometimes done here, and LiveJournal.com's support > forum also does the same thing, just replying with the FAQ link when > it's something easily found there. Just using LiveJournal as a similar > example, I see support requests there all the time that should never > even have been asked if the person had done a quick search of their very > user friendly FAQ. Now maybe SpamCop's FAQ isn't quite so user friendly, > but the definition of LART is something that can be easily be found > without contributing to the other 80,000 times it's been asked about here. Ok, this is another stupid question your probably not going to like but let me start off I do understand that your an old timer tired of the same old questions that you asked "Prolly" when you were a newbe & to be honest about it I was going to ask that same question but that person beat me to it. So to help me learn a heck of a lot more a lot faster why don't you give me that link(s) to what ever faq & other searchable info we have ( note the only place I've ever been to sc before coming here was the button to make a donation (ie: buy MEGS(FUEL)whatever) & I click the link when I get the email that it's ready for me to go hit the next couple of buttons so that's my association with SC. Now if you will baby me & hand me those link(s) that I need to get the job done then for what ever it's worth to you since you don't know me I'll give you my word that for a period of NO less then 3 months starting from the time I receive the links. I will personally answer every newbie question that I catch & if I don't catch it you have my full permission to chew me out publicly, also email me with the subject that I missed the question & I will answer the question asap so that you don't have to mess with it except for correcting me when I miss read something & screw it up. Again I'm new here & don't know whats going on. & Maybe I'm out of line & somebody is going to do a killfile on me (whatever the hell that is)BUT Man you folks are hard on us new folks BUT I do understand that some of you folks don't want to baby feed us. That I really do But the fact remains that your always going to have new folks asking the same damn questions no mater how many places you post it because some of us are just babies. So with all that said the offer is there up to you to say yes or no or just ignore me like IMHO you should do with the newbie questions if you don't want to deal with them. Again For the record I do understand how you feel & I'm not saying you are wrong in any way shape or form, I've been there & done that myself. I'm just trying to say if something is wrong & you don't want to deal with us then don't, from what I've seen of this group someone will. Eventually. David 1 From nobody at devnull.spamcop.net Tue Dec 7 02:49:17 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 03:55:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: David 1 wrote: > Ok, this is another stupid question your probably not going to like but > let me start off I do understand that your an old timer tired of the > same old questions that you asked "Prolly" when you were a newbe & to be > honest about it I was going to ask that same question but that person > beat me to it. Actually, I never asked simple questions like "what is LART?" Like I said in another post, I look for answers on my own first. Then if I still can't find it, I'll ask. And while we're on the subject of learning things, *your* is a possessive pronoun and not to be used to mean *you are*. *You're* means *you are*. When you mix *your* and *you're*, it changes the whole meaning of what you're trying to say. I hope you won't mind that I commented on that, but it's meant to help. > So to help me learn a heck of a lot more a lot faster why > don't you give me that link(s) to what ever faq & other searchable info > we have ( note the only place I've ever been to sc before coming here > was the button to make a donation (ie: buy MEGS(FUEL)whatever) & I click > the link when I get the email that it's ready for me to go hit the next > couple of buttons so that's my association with SC. > Now if you will baby me & hand me those link(s) that I need to get the > job done then for what ever it's worth to you since you don't know me > I'll give you my word that for a period of NO less then 3 months > starting from the time I receive the links. Huh? That was a bit too awkwardly worded, and you're being a bit vague as to what you want answered at the moment. I gave the original poster a link to a place where the answer to his question could be found, and also pointed him to Google where the answer is easily found by typing into a search engine. I did this to show him the tools needed to quickly research smaller, easily found answers. If someone asks a question, and someone else replies with the link to the related FAQ, that certainly sounds exactly like what I did by posting the Acronym Finder link and pointing him to Google search. > I will personally answer > every newbie question that I catch & if I don't catch it you have my > full permission to chew me out publicly, also email me with the subject > that I missed the question & I will answer the question asap so that you > don't have to mess with it except for correcting me when I miss read > something & screw it up. I'm not really sure what the above quoted part has to do with anything. > Again I'm new here & don't know whats going on. & Maybe I'm out of line > & somebody is going to do a killfile on me (whatever the hell that > is)BUT Man you folks are hard on us new folks BUT I do understand that > some of you folks don't want to baby feed us. That I really do But the > fact remains that your always going to have new folks asking the same > damn questions no mater how many places you post it because some of us > are just babies. So with all that said the offer is there up to you to > say yes or no or just ignore me like IMHO you should do with the newbie > questions if you don't want to deal with them. Yes or no to what? There's a difference between asking a legitimate question about how SpamCop works and asking something like a word definition. I was always taught that if you don't know the meaning of a word, look it up. > Again For the record I do understand how you feel & I'm not saying you > are wrong in any way shape or form, I've been there & done that myself. > I'm just trying to say if something is wrong & you don't want to deal > with us then don't, from what I've seen of this group someone will. > Eventually. > David 1 This had nothing to do with not wanting to deal with anyone. He asked a question, and I answered it pointing him to two places where he could easily find the answer. I don't understand why you're getting so upset about this. I actually showed him where to find the answer, to which most reasonable people would respond with "Thanks for showing me that." It's not like I said "go away and stop asking stupid questions." People shouldn't be spoon fed. People should learn how to think for themselves and not be so opposed to learning how to think. It sounds to me like a small few people in this thread are just looking for excuses to complain about something for no good reason. From bar_n0ne at hotmail.com Tue Dec 7 14:28:53 2004 From: bar_n0ne at hotmail.com (Berny) Date: Tue Dec 7 05:30:21 2004 Subject: [SpamCop-List] Re: who is pdlweb@yahoo.com (3d party interested)? spammer me thinks References: Message-ID: Berny" wrote in message news:cp3n14$3ef$1@news.spamcop.net... > > "nospam" wrote in message > news:BDDB0861.12E07%nobody@spamcop.net... > > in article cp23h8$1t6$1@news.spamcop.net, Ellen at nobody@spamcop.net > wrote > > on 12/6/04 8:58 PM: > > > "Berny" wrote in message > > > news:cp1o9k$ph5$1@news.spamcop.net... > > >> seeing them a lot lately on my Rx spams for *.abbey1eater.com . > > > SNIP > > > IP? full spamvertized url? No way I can even attempt to answer your > question > > > without that information. > > That is an interested 3d party for spamvertized URLS, among them: > > > > http://(various random strings -hence the "*").abbey1eater.com > > > and > Re: http://auriferous6tabernacle.com/?nwk=4wah&... (Third party interested > in spamvertized web site) > To: pdlweb@yahoo.com (Notes) I did some giggling and found this in NANAE: http://groups.google.ca/groups?q=pdlweb&hl=en&lr=&selm=200411241428.iAOEShVQ024977%40NanasPost&rnum=1 sorry I don't know how to unwrap it for you. but it appears pdlweb@yahoo.com is Gold Toe Investments, a spammer, more clever people than I can interpret the POST I'm sure , I'd LART yahoo manually for commercial use of their mail but they always treat any missives of that nature from me as if I'm complaining about spam from that account. And they correctly point out that it didn't originate there. From hwolfe at spamcop.net Tue Dec 7 06:00:03 2004 From: hwolfe at spamcop.net (Herb Wolfe) Date: Tue Dec 7 07:05:03 2004 Subject: [SpamCop-List] false positives/negatives Message-ID: Lately, the last few weeks or so, it seems a lot of messages have been marked wrong by spamcop. I've had a couple of messages slip through, and then sometimes a dozen or more similar, if not identical messages, that are marked spam. I have also had a few marked spam, that I don't know why they are, that accidentally get reported before I can whitelist them. I get hundreds of pieces of mail daily, and it isn't possible to look at each and every one. Can someone offer an explanation or advice? ~herb From nobody at spamcop.net Tue Dec 7 07:22:56 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 07:25:02 2004 Subject: [SpamCop-List] Re: Humor: A 419er that can't spell his name correctly References: Message-ID: "Spam N Scams Reporter" wrote in message news:cp3kpm$24f$3@news.spamcop.net... | All I require is your honest co-operation to enable us see this business | through. I guarantee that this will be executed under a legitimate | arrangement that will protect you from any breach of the law. Get in | touch with me through my email address (raysithole@myway.com) and my | mobile phone number (234-803-419-8035)so that we can proceed. | | Sincerely yours, | | Barrister Raymond Sithole Esq. ?? I must be using my blind eye today: I can't find the spelling problem?? Pop From crappy.trappy at ntlworld.com Tue Dec 7 12:27:50 2004 From: crappy.trappy at ntlworld.com (Tim) Date: Tue Dec 7 07:30:04 2004 Subject: [SpamCop-List] Re: Humor: A 419er that can't spell his name correctly In-Reply-To: References: Message-ID: Pop wrote: > ?? I must be using my blind eye today: I can't find the > spelling problem?? > > Pop > > There is a missing 'H' as in Raymond Shithole Esq. Very appropriate for this kind of moron. From me at privacy.net Tue Dec 7 07:29:41 2004 From: me at privacy.net (Frog Prince) Date: Tue Dec 7 07:30:10 2004 Subject: [SpamCop-List] Re: Spammer Software References: Message-ID: "Dar" | If they wish to network, they attend Chamber meetings. Most of the | members, I promise, don't want to be bothered by other members and | their spam type email. This is a very small town in Washington State | with a total population of approximately 6,500 maybe. There are members | who do business outside of our 2.1 square mile town, but for the most | part, most every member of the Chamber knows most every other member | of the Chamber. The listings on the site are primarily for generating | business from the general population, one air force base, one army | base, and the local area outside of town. We have a similar 'problem' here in Western NC. Small town with a number of small business. Going public with an email addy is a risk. If you want the good business you have to live with the 5% of the population that does not have hemorrhoids (i.e. perfect A** H***s) We've handled the problem by giving notice that if you break the UCE rule your email messages to any and all will be blocked for up to one month on the first abuse 3 months on the second and permanently on a third. That said we also set up a members only mail list with two options. (that the members can subscribe or not as they see fit) that lets any member post general info/discussions on one list and their self promotions on the second. The first is used effectively the second is busiest around April 1st of every year. FWIW I set each new member on moderate until they get the idea of how the system works. FP back channel communications via brother_rabbit @ hotmail.com From wb8tyw at qsl.network Tue Dec 7 08:17:28 2004 From: wb8tyw at qsl.network (John E. Malmberg) Date: Tue Dec 7 08:20:02 2004 Subject: [SpamCop-List] Re: false positives/negatives In-Reply-To: References: Message-ID: <9KGdnR8P3N71MCjcRVn-uw@adelphia.com> Herb Wolfe wrote: > Lately, the last few weeks or so, it seems a lot of messages have been > marked wrong by spamcop. I've had a couple of messages slip through, and > then sometimes a dozen or more similar, if not identical messages, that > are marked spam. I have also had a few marked spam, that I don't know > why they are, that accidentally get reported before I can whitelist > them. I get hundreds of pieces of mail daily, and it isn't possible to > look at each and every one. Can someone offer an explanation or advice? That is normal behavior for the Agressive spamcop.net blocking list. The spamcop.net blocking list only acts on I.P. addresses of what it's members and internal spamtraps report as spam. As spammers are using new spam sources, or waiting for spamcop.net listings to expire, spam will always get through if you only use the spamcop.net list. Also, for many of us, once a spam source gets listed on the one of the other major DNSbls, we never see any more spam from it to report to keep it on the spamcop.net blocking list. Also the spamcop.net list tries not to list the output of a multihop relay, so spam will get through from there. And when members or the parser make an error, sometimes a real mail source will get reported and listed. And sometimes a real mail source will get compromised and start spewing spam. In addition, some mailservers or users are misconfigured to abusively auto-respond to the forged addresses found in spam or viruses. This will cause those mail servers to get listed by spamcop.net spamtraps. And about once a year or so, some user of a mail server comes up with a great idea to write a script to automatically report and confirm everything their local spam filter considers spam. Invariably they make an error in the programming and end up getting their own mail server listed. When a real mail server gets listed, it seems that several members to not take time to confirm that they are actually reporting spam, so as long as it is listed, new reports will be continually generated to keep it listed. So spamcop.net is not a perfect solution. If a source is listed by the spamcop.net blocking list, there is a very high chance of it being spam, but not absolute. -John wb8tyw@qsl.net Personal Opinion Only From Merlyn at Spamcop.net Tue Dec 7 08:19:40 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Tue Dec 7 08:20:10 2004 Subject: [SpamCop-List] Re: false positives/negatives References: Message-ID: "Herb Wolfe" wrote in message news:cp4603$c90$1@news.spamcop.net... > Lately, the last few weeks or so, it seems a lot of messages have been > marked wrong by spamcop. I've had a couple of messages slip through, and > then sometimes a dozen or more similar, if not identical messages, that > are marked spam. I have also had a few marked spam, that I don't know why > they are, that accidentally get reported before I can whitelist them. I > get hundreds of pieces of mail daily, and it isn't possible to look at > each and every one. Can someone offer an explanation or advice? > Spamcop does not automatically report any spam. You have to do the reporting. Are you blindly reporting innocent victims? -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From nobody at devnull.spamcop.net Tue Dec 7 07:22:18 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Tue Dec 7 08:25:02 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "David 1" wrote in message news:cp3op2$502$1@news.spamcop.net... > > So to help me learn a heck of a lot more a lot faster why > don't you give me that link(s) to what ever faq & other searchable info > we have ( note the only place I've ever been to sc before coming here > was the button to make a donation (ie: buy MEGS(FUEL)whatever) & I click > the link when I get the email that it's ready for me to go hit the next > couple of buttons so that's my association with SC. > Now if you will baby me & hand me those link(s) that I need to get the > job done then for what ever it's worth to you since you don't know me > I'll give you my word that for a period of NO less then 3 months > starting from the time I receive the links. I will personally answer > every newbie question that I catch & if I don't catch it you have my > full permission to chew me out publicly, also email me with the subject > that I missed the question & I will answer the question asap so that you > don't have to mess with it except for correcting me when I miss read > something & screw it up. With a promise like that ..... I'll give you two links .... Login in to "your" www.spamcop.net page ... hit Help .... http://forum.spamcop.net/forums/index.php? holds a FAQ that contains all the above plus a whole lot more in a single-page access-point format. From please_reply_to_newsgroup at something.com Tue Dec 7 13:25:54 2004 From: please_reply_to_newsgroup at something.com (Paul D) Date: Tue Dec 7 08:30:03 2004 Subject: [SpamCop-List] SpamCop Painfully Slow 2 Message-ID: It's disappointing that I've had no more feedback to my other post. Isn't there anything that anyone can do? Thanks Paul From nobody at spamcop.net Tue Dec 7 08:27:10 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:30:10 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Cat" wrote in message news:cp0650$rhi$1@news.spamcop.net... | Terry Simpson wrote: | > What is LARTED? | > | > Thanks! | | http://www.acronymfinder.com | | Also, Google is your friend. A simple search of the word LART on Google | comes up with several web sites giving you a definition. Good answer - coulda taken a moment to 'splain it's a luser attitude ... though. I would have. But, it's informative and easy to understand. Pop From nobody at spamcop.net Tue Dec 7 08:33:13 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:35:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Pete Stephenson" wrote in message news:pete-522EA0.15442405122004@news.cesmail.net... | In article , | "Terry Simpson" wrote: | | > What is LARTED? | | http://www.retrologic.com/jargon/L/LART.html | | Luser Attitude Readjustment Tool. | | 1. n. In the collective mythos of scary devil monastery, this is an | essential item in the toolkit of every BOFH. The LART classic is a 2x4 | or other large billet of wood usable as a club, to be applied upside the | head of spammers and other people who cause sysadmins more grief than | just naturally goes with the job. Perennial debates rage on | alt.sysadmin.recovery over what constitutes the truly effective LART; | knobkerries, automatic weapons, flamethrowers, and tactical nukes all | have their partisans. Compare clue-by-four. | | 2. v. To use a LART. Some would add ³in malice², but some sysadmins | do prefer to gently lart their users as a first (and sometimes final) | warning. | | 3. interj. Calling for one's LART, much as a surgeon might call | ³Scalpel!². | | 4. interj. [rare] Used in flames as a rebuke. ³LART! LART! LART!² | | -- | Pete Stephenson | HeyPete.com Hey, Pete, even better response. A little advanced for a neophyte (BOFH, etc.), but ... it is inclusive. You always have informative posts. From nobody at spamcop.net Tue Dec 7 08:35:11 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:40:02 2004 Subject: [SpamCop-List] Re: LARTED? References: <1102294783.600602@ursine.dyndns.org> Message-ID: "Paul Johnson" wrote in message news:1102294783.600602@ursine.dyndns.org... | Terry Simpson wrote: | | > What is LARTED? | | Look it up, it's in the Jargon File. | http://ursine.dyndns.org/Jargon:LART | | -- | Paul Johnson | baloo@ursine.dyndns.org | http://ursine.dyndns.org/ Fully functional and informative links, stated a little tersely but nothing improper here. Pop From nobody at spamcop.net Tue Dec 7 08:37:06 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:40:13 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Mike Easter" wrote in message news:cp0h6d$2v9$1@news.spamcop.net... | Terry Simpson wrote: | > What is LARTED? | | IMO | | The term has lost its relevance and should be considered passé - that | particular word looks to me like p a s s then [e acute]. | | That is, once upon a time, a notify had some 'impact' -- the notify | would 'affect' the spammer adversely; but no more. | | Nowadays, a 'luser attitude readjustment tool' is instead a rather | ineffectual notify, which isn't a 'clue by four' upside the head of the | spammer at all. The spammer is laughing all the way to the bank and the | spam reporter is only pretending to be 'larting' | | The spam reporter isn't actually swinging a cluebyfour, and the spammer | therefore isn't getting 'larted'. So the term should be dead and | buried. In its current iteration it is an 'embarassment' - a notion of | times gone by, as far as I'm concerned. | | It is all jivetalk 'jargon' which doesn't have the same meaning which it | once did. It implies a power or significance greater than a typical | notify deserves. | | IMO. | | -- | Mike Easter | kibitzer, not SC admin | Woof, an additional bit of excellent prose bringing the subject pretty well up to date. I always look forward to Mike E's replies. Pop From nobody at spamcop.net Tue Dec 7 08:38:12 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:40:20 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "N. Miller" wrote in message news:MPG.1c1d77a2b1d6c83b989781@news.spamcop.net... In article , Mike Easter says... > Terry Simpson wrote: > > What is LARTED? > IMO > The term has lost its relevance and should be considered > passé - that > particular word looks to me like p a s s then [e acute]. In other words, contemporary notifies have no impact. ... Purpose of this reply not evident to me. Kind of OT. Pop From nobody at spamcop.net Tue Dec 7 08:40:03 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:40:24 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "David 1" wrote in message news:cp0reb$8tj$1@news.spamcop.net... | Tom wrote: | > On Sun, 5 Dec 2004 19:53:39 -0800, N. Miller wrote: | > | > | >>>The term has lost its relevance and should be considered passé - that | >>>particular word looks to me like p a s s then [e acute]. | >> | >>In other words, contemporary notifies have no impact. | > | > | > Except to build black/block lists. | > | > Which is why to sooner you can report spam to the time it was | > delievered, the better. | > | My avg. According to spam cop usually runs between 2 - 5 hours, is that | considered ok??? | David 1 This one went unanswered as the thread was abandoned, is OT to the OP's question, and could have easily been answered by: Yeah, that's not bad at all, actually. My time is stuck around 12 hours, "pretty good" per SC's magic spokes-code. Pop From nobody at spamcop.net Tue Dec 7 08:44:22 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 08:45:06 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | > What is LARTED? | > | > Thanks! | | To all ... IMHO this sounded like a perfectly reasonable question. Yes, it | can be looked up on Google, but Terry chose a much more sociable method - | and asked real people. Yet sometimes respondents prefer to get snippy - | which reflects badly on the rest of us. | | Netiquette isn't about being rude to people - AFAIK anyway - it is a method | which helps us all to get along in our virtual environment. Most of us | wouldn't abuse a co-worker and accuse them of wanting "spoonfeeding" if they | approached us at our desk to ask a (possibly obvious) question - so why do | we do it when we are online? | | | | Apologies all - I have just seen too much unnecessary unhelpfulness in this | NG to not say anything. Anyway, have a nice day all :o) | | Jon ... I agree with you 100%. I shouldn't be doing this I know, and I'll almost surely be flamed for it, but you are absolutely correct in your assessment. Too many folk with too much time on their hands putting in too many rude & crude jibes just gets everyone's liver in a quiver. I'm glad they're around now and then though; lets me vent without venting at/to "good" people. Pop From nobody at devnull.spamcop.net Tue Dec 7 08:11:52 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Tue Dec 7 09:15:02 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: "Paul D" wrote in message news:cp4b12$fec$1@news.spamcop.net... > It's disappointing that I've had no more feedback to my other post. > Isn't there anything that anyone can do? My recollection was that you solved your speed issues by adding in some data to your Hosts file, pointing to another server. On the flip side is that there aren't a ton load of others posting with the same problem, so have you troubleshot everything at your end or between you and the SpamCop/Akamai server in question? From nobody at spamcop.net Tue Dec 7 06:42:08 2004 From: nobody at spamcop.net (Ellen) Date: Tue Dec 7 09:30:10 2004 Subject: [SpamCop-List] Re: who is pdlweb@yahoo.com (3d party interested)? -sites References: Message-ID: "Berny" wrote in message news:cp3n14$3ef$1@news.spamcop.net... > > "nospam" wrote in message > news:BDDB0861.12E07%nobody@spamcop.net... > > in article cp23h8$1t6$1@news.spamcop.net, Ellen at nobody@spamcop.net > wrote > > on 12/6/04 8:58 PM: > > > "Berny" wrote in message > > > news:cp1o9k$ph5$1@news.spamcop.net... > > >> seeing them a lot lately on my Rx spams for *.abbey1eater.com . > > > SNIP > > > IP? full spamvertized url? No way I can even attempt to answer your > question > > > without that information. > > That is an interested 3d party for spamvertized URLS, among them: > > > > http://(various random strings -hence the "*").abbey1eater.com > > > and > Re: http://auriferous6tabernacle.com/?nwk=4wah&... (Third party interested > in spamvertized web site) > To: pdlweb@yahoo.com (Notes) > > Thanks Ellen From nobody at spamcop.net Tue Dec 7 06:45:19 2004 From: nobody at spamcop.net (Ellen) Date: Tue Dec 7 09:30:29 2004 Subject: [SpamCop-List] Re: 3rd party suspect References: Message-ID: "Mike Easter" wrote in message news:cp3761$oo9$1@news.spamcop.net... > > > However, not to be 'daunted', searching google groups on 'google groups' > and also seeing that 'everyone' hates the new googlegroups beta -- I > found a Brit sed [and so far it is still true] that the old google > groups is still available at google.co.uk. > > Let's hope it stays there altho I suspect it won't .... E From ng.fjxrp at jondh.me.uk Tue Dec 7 14:46:38 2004 From: ng.fjxrp at jondh.me.uk (Jon (spamtrap)) Date: Tue Dec 7 09:50:02 2004 Subject: [SpamCop-List] Re: LARTED? References: <1102390992.772592@ursine.dyndns.org> Message-ID: > > Netiquette isn't about being rude to people - AFAIK anyway - it is a > > method which helps us all to get along in our virtual environment. Most of > > us wouldn't abuse a co-worker and accuse them of wanting "spoonfeeding" if > > they approached us at our desk to ask a (possibly obvious) question - so > > why do we do it when we are online? > > Not all of us are doomed to work among the clueless, please don't assume > everyone else is forced to, either. It's patronizing and makes you look > bad. No-one is forced to come to this NG, but if you do choose to join in then you can expect to deal with some newbies. I'd suggest it was part and parcel of making this service accessible to everyone. It is not reasonable to label people as patronising or clueless because they are not experienced sysadmins. Still, I am happy to agree to disagree -- hence this is my last post in this thread. Jon From johnl at spamcop.net Tue Dec 7 14:59:04 2004 From: johnl at spamcop.net (JohnL) Date: Tue Dec 7 10:00:03 2004 Subject: [SpamCop-List] Re: 3rd party suspect References: Message-ID: "Ellen" wrote in news:cp4ehh$ia7$2@news.spamcop.net: > > "Mike Easter" wrote in message > news:cp3761$oo9$1@news.spamcop.net... >> >> >> However, not to be 'daunted', searching google groups on 'google groups' >> and also seeing that 'everyone' hates the new googlegroups beta -- I >> found a Brit sed [and so far it is still true] that the old google >> groups is still available at google.co.uk. >> >> > Let's hope it stays there altho I suspect it won't .... > > E > > > The old one is also at http://groups.google.ca/ From Merlyn at Spamcop.net Tue Dec 7 10:36:52 2004 From: Merlyn at Spamcop.net (Merlyn) Date: Tue Dec 7 10:40:02 2004 Subject: [SpamCop-List] [article] Mild C&C Message-ID: Cat earns degree, spammers get busted. Rule #3 in action: http://www.cbsnews.com/stories/2004/12/07/tech/main659418.shtml -- Regards, Merlyn A Spamcop advocate No emails this account is for newsgroups only People demand freedom of speech to make up for the freedom of thought which they avoided From sache at grignon.inra.fr Tue Dec 7 17:26:20 2004 From: sache at grignon.inra.fr (Ivan Sache) Date: Tue Dec 7 11:25:04 2004 Subject: [SpamCop-List] Re: Humor: A 419er that can't spell his name correctly References: Message-ID: <41B5D9AB.11706391@grignon.inra.fr> Hi, Tim wrote: > There is a missing 'H' as in Raymond Shithole Esq. > > Very appropriate for this kind of moron. As usual, 419ers try to look legitimate. Sithole seems to be a fairly common name in South Africa and neighbouring countries. One of the most "prolific" South African serial-killers, Moses Sithole, was sentenced to more than 4000 years in jail. I guess Raymond S*ithole was his brilliant defender. Raymond Sithole seems to be an "experienced" 419er, spamming at least since September 2004. Regards -- Ivan Sache From nobody at spamcop.net Tue Dec 7 11:37:00 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 11:40:02 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Fred K" wrote in message news:cp07b0$sk1$1@news.spamcop.net... | | "Cat" wrote in message | news:cp0650$rhi$1@news.spamcop.net... | | > Also, Google is your friend. A simple search of the word LART on Google | > comes up with several web sites giving you a definition. | | Ah but alas, the poor person wanted a simple definition of lart as it is | used here. Following the kind brush-off by cat leads one on an adventure and | after doing it I a gave up weeding through numerous definitions that do not | clearly define the term as it seems to be used in this NG. | | Fred K | P.S. If I was sure as to what it means I would tell. | After a moment's thought, I would have to agree with Fred's assessment, in view of the apparent newness of the OP. Though OT for OP, it's a totally logical conclusion. Pop From nobody at spamcop.net Tue Dec 7 11:51:00 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 11:55:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Mike Easter" wrote in message news:cp0g94$29d$1@news.spamcop.net... | Fred K wrote: | > "Cat" | | >> Also, Google is your friend. A simple search of the word LART on | >> Google comes up with several web sites giving you a definition. | > | > Ah but alas, the poor person wanted a simple definition of lart as it | > is used here. | | Some people are into spoonfeeding the hapless or uninformed, while | others would rather show them the way to get information, including some | dirty work. True enough, but ... do you know that the OP fits into that category? What makes you think OP fits the category of wanting to be spoonfed etc.? Maybe I missed something. If it's just an assumption without benefit of any substantiation, then IMO you kibitzed from the wrong side. | | > Following the kind brush-off by cat leads one on an | > adventure and after doing it I a gave up weeding through numerous | > definitions that do not clearly define the term as it seems to be | > used in this NG. That one I don't understand. Cat (not "cat") didn't brush anything off, did provide a viable lead, albeit with too much of an assumption of prior knowledge or experience by the OP. IMO, anyway. | | And therein lies the 'educational' process. It's just like | troubleshooting. The hours you spend chasing the wrong ponies are all | part of the overall process that lead to the greater wisdom based on all | experiences in the longrun. Yup, you got that right! But(t) ... why should a newbie without experience yet, who is putting in those hours and making a question to this ng part of it, be greeted with the likes of some of these comments? Each and every one of us (excepting maybe me!) had to be led by the hand to at least be shown where the coffee pot was, how to make the coffee, and where the toilet was. It's silly and unproductive to let a newbie wander around aimlessly, I agree, but there are needs to get pointed in the right direction. Heck, you don't even know if that poster knows who/what/where Google is. And especially since it's the only search engine ever mentioned on this group and others, the context can be all wrong. Like Google says spammed on ... xxx threads, etc.. I just consider it silly to not lend a helping hand while also showing the newbie where to verify the information he was given, plus learn a lot more. Perception is 99.999% of reality for most folks. | | While there is some 'education' in being pointed to exactly the right | page without superfluous effort, the /extra/ effort shows you/the | novice/ pathways which will/might be invaluable in some future effort, | and are certainly valuable in teaching one some pathways and experiences | that don't work very well. I have to disagree with most/all/some of that on some points/areas/issues/comments. If one's experience to date is search engines such as myfilters, mysearch, Ayahoo, Eeee123, and such, statements such as you encourage here don't seem to add anything of value to the OP. | | -- | Mike Easter | kibitzer, not SC admin | Yup, fer shure! Pop PS - what's SS? I've seen a "not SS admin before, too. You should know, right? If you're thinking Sam Spade, you're wrong. --- Sometimes when I have nothing to say, I guess I DO say it after all! From nobody at spamcop.net Tue Dec 7 11:52:25 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 11:55:16 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Tom" wrote in message news:igq7r05unkknceu399b55cn07nt5n038r9@4ax.com... | On Sun, 5 Dec 2004 18:31:01 -0800, Mike Easter wrote: | | >While there is some 'education' in being pointed to exactly the right | >page without superfluous effort, the /extra/ effort shows you/the | >novice/ pathways which will/might be invaluable in some future effort, | >and are certainly valuable in teaching one some pathways and experiences | >that don't work very well. | | Boy, Mike, but you use big words | | Commenting on some of your snipped stuff, I'm of the opinion that | there is a time for each approach. Usually, when I run across | something that I don't have a clue on, I just wait to see if someone | else is floating in the same boat as I... and then I get the answer | without looking stupid or drawing negative comments. | | I agree, by the way, with your assessment (at least, partially), but | sometimes prefer the clue-by-four route... Too logical to even comment on. Err, uhh, is it? ummm ... Guess it is! Pop From nobody at spamcop.net Tue Dec 7 12:02:04 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:05:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Cat" wrote in message news:cp0vc5$bh5$1@news.spamcop.net... | Mike Easter wrote: | > Fred K wrote: | | | | >>Ah but alas, the poor person wanted a simple definition of lart as it | >>is used here. | | My point was that people should learn to look it up. I was always taught | "If you don't know the answer, look it up" when I was a kid. It taught | me how to research things and how to think for myself instead of having | everyone hand me all the answers. Then if I still can't find the answer, | I'll ask. Reasonable, but(t) ... is that also how you learned to tie your shoes? Were you just forced to go read about how to do it? I agree that very often the answer is right there in front of us if we'll just look in the right cubby in front of us, but ... what's wrong with the courtesy of a simplified, short answer and instead of "go look it up", a comment on how/where to look for the info? Those two courtesies are lacking in many of these OT posts. Even mine, right here! | | > Some people are into spoonfeeding the hapless or uninformed, while | > others would rather show them the way to get information, including some | > dirty work. | | Agreed. I think people get too lazy and don't want to do any work for | themselves and instead expect other people to spoon feed them all the time. Agreed, for "some people". How did the OP get tossed into that category though? If there's any validation of that sort of evidence, it was artfully neglected. If you don't feel like giving a civil answer, why not just shut the hell up and leave it for someone with more than one brain cell? | | >>Following the kind brush-off by cat leads one on an | | Note to Frank: | That's Cat with a capital C, and it wasn't a brush off. I showed him how | to look up information on his own. Seriously, when the answers to things | like that can be found through a simple Google search of the term, | people shouldn't ask them here. The following Google response is recent as of about 30 seconds ago: ------------------- "Your search - "LARTED" -LARTed -larted - did not match any documents. Suggestions: - Make sure all words are spelled correctly. - Try different keywords. - Try more general keywords. - Try fewer keywords. Also, you can try Google Answers for expert help with your search." --------------------- Gee, what'd I do wrong? I used the Advanced Search and everything! Why in hell do these guys think it's so obvious on this Google place? If you answer that, be prepared to be ignored! Pop From nobody at spamcop.net Tue Dec 7 12:06:08 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:10:04 2004 Subject: [SpamCop-List] Re: LARTED? References: <41B4C555.8EC4D206@spamcop.net> Message-ID: "Kenneth Brody" wrote in message news:41B4C555.8EC4D206@spamcop.net... | Cat wrote: | > | > Mike Easter wrote: | > > Fred K wrote: | > | > | > | > >>Ah but alas, the poor person wanted a simple definition of lart as it | > >>is used here. | > | > My point was that people should learn to look it up. I was always taught | > "If you don't know the answer, look it up" when I was a kid. It taught | > me how to research things and how to think for myself instead of having | > everyone hand me all the answers. Then if I still can't find the answer, | > I'll ask. | | Or, as I like to say, "I'm trying to teach them to fish". But it's pretty useless of they die of starvation before they can get their line baited. | | > > Some people are into spoonfeeding the hapless or uninformed, while | > > others would rather show them the way to get information, including some | > > dirty work. | > | > Agreed. I think people get too lazy and don't want to do any work for | > themselves and instead expect other people to spoon feed them all the time. Oh, now it's just "people"? What happened to "some people"? And who appointed you to be the teacher? Or is it that old saw, those who can, do, and those who can't ... . | | Although acronymfinder is a better choice for this particular task, | Google for both "lart" and "larted" bring relevent pages as the third | ranking entry for each search. I'm not sure how much weeding needs to | be done to find the "right" answer. Mike Easter gave the most finite/accurate/current definition of what the OP wanted to know. And he's a kibitzer! Why is he about the only one that gets it 100%? I may disagree with Mike on a few things, but(t) ... he's seldom wrong/rude/crude/silly. Lots of other posters here are/were/will be. ... Pop From nobody at spamcop.net Tue Dec 7 12:12:28 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:15:02 2004 Subject: [SpamCop-List] Re: LARTED? References: <41B4C555.8EC4D206@spamcop.net> Message-ID: ... | Although acronymfinder is a better choice for this particular task, ... Huh? What the hell is an "acronymfinder" and how do I make or get one? Is that like a stud finder? Battery operated? What? Oh, by the way, for anyone's interested, I found lots of web sites with names like Acronym this and Acronym that - not ALL of them had LARTED in them, but some did. The first three didn't. Hmm, wonder if that's because they weren't about spam or email or web sites? Probably not. I did find it in one, but it didn't have anything to do with spam, Spamcop, or email even! Hmm, now, I wonder ... maybe there's a better search engine than Electronics Daily or the Federal Digest acronym lists? Those are the ones I started with. Pop From nobody at spamcop.net Tue Dec 7 12:14:02 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:15:11 2004 Subject: [SpamCop-List] Re: LARTED? References: <41B538C5.3FD5@xyzzy.claranet.de> Message-ID: "Cat" wrote in message news:cp3mmj$33m$1@news.spamcop.net... | Frank Ellermann wrote: | > Cat wrote: | | | | >>Note to Frank: | > | > | > Fred, IIRC there was no "Frank" in this thread until now ;-) | | Heh, oops! Don't know why, but I read that as Frank K for some reason | instead of Fred K. | Oh boy! 20 spam from a Nigerian chamber of commerce for you! Don't EVER make that mistake again, you hear? Or I'll wish a Ralsky curse upon your circuit boards! ;-]- Pop From nobody at spamcop.net Tue Dec 7 12:19:55 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:20:03 2004 Subject: [SpamCop-List] Waaayyyyyy OT Re: LARTED? References: Message-ID: ... | | I've already forgotten what the term LARTED means. | | Dar | | Sigggghhhhh, that's because there is no such accepted word as "LARTED". Now, there IS a LART, a LARTed, and at least a larted, but no LARTED. I know, because I did just like you; I looked it up. Google got zero hits . You remind me of the little, non-English speaking kid sitting in a corner crying because he couldn't find "telefone" in the dictionary. I think it was a collegiate dictionary of his sister's if I recall correctly, and he HAD to have that answer since the teacher insisted on it for the next day's class, or he'd get an F. Serves him right, doesn't it? Stupid kid, can't even know how to spell a word so he can look it up to see how to spell it! Boy, is he dumb! Pop From nobody at spamcop.net Tue Dec 7 12:20:50 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:25:03 2004 Subject: [SpamCop-List] Re: LARTED? References: <41B4C5B9.8D629AF5@spamcop.net> Message-ID: "Kenneth Brody" wrote in message news:41B4C5B9.8D629AF5@spamcop.net... | Dar wrote: | [...] | > I've already forgotten what the term LARTED means. | | Actually, I think it's more accurately "LARTed", as "LART" is the | acronym, and "ed" is the suffix to make it past tense. ... INTELLIGENCE! I found intelligence! Or is that INTELligence? Hmmmm, wish I speaked englich reel guud. Pop From nobody at spamcop.net Tue Dec 7 12:22:39 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:25:14 2004 Subject: [SpamCop-List] Re: LARTED? References: <1102294783.600602@ursine.dyndns.org> Message-ID: ... | > What is LARTED? | | Look it up, it's in the Jargon File. ... Oh! A "jargon" file! I dunno what that is, but I've wasted all this time trying to build an acronim finder! Or was that ackronym? Or, ahh, the heck with it! How do I find a "jargon" file, and what is it? Pop From nobody at spamcop.net Tue Dec 7 12:23:36 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:25:20 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Mike Easter" wrote in message news:cp0h6d$2v9$1@news.spamcop.net... | Terry Simpson wrote: | > What is LARTED? | | IMO | | The term has lost its relevance and should be considered passé - that | particular word looks to me like p a s s then [e acute]. | | That is, once upon a time, a notify had some 'impact' -- the notify | would 'affect' the spammer adversely; but no more. | | Nowadays, a 'luser attitude readjustment tool' is instead a rather | ineffectual notify, which isn't a 'clue by four' upside the head of the | spammer at all. The spammer is laughing all the way to the bank and the | spam reporter is only pretending to be 'larting' | | The spam reporter isn't actually swinging a cluebyfour, and the spammer | therefore isn't getting 'larted'. So the term should be dead and | buried. In its current iteration it is an 'embarassment' - a notion of | times gone by, as far as I'm concerned. | | It is all jivetalk 'jargon' which doesn't have the same meaning which it | once did. It implies a power or significance greater than a typical | notify deserves. | | IMO. | | -- | Mike Easter | kibitzer, not SC admin | Interesting. Even timely. Omigosh, and informative! What's going on here? Pop From nobody at spamcop.net Tue Dec 7 12:24:29 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:25:25 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: In other words, contemporary notifies have no impact. ... "contemporary notifies " have -great- impact; which ones were you refereing to? Pop From nobody at spamcop.net Tue Dec 7 12:31:02 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:35:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | | To all ... IMHO this sounded like a perfectly reasonable question. Yes, it | can be looked up on Google, but Terry chose a much more sociable method - | and asked real people. Yup, there are a few of those "types" on here. Actually, it's not bad compared to some other groups, but ... it's a lot worse than it used to be. We always have to put up with these ding-danged social types - isn't that just great? I like people - I like sociable types. So sue me, I mean, spam me; I'm sociable myself (most of the time), so I'm also one of "those" kind that makes these anti-socials so liver quivery. Anti-spam does # antisocial, in case no one noticed! Yet sometimes respondents prefer to get snippy - | which reflects badly on the rest of us. In a way, but it actually reflects worse on the newsgroup, especially an unmoderated one such as this. NIH comes out of the woodwork every once in awhile here; it's been worse, it's been a lot better. Just stick around; the personality of the group varies greatly over time - join in when you see a good swing in the right direction if the naysayers and narcissists bug you. | | Netiquette isn't about being rude to people - AFAIK anyway - it is a method | which helps us all to get along in our virtual environment. Most of us | wouldn't abuse a co-worker and accuse them of wanting "spoonfeeding" if they | approached us at our desk to ask a (possibly obvious) question - so why do | we do it when we are online? | | Amen. And that was no rant. Maybe a soapbox . Pop From nobody at spamcop.net Tue Dec 7 12:32:40 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:35:15 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Tim McGraw" wrote in message news:cp2hsd$b0p$1@news.spamcop.net... | Jon (spamtrap) wrote: | >>"Terry Simpson" wrote in message news:cp05b7$qle$1@news.spamcop.net... | >> | >>What is LARTED? | >> | >>Thanks! | > | > | | I just read the entire thread and thought the only rude post was by Fred K. | Same here, and I pretty much agree with you. It's amazing how many livers can quiver over the silliest things sometimes. It takes all kinds though, or the worl' wouldn't whirl. Pop From nobody at spamcop.net Tue Dec 7 12:34:07 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:35:19 2004 Subject: [SpamCop-List] Re: LARTED? References: <1102390992.772592@ursine.dyndns.org> Message-ID: ... | | Not all of us are doomed to work among the clueless, please don't assume | everyone else is forced to, either. It's patronizing and makes you look | bad. | | -- | Paul Johnson ... It makes -who- look bad? And it patronizes -who-? Wow, speaking of clueless... . Pop From nobody at spamcop.net Tue Dec 7 12:40:04 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:40:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | What is so hard about putting "what is a lart" in Google? Tip: use the | quote marks. Not a thing. IFF you know who/what/where Google is, and remember it exists and get a little experience with it. YOU even had to be taught some things before you understood it "all", or think you do anyway. | | > Thank you | | You're welcome. | | Have you ever worked somewhere and the customers ask the same questions | over and over and over again? And the answer is typically as inane, like | "over by the sign that says ____," where blank is the thing they asked | about. ... Yup! That's called many things, like Retail Sales, Auctioneering, betting windows, aww heck, most of the world when one's unfamilair on one side, and lacks interpersonal skills on the other or both sides. Yes, that's what I said: in-ter-per-son-al skills. Some people here need some. Seminars are available; check 'em out. Pop From nobody at spamcop.net Tue Dec 7 12:44:07 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:45:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | >> | >> How simple and to the point.It is probably the answer that should have | >> been given as a direct reply to Terry's question. Instead it took 23 | >> responses.. | | | Um, no. It required only one reply. RIGHT! Didn't someone else here use the | fishing analogy? YES If you give a man a fish, he'll eat for a day. MAYBE LONG ENOUGH TO LEARN TO FISH, EVEN! If you | teach a man to fish, he'll eat for a lifetime. ONLY IF HE LIVES LONG ENOUGH TO FISH! I'm sure glad I never had you for a mentor! I know, so are you - you're above all that aren't you? I just don't understand | why some people expect everyone else to do their thinking for them ACTUALLY, I DO, IN SEVERAL SPECIFIC CASES. and | then get all upset when they're shown how to think for themselves. MAYBE THAT'S THE CONDESCENDING, IRRITATED SOUNDING, RUDE, CRUDE, INACCURATE, AND SILLINESS THAT SOME PORTRAY. Like, uhh, you do? | | > At least no one responded STFW, which is the typicaly ng guff. CHECKED OUT THE JARGON FILE, EH? Guud fer u! ... Pop From nobody at spamcop.net Tue Dec 7 12:48:47 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 12:50:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: | | | There was absolutely nothing rude or snippy about my reply. Actually, there "absolutely" was something rude or snippy about your reply; it's like the "beauty is in the eye of the beholder" thing, but I know only your opinion counts, so ... I simply | showed him how to look it up on his own, VERY SIMPLY. And without supporting detail. Just a toss & run. which would teach him good | research habits for the future. YOU DON'T KNOW THAT HE DOESN'T ALREADY HAVE THOSE HABITS. IN FACT, YOU KNOW NOTHING ABOUT THE OP. But you certainly prefer to ASSume plenty! ... | | Maybe you and Fred should consider not being so overly sensitive and MAYBE YOU SHOULD ACQUIRE MORE IN THE AREA OF INTERPERSONAL SKILLS. | stop expecting everyone else to hold your hands through life. ... Another ASSumption without provocation/support/detail/thoughtfulness/social skills. Pop From puoti at inwind.it Tue Dec 7 18:52:02 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Tue Dec 7 12:55:04 2004 Subject: [SpamCop-List] Re: Want to get to a spammer? In-Reply-To: References: Message-ID: > Even if you have promoted violence in response to a joe job ? I didn't promote it, I explicitly said I take no responsibility for anything, and the spammer is welcome to sue me. Ivan. From nobody at spamcop.net Tue Dec 7 12:55:12 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 13:00:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | | Again For the record I do understand how you feel & I'm not saying you | are wrong in any way shape or form, I've been there & done that myself. | I'm just trying to say if something is wrong & you don't want to deal | with us then don't, from what I've seen of this group someone will. | Eventually. | David 1 EGGzactly! The neuron-challenged are plentiful enough here, but they're outnumbered/outpowered/out weaponized by those with actual interpersonal skills and social abilities. One should always put on their thickest skin before going to nearly any newsgroup and if faceless zombie's opinions and words upset you, then it's time to think more about a moderated forum where the class of people is more similar to your liking. This is a Good Group, with significantly dedicated and active participants who have the experience of many behind them and are willing to share that for the greater good. You have an excellent attitude - and you even demonstrate social skills. Keep up the good work! Pop From puoti at inwind.it Tue Dec 7 18:54:17 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Tue Dec 7 13:00:11 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: Spammers have started rejecting connections from the spamvampire in certain conditions, to avoid this go to my home page http://ivanleo.spedia.net and look for the anti spam link toward the top of the page. Ivan. From nobody at spamcop.net Tue Dec 7 13:05:01 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 13:05:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | | And while we're on the subject of learning things, *your* is a Ooooohh, Cat can get to be quite a little bass turd, eh? That's a good little snippet of attitude followed by condescending platitude. How to win friends and influence people: piss them off first with unsolicited "help", then tell them it's for their own good. Uh, HUH! ... Drivel flushed. I'm finally at the end of the thread, don't think I'll bother to Get Headers again! Seriously, it's been fun going down through all these 32 posts I think it was. If I left you out, that's only because you made sense and I couldn't think of anything to say, so I moved on. Or you might have left me speechless! Seriously folks, it's been fun. Don't think I'll have to do this again for a good month now! Pop PS - Oh, and I'll only debate -some- intelligent posts now I've had my fix. Flame away, folks, if you feel you must. I only debate things I am interested in. And for God's sake get ON TOPIC! S'long From nobody at spamcop.net Tue Dec 7 14:05:29 2004 From: nobody at spamcop.net (Ellen) Date: Tue Dec 7 14:10:06 2004 Subject: [SpamCop-List] Re: 3rd party suspect References: Message-ID: "JohnL" wrote in message news:Xns95B85138877BAjohnlspamcopnet@216.154.195.61... > > The old one is also at > http://groups.google.ca/ We can chase it around from country to country! E From dannyg at dannyg.com Tue Dec 7 12:15:43 2004 From: dannyg at dannyg.com (Danny Goodman) Date: Tue Dec 7 15:15:58 2004 Subject: [SpamCop-List] Lycos.com 24h turnaround In-Reply-To: <200412071735.iB7HZRgF068233@dannyg.com> Message-ID: Within the last week Lycos.com (not the DDoSing one) has twice converted a report of Anglefire spamvertising abuse into a terminated account within 24 hours (two separate accounts). I think that's pretty good for a big outfit. Submission form located at: Danny http://www.dannyg.com http://www.spamwars.com From no_spam at no.spam.com Tue Dec 7 21:15:20 2004 From: no_spam at no.spam.com (mdes) Date: Tue Dec 7 15:20:03 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: Paul D wrote: > It's disappointing that I've had no more feedback to my other post. > Isn't there anything that anyone can do? > > Thanks > Paul I sent 3 reports (6-dec 8:56, 7-dec 9:23 and 7-dec 20:43), and I received no mail from SpamCop for reporting :( The last received report followed my mail on 5-dec 16:26. I know there are problems with the SpamCop server, but for 1.5 day ! Michel. ps: All times in GMT+1 From nobody at devnull.spamcop.net Tue Dec 7 14:48:19 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Tue Dec 7 15:50:04 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: "mdes" wrote in message news:cp533e$2c0$1@news.spamcop.net... > > I sent 3 reports (6-dec 8:56, 7-dec 9:23 and 7-dec 20:43), and I received no mail from SpamCop for reporting :( > The last received report followed my mail on 5-dec 16:26. > > I know there are problems with the SpamCop server, but for 1.5 day ! And have you done any troubleshooting? Logging in on a www.spamcop.net page for instance? Are there reports waiting there to "Report Now" ... is there an indication that e-mail to your registered e-mail account has been bouncing ... have you checked the FAQ over in the web-based Forum area that has a few entries dealing with missed/lost/delayed e-mail ... did your ISP start a new filtering process .... on and on ... From nobody at devnull.spamcop.net Tue Dec 7 14:56:06 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 16:00:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > ... > | > | And while we're on the subject of learning things, *your* is a > > Ooooohh, Cat can get to be quite a little bass turd, eh? Personal attacks are rude, uncalled-for, and only make you look immature. That's > a good little snippet of attitude followed by condescending > platitude. How to win friends and influence people: piss them > off first with unsolicited "help", then tell them it's for their > own good. Uh, HUH! As if your own condescending attitude was needed. Seems more like you specifically chose the childish route of "I'd rather attack Cat for no good reason" judging by your replies to several of my posts. Your posts came across as less about wanting to be helpful to newbies and more about attacking someone whose posts you don't like. Since you seem hell-bent on calling someone else rude, typing with your caps lock stuck on like you did in several replies to my post is rude. Don't get your panties in such a wad just because everyone doesn't coddle you and sugar coat everything they say to you. You obviously had nothing positive to contribute to this discussion, since you resorted to verbal attacks and criticisms. You might want to count to 10, take a few deep breaths, and ask yourself why you feel the need to get all worked up over something this small. From nobody at devnull.spamcop.net Tue Dec 7 15:01:11 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 16:05:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: <41B4C555.8EC4D206@spamcop.net> Message-ID: Pop wrote: > ... > | Although acronymfinder is a better choice for this particular > task, > ... > Huh? What the hell is an "acronymfinder" and how do I make or > get one? Is that like a stud finder? Battery operated? What? Go back to my original post in this thread, and you'll find your answer to "what is acronymfinder?" From nobody at devnull.spamcop.net Tue Dec 7 15:13:07 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 16:20:08 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > "Cat" wrote in message > news:cp0vc5$bh5$1@news.spamcop.net... > | Mike Easter wrote: > | > Fred K wrote: > | > | > | > | >>Ah but alas, the poor person wanted a simple definition of > lart as it > | >>is used here. > | > | My point was that people should learn to look it up. I was > always taught > | "If you don't know the answer, look it up" when I was a kid. It > taught > | me how to research things and how to think for myself instead > of having > | everyone hand me all the answers. Then if I still can't find > the answer, > | I'll ask. > > Reasonable, but(t) ... is that also how you learned to tie your > shoes? Were you just forced to go read about how to do it? I > agree that very often the answer is right there in front of us if > we'll just look in the right cubby in front of us, but ... what's > wrong with the courtesy of a simplified, short answer and instead > of "go look it up", a comment on how/where to look for the info? > Those two courtesies are lacking in many of these OT posts. Even > mine, right here! Not a reasonable analogy since shoe tying is a physical activity and word definitions are trivial things that can be looked up on their own. Same with web site FAQs. In a good FAQ section, you can find the answers to most things without ever having to bother the support people. Unfortunately, SpamCop isn't known for being the best FAQ. Some things are easily searchable in it, but others are either hard to find or aren't explained well enough. > > | > | > Some people are into spoonfeeding the hapless or uninformed, > while > | > others would rather show them the way to get information, > including some > | > dirty work. > | > | Agreed. I think people get too lazy and don't want to do any > work for > | themselves and instead expect other people to spoon feed them > all the time. > > Agreed, for "some people". How did the OP get tossed into that > category though? If there's any validation of that sort of > evidence, it was artfully neglected. If you don't feel like > giving a civil answer, why not just shut the hell up and leave it > for someone with more than one brain cell? Because the term LART could have easily been plugged into any search engine. I also gave him the acronymfinder link, which is very helpfull for thse things. Considering how you followed me around this particular thread just to attack and nitpick every little thing I've said, maybe you should follow your own advice and shut the hell up if you can't be civil and leave it for someone with more than one brain cell. Don't be such a hypocrite. > The following Google response is recent as of about 30 seconds > ago: > ------------------- > "Your search - "LARTED" -LARTed -larted - did not match any > documents. > > Suggestions: > - Make sure all words are spelled correctly. > - Try different keywords. > - Try more general keywords. > - Try fewer keywords. > Also, you can try Google Answers for expert help with your > search." > --------------------- > Gee, what'd I do wrong? I used the Advanced Search and > everything! Why in hell do these guys think it's so obvious on > this Google place? > > If you answer that, be prepared to be ignored! Ignored? Gee, I wonder why. Maybe it's because you don't want to realize that you were wrong. A search of the word LART comes up with plenty of links explaining what it is. Anyone with two brain cells to rub together should be smart enough to drop the ed and look it up in present tense form. From nobody at spamcop.net Tue Dec 7 13:20:27 2004 From: nobody at spamcop.net (Dar) Date: Tue Dec 7 16:25:03 2004 Subject: [SpamCop-List] Online School That Gave Cat an MBA Is Sued Message-ID: HARRISBURG, Pa. - The Pennsylvania attorney general's office Monday sued an online university for allegedly selling bogus academic degrees - including an MBA awarded to a cat. http://tinyurl.com/5m42d From nobody at devnull.spamcop.net Tue Dec 7 15:19:21 2004 From: nobody at devnull.spamcop.net (Cat) Date: Tue Dec 7 16:25:12 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > "Mike Easter" wrote in message > news:cp0g94$29d$1@news.spamcop.net... > | Fred K wrote: > | > "Cat" > | > | >> Also, Google is your friend. A simple search of the word > LART on > | >> Google comes up with several web sites giving you a > definition. > | > > | > Ah but alas, the poor person wanted a simple definition of > lart as it > | > is used here. > | > | Some people are into spoonfeeding the hapless or uninformed, > while > | others would rather show them the way to get information, > including some > | dirty work. > > True enough, but ... do you know that the OP fits into that > category? What makes you think OP fits the category of wanting > to be spoonfed etc.? Maybe I missed something. If it's just an > assumption without benefit of any substantiation, then IMO you > kibitzed from the wrong side. > > | > | > Following the kind brush-off by cat leads one on an > | > adventure and after doing it I a gave up weeding through > numerous > | > definitions that do not clearly define the term as it seems > to be > | > used in this NG. > > That one I don't understand. Cat (not "cat") didn't brush > anything off, did provide a viable lead, albeit with too much of > an assumption of prior knowledge or experience by the OP. IMO, > anyway. Ok, so you say this as if you understood my original reply and thought it was just fine. Then you chased me around the rest of the thread and nitpicked every little thing I said. I didn't do anything with an assumption of prior knowledge of experience. I gave the OP the acronym finder link and also pointed him to a search engine. Anyone who's been on the internet more than a day knows what Google is. Certainly, anyone who can figure out how to get to a newsgroup would know such basic knowledge as what Google is. From porpoise1954 at yahoo.co.uk Tue Dec 7 22:24:34 2004 From: porpoise1954 at yahoo.co.uk (Porpoise) Date: Tue Dec 7 17:30:05 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Cat" wrote in message news:cp56sh$5ej$1@news.spamcop.net... > Anyone who's been on the internet more than a day knows what Google is. > Certainly, anyone who can figure out how to get to a newsgroup would know > such basic knowledge as what Google is. Ermm....... Wots a google? Is it like a Beagle? From David1 at suescornerweb.com Tue Dec 7 18:03:13 2004 From: David1 at suescornerweb.com (David 1) Date: Tue Dec 7 18:05:02 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: WazoO wrote: > "David 1" wrote in message > news:cp3op2$502$1@news.spamcop.net... > >> So to help me learn a heck of a lot more a lot faster why >>don't you give me that link(s) to what ever faq & other searchable info >>we have ( note the only place I've ever been to sc before coming here >>was the button to make a donation (ie: buy MEGS(FUEL)whatever) & I click >>the link when I get the email that it's ready for me to go hit the next >>couple of buttons so that's my association with SC. >>Now if you will baby me & hand me those link(s) that I need to get the >>job done then for what ever it's worth to you since you don't know me >>I'll give you my word that for a period of NO less then 3 months >>starting from the time I receive the links. I will personally answer >>every newbie question that I catch & if I don't catch it you have my >>full permission to chew me out publicly, also email me with the subject >>that I missed the question & I will answer the question asap so that you >>don't have to mess with it except for correcting me when I miss read >>something & screw it up. > > > With a promise like that ..... I'll give you two links .... > Login in to "your" www.spamcop.net page ... hit Help .... > http://forum.spamcop.net/forums/index.php? holds a FAQ that > contains all the above plus a whole lot more in a single-page > access-point format. > > Message saved, Promise will be kept I miss one just let me know David 1 From nobody at spamcop.net Tue Dec 7 18:18:32 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 18:20:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: ... | > | > That one I don't understand. Cat (not "cat") didn't brush | > anything off, did provide a viable lead, albeit with too much of | > an assumption of prior knowledge or experience by the OP. IMO, | > anyway. | | | Ok, so you say this as if you understood my original reply and thought "as if"? There you go ASSuming again. You need help with reading comprehension. | it was just fine. Then you chased me around the rest of the thread and Nope, didn't chase you. There you were at every turn, right square in front of me. | nitpicked every little thing I said. No, not "every little thing" you said. You need help with reading comprehension. I didn't do anything with an | assumption of prior knowledge of experience. Then I guess you're claiming to be clairvoyant? So, uhhh, you KNEW those WAGs to be accurate? Methinks though dost protest too much. Oh, sorry; you don't know what that means either, do you? I gave the OP the acronym | finder link and also pointed him to a search engine. Exactly: You gave him "acronumfinder" and then presented a different, unrelated link to "acronymfinder". There is no such thing as "acronymfinder". Anyone who's been | on the internet more than a day knows what Google is. Off the top of my head, I can name EIGHT PEOPLE WHO DON'T KNOW WHAT GOOGLE IS, WHO HAVE BEEN ON THE NET A LOT LONGER THAN "a day"! And, in a month or so, that number will be higher. You must have an incredibly small or select (as in you think it's superior) support group, eh? Don't you have ANY friends who aren't online addicts? There's more to the world than this limited neighborhood, you know. Or maybe you don't know. Certainly, anyone | who can figure out how to get to a newsgroup would know such basic | knowledge as what Google is. OH? And how do you make that leap of faith? THREE PEOPLE I can think of at this moment, received their computers WITH newsgroups all set up and ready to go. There were even some subscribed groups already. You have an incredibly limited world I'm afraid, and are really cheating yourself by being so narcissistic and attempting unsuccessful condescension. You're trying, but only to those who have to be close to you, thankfully. You really need to get out for a breath of actual oxygen sometime soon. If I really wanted to nitpick you, I'd still be writing the original entertainment notes I was making. Some people like you make it boring though; don't think you have anything worth entertainment anymore; you used it all up. Thanks again, Pop From nobody at spamcop.net Tue Dec 7 18:41:23 2004 From: nobody at spamcop.net (Pop) Date: Tue Dec 7 18:45:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Cat" wrote in message news:cp55gv$443$1@news.spamcop.net... | Pop wrote: | > ... | > | | > | And while we're on the subject of learning things, *your* is a | > | > Ooooohh, Cat can get to be quite a little bass turd, eh? | | Personal attacks are rude, uncalled-for, and only make you look immature. Yes, they do "make you look immature": You should stop. | | That's | > a good little snippet of attitude followed by condescending | > platitude. How to win friends and influence people: piss them | > off first with unsolicited "help", then tell them it's for their | > own good. Uh, HUH! | | As if your own condescending attitude was needed. No, I don't have a condescendig attitude at all. What I have is impatience with socially-challenged frumpets who know their limitations but ignore them. My opinion of most people who participated in this thread is magnitudes higher than yours is/was for any posting you responded to. Actually, you didn't respond; you whined and complained like a 5 year old. | | Seems more like you specifically chose the childish route of "I'd rather | attack Cat for no good reason" Nope, I had a reason for posting what I posted. I didn't keep track of WHO made dumb/smart comments, I just gave my opinion, joining the silly fracass that had already been started and which could go no lower than it already was. Obviously you are not a party to the line of thought that says there are no dumb questions, except for the ones which aren't asked. You jumped on a single poster and lumped him/her into a one size fits all derogatory laden spiel of actual trash, a couple of times. FWIW, I guessed that you would be the first one to bother to cry foul and I was right. You need to improve your reading comprehension. judging by your replies to several of my | posts. Your posts came across as less about wanting to be helpful to | newbies and more about attacking someone whose posts you don't like. Ahh, you noticed!! It wasn't that I didn't like the posts, it's that you were a hell of a lot less than helpful to the OP and should have kept your lips pressed against whatevery you took them away from in order to make those responses. Posting for the sake of posting is silly. Also pretty dumb. Posting to show off you knowledge, or lack thereof, is even sillier. You need to look around for the troll-group; you'll be much less happy there and thus probably a lot happier. No, I didn't mis-speak; I said what I meant. I also meant what I said. | Since you seem hell-bent on calling someone else rude, typing with your | caps lock stuck on like you did in several replies to my post is rude. FIRST OF ALL, MY CAPS LOCK KEY WASN'T "stuck" ON, IT WAS TURNED ON, SPECIFICALLY FOR THAT ONE POST. NO ONE IS MAKING YOU READ IT; IF YOU ARE UNHAPPY WITH IT, DON'T READ IT. IT'S THAT SIMPLE. BUT, IN REALITY, IT MADE YOU HAPPY, DIDN'T IT? yES, IT DID. aDMIT IT NOW: i KNOW IT MADE YOU HAPPY. rIGHT? oK. i SEE. eNOUGH, i GUESS, FOR THIS ONE. itspisserslikeyouthatkeeppeoplefrombeingabletolearnbecauseyoupissthemoffbeforetheygetachancetolearnanythinguseful,butthenthatsyourintentisntit? | | Don't get your panties in such a wad just because everyone doesn't dON'T JUDGE OTHERS BY YOURSELF. nOT ALL REAL MEN WEAR PANTIES LIKE YOU DO. oR DON'T YOU KNOW THE DIFFERENCE? yOU KNOW, AS SOON AS YOU LET SOMEONE ON A NG KNOW WHAT PISSES YOU OFF, YOU ARE SIMPLY ASKING FOR MORE OF IT, DON'T YOU? | coddle you and sugar coat everything they say to you. You obviously had | nothing positive to contribute to this discussion, Oh, but I did, ether-breath. I contributed a positive opinion of your opinions which were of little to no value due to their presentation. since you resorted to | verbal attacks and criticisms. You don't like getting back what you dished out, do you? Think about that. Too late! You already thought about it! You might want to count to 10, take a few | deep breaths, and ask yourself why you feel the need to get all worked | up over something this small. I'm not worked up. Are you? I'm simply making statements about you concerning your actions and how they went off topic, ignored the poster technically and socially, displayed poor to no etiquette, and quivered your own liver into an earthquake by the sound of you. The correct response for you would have been to just ignore all of it. Or plonk me. I certainly wouldn't care. It's only the unthinking and inexperienced who get mad on newsgroups. I'm the type that gives back what I get, that's all, and I'd seen enough of your drivel to feel that you deserved to get a little of it back. That's all. No animosity, no hard feelings, no hate, not even a dislike, though I think I'm glad you're not a neighbor. Or, is that glad that your not a neighbor? There, I gave you something else to do. There are four other little mysteries hidden in my posts for you to find if you want the challenge. Well, I grow weary of your little challenges. That's one of three responses I expected to receive - we'll see if the others come in. But, like I said, I'm weary of this; time to move on to something with legitimate interest and maybe even on topic. See ya in the next realm! Pop From David1 at suescornerweb.com Tue Dec 7 18:42:23 2004 From: David1 at suescornerweb.com (David 1) Date: Tue Dec 7 18:45:21 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 In-Reply-To: References: Message-ID: Paul D wrote: > It's disappointing that I've had no more feedback to my other post. > Isn't there anything that anyone can do? > > Thanks > Paul > > I'm trying to check on this keep getting server to busy , soon as I find out I'll let you know From MikeE at ster.invalid Tue Dec 7 15:44:48 2004 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 7 18:45:30 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: David 1 wrote: > Paul D wrote: >> It's disappointing that I've had no more feedback to my other post. >> Isn't there anything that anyone can do? > I'm trying to check on this keep getting server to busy , soon as I > find out I'll let you know I'll go dig up a dozen spams and chunk them at the webparser and let you know. -- Mike Easter kibitzer, not SC admin From David1 at suescornerweb.com Tue Dec 7 18:50:15 2004 From: David1 at suescornerweb.com (David 1) Date: Tue Dec 7 18:55:04 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > "David 1" wrote in message > news:cp0reb$8tj$1@news.spamcop.net... > | Tom wrote: > | > On Sun, 5 Dec 2004 19:53:39 -0800, N. Miller wrote: > | > > | > > | >>>The term has lost its relevance and should be considered > pass? - that > | >>>particular word looks to me like p a s s then [e acute]. > | >> > | >>In other words, contemporary notifies have no impact. > | > > | > > | > Except to build black/block lists. > | > > | > Which is why to sooner you can report spam to the time it was > | > delievered, the better. > | > > | My avg. According to spam cop usually runs between 2 - 5 hours, > is that > | considered ok??? > | David 1 > > This one went unanswered as the thread was abandoned, is OT to > the OP's question, and could have easily been answered by: > > Yeah, that's not bad at all, actually. My time is stuck around > 12 hours, "pretty good" per SC's magic spokes-code. > > Pop > > Thank you much David 1 From MikeE at ster.invalid Tue Dec 7 15:53:12 2004 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 7 18:55:16 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: Mike Easter wrote: > David 1 wrote: >> Paul D wrote: >>> It's disappointing that I've had no more feedback to my other post. >>> Isn't there anything that anyone can do? > >> I'm trying to check on this keep getting server to busy , soon as >> I find out I'll let you know > > I'll go dig up a dozen spams and chunk them at the webparser and let > you know. Just over 4 min per dozen, just before 4 PM PST [UTC -0800] That includes a little time for me to scan them for 'interest', and put into the webparser by hand one at a time. -- Mike Easter kibitzer, not SC admin From David1 at suescornerweb.com Tue Dec 7 19:07:01 2004 From: David1 at suescornerweb.com (David 1) Date: Tue Dec 7 19:10:08 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > .... > | > | Again For the record I do understand how you feel & I'm not > saying you > | are wrong in any way shape or form, I've been there & done that > myself. > | I'm just trying to say if something is wrong & you don't want > to deal > | with us then don't, from what I've seen of this group someone > will. > | Eventually. > | David 1 > > EGGzactly! The neuron-challenged are plentiful enough here, but > they're outnumbered/outpowered/out weaponized by those with > actual interpersonal skills and social abilities. One should > always put on their thickest skin before going to nearly any > newsgroup and if faceless zombie's opinions and words upset you, > then it's time to think more about a moderated forum where the > class of people is more similar to your liking. > > This is a Good Group, with significantly dedicated and active > participants who have the experience of many behind them and are > willing to share that for the greater good. > > You have an excellent attitude - and you even demonstrate social > skills. Keep up the good work! > > Pop > > Thank you again I think From not at home.today Wed Dec 8 00:11:52 2004 From: not at home.today (Ant) Date: Tue Dec 7 19:15:06 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: "Pop" wrote: [snip] > Well, I grow weary of your little challenges. That's one of > three responses I expected to receive - we'll see if the others > come in. But, like I said, I'm weary of this; time to move on to > something with legitimate interest and maybe even on topic. I'm thinking about posting my Spamcop mini "hall of fame". Both yourself and Cat are in it ;) From MikeE at ster.invalid Tue Dec 7 16:15:08 2004 From: MikeE at ster.invalid (Mike Easter) Date: Tue Dec 7 19:15:17 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: Mike Easter wrote: > Just over 4 min per dozen, just before 4 PM PST [UTC -0800] According to the stats page, at about 7 PM EST [UTC - 0500] SC is processing about 4 spams/sec, 240/min, 14,400/hr, which would be on track for 345,600/d or projected more than a couple of million a week. The graphic doesn't show any reduction of activity at http://www.spamcop.net/spamgraph.shtml?spamstats -- Mike Easter kibitzer, not SC admin From eatmy at grits.com Tue Dec 7 19:59:06 2004 From: eatmy at grits.com (Jeff) Date: Tue Dec 7 22:00:04 2004 Subject: [SpamCop-List] Re: make love not spam References: Message-ID: Ok, I tried it. I get a bunch of x'd out images and a ton of load errors. "Ivan Leo Puoti" wrote in message news:cp4qq7$rlk$2@news.spamcop.net... > Spammers have started rejecting connections from the spamvampire in > certain conditions, to avoid this go to my home page > http://ivanleo.spedia.net > and look for the anti spam link toward the top of the page. > > Ivan. From nobody at spamcop.net Tue Dec 7 20:25:08 2004 From: nobody at spamcop.net (Dar) Date: Tue Dec 7 23:30:04 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: Perhaps it's time to take this over to social or let it go? Dar From tmcgraw at spamcop.net Tue Dec 7 20:33:19 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Tue Dec 7 23:35:02 2004 Subject: [SpamCop-List] Re: BBCNEWS: Freeze on anti-spam campaign In-Reply-To: References: Message-ID: Bob Ames wrote: > > Lycos apparently has stopped with the origanized Vampiring. > > Or at least is no longer allowing new downloads of the Vampire > software... It's only a matter of time now... Big surprise, > it turns out that Vampiring is Not A Good Thing After All(tm). > :-) Fake Lycos screensaver harbours Trojan "Virus writers have begun distributing their wares in emails that pose as Lycos's abandoned 'Make love not spam' screensaver." http://www.theregister.co.uk/2004/12/07/fake_lycos_screensaver_trojan From nobody at devnull.spamcop.net Tue Dec 7 23:24:03 2004 From: nobody at devnull.spamcop.net (Cat) Date: Wed Dec 8 00:30:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > | Personal attacks are rude, uncalled-for, and only make you look > immature. > > Yes, they do "make you look immature": You should stop. Since I didn't start anything, there's nothing to stop. You're just trying to be argumentitive for no good reason. I have better things to do with my time than to waste it sinking to your level of childishness. You're behaving like a troll. From mfkmek820 at yahoo.com Tue Dec 7 20:51:50 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Wed Dec 8 00:55:03 2004 Subject: [SpamCop-List] What is munged in this report? Message-ID: SC says earthlink.net does not accept munged report. I reported it using the "Forward as attachment" method, did not even look at it. That leads me to suspicion something is goofy in the header as I recieved it.. But I am not educated enough to figure out what I am looking for. Spam Header Here is your TRACKING URL - it may be saved for future reference: http://www.spamcop.net/sc?id=z700352933z1a87e9b7037f69973f1cb4b536b05cf4z Skip to Reports Report Spam to: Using abuse#abuse.earthlink.net@devnull.spamcop.net for statistical tracking. Re: 65.110.130.254 (Administrator of network where email originates) no Javascript = no confirmation = no report To: abuse@abuse.earthlink.net (refuses munged reports) (Notes) Fred k From nobody at devnull.spamcop.net Tue Dec 7 23:57:05 2004 From: nobody at devnull.spamcop.net (Cat) Date: Wed Dec 8 01:00:02 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: References: Message-ID: Pop wrote: > | Personal attacks are rude, uncalled-for, and only make you look immature. > > Yes, they do "make you look immature": You should stop. Since I didn't start anything, there's nothing to stop. You're just trying to be argumentitive for no good reason. I have better things to do with my time than to waste it sinking to your level of childishness. You're behaving like a troll. I've been a regular in the SpamCop newsgroups for several years, and I've learned that there's always going to be a small handfull of people in the group that are going to whine and complain about how people reply to others no matter how many other people either agreed with the post or said the same thing in their own replies. I'm not going to waste my time and energy caring what a small few petty whiners have to say. It's really kind of sad and pathetic that some people have nothing better to do with their time than to wait around for someone else to disagree with a post then follow along jumping on that person like a pack of wolves. You're caving into the "follow the crowd like sheep" mentality. From zypher at spamcop.net Wed Dec 8 00:04:52 2004 From: zypher at spamcop.net (Ron B.) Date: Wed Dec 8 01:05:02 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: On Tue, 07 Dec 2004 20:51:50 -0900, Fred K wrote: > SC says earthlink.net does not accept munged report. I reported it using > the "Forward as attachment" method, did not even look at it. That leads me > to suspicion something is goofy in the header as I recieved it.. But I am > not educated enough to figure out what I am looking for. > > Spam Header > Here is your TRACKING URL - it may be saved for future reference: > http://www.spamcop.net/sc?id=z700352933z1a87e9b7037f69973f1cb4b536b05cf4z > Skip to Reports > > Report Spam to: > Using abuse#abuse.earthlink.net@devnull.spamcop.net for statistical > tracking. > Re: 65.110.130.254 (Administrator of network where email originates) > no Javascript = no confirmation = no report > To: abuse@abuse.earthlink.net (refuses munged reports) (Notes) > > > Fred k To: x From MikeE at ster.invalid Tue Dec 7 22:06:25 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 01:10:13 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: Fred K wrote: > SC says earthlink.net does not accept munged report. I reported it > using the "Forward as attachment" method, did not even look at it. > That leads me to suspicion something is goofy in the header as I > recieved it.. But I am not educated enough to figure out what I am > looking for. There isn't anything wrong with your submit/forward. The 'standard' or default SC configuration for you is to munge reports in the standard SC munge; which is to convert addresses in the To or CC or Received lines into 'x' -- but your reporting preferences can have 3 options, obscure [or munge], leave intact [don't munge], or mole report. > Spam Header > Here is your TRACKING URL - it may be saved for future reference: spamcop.net/sc?id=z700352933z1a87e9b7037f69973f1cb4b536b05cf4z > Skip to Reports > > Report Spam to: > Using abuse#abuse.earthlink.net@devnull.spamcop.net for statistical > tracking. > Re: 65.110.130.254 (Administrator of network where email originates) > no Javascript = no confirmation = no report > To: abuse@abuse.earthlink.net (refuses munged reports) (Notes) Most likely you are configured to munge you address. If the standard munge is used, EL doesn't want to receive the report and it will be handled 'internally' - ie the report will count, but EL won't get a copy of the report that their user was a source 65.110.130.254 rDNS user-10mt0nu.cable.mindspring.com is listed in a number of blocklists including SCbl & cbl so it is probably a trojan. If you click to report the spam to EL, then SC will unmunge or demunge your report to them. -- Mike Easter kibitzer, not SC admin From avoozl at spamcop.net Tue Dec 7 22:08:56 2004 From: avoozl at spamcop.net (Chris F. Willoughby) Date: Wed Dec 8 01:10:23 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: You know.. I've often wondered why EL refuses spamcop.net reports that are munged... You'd think they'd want to clean up their network if they have spammers using it. Chris "Mike Easter" wrote in message news:cp65km$pdf$1@news.spamcop.net... > Fred K wrote: >> SC says earthlink.net does not accept munged report. I reported it >> using the "Forward as attachment" method, did not even look at it. >> That leads me to suspicion something is goofy in the header as I >> recieved it.. But I am not educated enough to figure out what I am >> looking for. > > There isn't anything wrong with your submit/forward. > > The 'standard' or default SC configuration for you is to munge reports > in the standard SC munge; which is to convert addresses in the To or CC > or Received lines into 'x' -- but your reporting preferences can have 3 > options, obscure [or munge], leave intact [don't munge], or mole report. > >> Spam Header >> Here is your TRACKING URL - it may be saved for future reference: > spamcop.net/sc?id=z700352933z1a87e9b7037f69973f1cb4b536b05cf4z >> Skip to Reports >> >> Report Spam to: >> Using abuse#abuse.earthlink.net@devnull.spamcop.net for statistical >> tracking. >> Re: 65.110.130.254 (Administrator of network where email originates) >> no Javascript = no confirmation = no report >> To: abuse@abuse.earthlink.net (refuses munged reports) (Notes) > > Most likely you are configured to munge you address. If the standard > munge is used, EL doesn't want to receive the report and it will be > handled 'internally' - ie the report will count, but EL won't get a copy > of the report that their user was a source 65.110.130.254 rDNS > user-10mt0nu.cable.mindspring.com is listed in a number of blocklists > including SCbl & cbl so it is probably a trojan. > > If you click to report the spam to EL, then SC will unmunge or demunge > your report to them. > > -- > Mike Easter > kibitzer, not SC admin > From nobody at xyzzy.claranet.de Wed Dec 8 07:29:31 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Wed Dec 8 01:35:03 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: <41B69F4B.3DCA@xyzzy.claranet.de> Cat wrote: > A search of the word LART comes up with plenty of links > explaining what it is. Anyone with two brain cells to rub > together should be smart enough to drop the ed and look it > up in present tense form. Google used to do this for you, but maybe I confuse it with singular vs. plural. OTOH if I type in "larted" the _second_ hit is a page with the title "what is LARTed". "define:larted" fails, but "define:lart" works, that should be good enough for simple acronyms. Some ways to access the jargon file: http://dict.org gopher://dict.org:2628/?DEFINE%20*%20LART The latter won't work on a "secure" IE, because M$ decided that the fastest way to "fix" this feature was to remove it, but it is possible to reenable it in the registry. There are of course newer versions of the jargon file than the 2001 dict.org copy, faqs.org has a copy, and the newest is apparently http://www.catb.org/~esr/jargon/ (it's hard to tell which jargon file is "the" jargon file). http://www.catb.org/~esr/jargon/html/L/LART.html http://www.catb.org/~esr/jargon/html/X/xyzzy.html The xyzzy entry is incomplete, they removed a broken link, and my proposal to fix it didn't make it yet, for another xyzzy story see http://www.rickadams.org/adventure/c_xyzzy.html My "SC on topic" indicator says "zero", is this correct ? Bye. From nobody at devnull.spamcop.net Wed Dec 8 00:43:32 2004 From: nobody at devnull.spamcop.net (Cat) Date: Wed Dec 8 01:50:03 2004 Subject: [SpamCop-List] Re: LARTED? In-Reply-To: <41B69F4B.3DCA@xyzzy.claranet.de> References: <41B69F4B.3DCA@xyzzy.claranet.de> Message-ID: Frank Ellermann wrote: > Cat wrote: > > >>A search of the word LART comes up with plenty of links >>explaining what it is. Anyone with two brain cells to rub >>together should be smart enough to drop the ed and look it >>up in present tense form. > > > Google used to do this for you, but maybe I confuse it with > singular vs. plural. OTOH if I type in "larted" the _second_ > hit is a page with the title "what is LARTed". > > "define:larted" fails, but "define:lart" works, that should be > good enough for simple acronyms. Some ways to access the jargon > file: http://dict.org > > gopher://dict.org:2628/?DEFINE%20*%20LART > > The latter won't work on a "secure" IE, because M$ decided that > the fastest way to "fix" this feature was to remove it, but it > is possible to reenable it in the registry. Figures that IE would screw that up. I had been using Netscape for a long time but finally switched over to Firefox within the past few weeks. I haven't tried the "define:" string with it though. I just typed "lart" and came up with a bunch of sites. > There are of course newer versions of the jargon file than the > 2001 dict.org copy, faqs.org has a copy, and the newest is > apparently http://www.catb.org/~esr/jargon/ (it's hard to tell > which jargon file is "the" jargon file). > > http://www.catb.org/~esr/jargon/html/L/LART.html > http://www.catb.org/~esr/jargon/html/X/xyzzy.html Heh, I think I have the jargon file link around somewhere. The sites you posted along with acronymfinder.com are all good sites. I don't know why some people get so upset over being shown a new web site for information. From mfkmek820 at yahoo.com Tue Dec 7 23:14:19 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Wed Dec 8 03:15:04 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: "Mike Easter" wrote in message news:cp65km$pdf$1@news.spamcop.net... > Fred K wrote: > > If you click to report the spam to EL, then SC will unmunge or demunge > your report to them. > > -- > Mike Easter > kibitzer, not SC admin > Thanks Mike, I did not go to the preference for advanced users, since I consider myself still wet behind the ears as far as spam and it's intricacies is concerned. I guess the default is munged for a new account. 1. Now that I look at it, do you recommend the "mole" setting? I remember about some site in Italy that was talked about. It had an open list of spam reports and their email addresses. 2.Also the tracking numbers I had figured that before. Could that be root of the complaint I have heard from others that they think reporting spam begets more spam? Myself I use yahoo account to LART some ISP's and toy with 419 scammers. I do not get any spam there. Fred k From MikeE at ster.invalid Wed Dec 8 00:34:34 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 03:35:02 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: Fred K wrote: > I guess the default is munged for a new account. Yes, I think that. > 1. Now that I look at it, do you recommend the "mole" setting? No. Unless you feel uncomfortable about those who are notified getting the normally SC 'trivially' munged report -- whereas a trivially munged report munges the 'obvious' address of the recipient. Those who would be moles are uncomfortable with the fact that it is possible to encode the identity of the recipient into the spam in 'occult' or obscure or invisible ways, spaces between the letters, encrypted junk content. The only way a person can eliminate all possibility that the notified addressees can 'decrypt' the contents of the spam itself, which is included with the report, is to eliminate the notified addressees getting any report at all. That is the mole report. The 'problem' with the mole report is that currently it does not count for anything. Or, much of anything. Most importantly, unlike a 'regular' report, it doesn't count toward the SCbl. So, you might consider it to be a 'non-report' report. > I remember about some site in Italy that was talked about. It had an > open list of spam reports and their email addresses. Currently SC does not notify those dudes. > 2.Also the tracking numbers I had figured that before. Could that be > root of the complaint I have heard from others that they think > reporting spam begets more spam? I have my own theory or philosophy of how reporting spam can possibly beget more spam. My theory is that some small subset of people/reporters handle their spam 'badly' in the interest of making spamcop reports. If a person handles spam insecurely [opening spam insecurely, eg] then their bad spam handling causes them to get more spam than they would get if they handled their spam securely. Or didn't handle it at all. So, insecure spam handling in order to make SC reports will/can cause more spam than no spam handling, including insecure. > Myself I use yahoo account to LART some ISP's and toy with 419 > scammers. I do not get any spam there. For years I manually notified from a spammed addy with no mungeing without repercussions; I don't consider the type of notifying that I did to cause that spammed and unmunged reporting address trouble. 'Toying' with scammers and spammers is a sport some people play. I consider spamfighting a sport and an educational tool. There are many nuances to some sports, and some of the nuances are dangerous. -- Mike Easter kibitzer, not SC admin From Windrider6 at SpamCop.net Wed Dec 8 11:44:10 2004 From: Windrider6 at SpamCop.net (Bruce A. Johnson) Date: Wed Dec 8 06:45:05 2004 Subject: [SpamCop-List] Wanted: A new statistic Message-ID: I was thinking that it would be good to have a statistic giving the percentage of spam to the total e-mail delivered to SpamCop e-mail users. While it would be great to provide this statistic for each user, a conglomerated statistic of all users would be a good indicator of the average percentage of e-mail that is spam on the Internet. - Bruce A. Johnson in Hardisty, Alberta, Canada - Windrider6@SpamCop.net From firewoman at default.domain.not.available Wed Dec 8 08:54:18 2004 From: firewoman at default.domain.not.available (Firewoman) Date: Wed Dec 8 08:55:03 2004 Subject: [SpamCop-List] Re: [article] Mild C&C References: Message-ID: "Merlyn" wrote in message news:cp4imj$l0n$1@news.spamcop.net... > Cat earns degree, spammers get busted. > > Rule #3 in action: > http://www.cbsnews.com/stories/2004/12/07/tech/main659418.shtml My cats would like to know, in addition to the MBA, do they offer degrees in vocational agriculture (for mousing and catnip purposes only!)? From bar_n0ne at hotmail.com Wed Dec 8 18:12:33 2004 From: bar_n0ne at hotmail.com (Berny) Date: Wed Dec 8 09:15:02 2004 Subject: [SpamCop-List] Re: [article] Mild C&C References: Message-ID: "Firewoman" wrote in message news:cp711u$8ug$1@news.spamcop.net... > "Merlyn" wrote in message > news:cp4imj$l0n$1@news.spamcop.net... > > Cat earns degree, spammers get busted. > > > > Rule #3 in action: > > http://www.cbsnews.com/stories/2004/12/07/tech/main659418.shtml > > My cats would like to know, in addition to the MBA, do they offer degrees in > vocational agriculture (for mousing and catnip purposes only!)? and when I read Merlins post, I thought it would be an article about Cat. From ube_never at YAHOO.COM Wed Dec 8 09:56:52 2004 From: ube_never at YAHOO.COM (R. Asby Dragon) Date: Wed Dec 8 12:55:04 2004 Subject: [SpamCop-List] Strangeness? SC "not resolving" working URLs heavily today. Message-ID: So far today: 4 out of 8 submiisions have come back as "Cannot Resolve" the spamvertised URL; but I can open them here. All of them are CN hosted sites. They *are* "slow to open"; looks like things aren't well on the routing. Is it possible that the spammers (or possibly the hosts) are blocking requests from known Spamcop IP addresses ? Or has somebody at SC set the "resolve" time too short to see these? If needed; can post the sites/tracking info and such later. -- -- I'm personally in favor of finding some way to make Robert A. Heinlein's corpse "President Forever" and making it mandatory that any public official memorizes "The Notebooks of Lazarus Long" . --R. Asby Dragon From mfkmek820 at yahoo.com Wed Dec 8 08:54:56 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Wed Dec 8 13:00:03 2004 Subject: [SpamCop-List] No access to reported spam Message-ID: As of 12:30pm 12/7/04, I cannot access my spam reports to send them. Both via links in the email and directly from the SC.net site. Fred k From MikeE at ster.invalid Wed Dec 8 10:07:14 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 13:10:04 2004 Subject: [SpamCop-List] Re: Strangeness? SC "not resolving" working URLs heavily today. References: Message-ID: R. Asby Dragon wrote: > So far today: > 4 out of 8 submiisions have come back as "Cannot Resolve" the > spamvertised URL; but I can open them here. All of them are CN > hosted sites. They *are* "slow to open"; looks like things aren't > well on the routing. > > Is it possible that the spammers (or possibly the hosts) are blocking > requests from known Spamcop IP addresses ? Or has somebody at SC set > the "resolve" time too short to see these? In the past, the most common condition of those which the poster can resolve and SC can't is that the nameservice is a bit of a mess; or rather, quite a bit of a mess. 'We' can only see how bad the nameservice is according to our own resolvers, other resolvers we might access elsewhere, and the resolving 'analysis' tools somewhere like dnsstuff. Weird and pokey nameservice /might/ also choose to block the nameservice to spamcop. The only way to talk about a specific site resolution condition is by posting it. -- Mike Easter kibitzer, not SC admin From nobody at spamcop.net Wed Dec 8 13:33:49 2004 From: nobody at spamcop.net (indigo) Date: Wed Dec 8 13:35:02 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: Dar wrote: > Perhaps it's time to take this over to social Hell no! or let it go? > Hell yes! From nobody at devnull.spamcop.net Wed Dec 8 12:47:52 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Wed Dec 8 13:50:03 2004 Subject: [SpamCop-List] Re: No access to reported spam References: Message-ID: "Fred K" wrote in message news:cp7f5s$hjo$1@news.spamcop.net... > As of 12:30pm 12/7/04, I cannot access my spam reports to send them. Both > via links in the email and directly from the SC.net site. A lot of ground covered there, but so few details. Does one assume that you can log into a www.spamcop.net page? Have you talked to you ISP to see if some new filtering went into effect yesterday? Does "past history" show anything out of the ordinary? Just a few things to look at ... From puoti at inwind.it Wed Dec 8 20:01:35 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Wed Dec 8 14:05:02 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: > Ok, I tried it. I get a bunch of x'd out images and a ton of load errors. I know about this, to fix it please save the page to your local hard drive and open it from your hard drive, and it will work again. I hope to soon find a better solution. In the mean time the spammer have started using my address as "From" in spams, so they obviously don't like me, unfortunately for them with my web mail client it took me less than 20 seconds to delete 200+ bounces, so if the spammers are reading my message is bring it on :-) Ivan. From MikeE at ster.invalid Wed Dec 8 12:05:59 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 15:10:04 2004 Subject: [SpamCop-List] Re: mailing list question References: Message-ID: This could/should be in spamcop or spamcop.help; I'm choosing spamcop. >From a 'housekeeping' point of view, your message is posted to the wrong newsgroup here, so I'm going to make my reply go to spamcop.spam and spamcop and f/ups to my post be in spamcop. M2 wrote: > I administer a small domain which includes a couple of mailing lists. > However I am not an expert and I need a little advice. Like many we > have been errantly reported in the past but it has always been > cleared up. Our list has been in operation as a part of a real time > social group for many years and is completely legitimate. Any mailing list runs certain dangers of being reported as spam. Some mailing lists are very poorly created and managed; while other reports are 'purely' the fault of the subscriber. > We received spamcop bounces on two subscribers recently against one > of our lists, while all other messages sent out by the list delivered > fine to other subscribers. Then this repeated on 7 more messages with > the identical result. Checking our IP against these bounces reveals > our list's IP is NOT on the spamcop block list. Whats up? The best way to talk about a particular bounce or reject is to examine the 'content' or parts of the bounce/reject, not to try to describe it. Spamcop doesn't bounce anything. Spamcop is a parsing reporting service, a spamsource blocklist maintainer, and a mail service which provides spam filtering and reporting services for its subscribers. Many mail providers provide spam filtering/blocking services for their clients, and a great many of them use various blocklists, including spamcop's to aid them. Most servers provide useful information in the delivery notification information. > The reason I am writing is because the two addresses which bounced via > spamcop belong to two subscribers who have a reputation for being > disruptive within our group. Perhaps this is coincidence but my > concern is that they are maliciously reporting our posts to spamcop > even though they are subscribers. Some spamcop reporters behave badly or errantly. They can get in trouble for that and/or be fined or banned. > Does the fact that only these two > subscribers received spamcop bounces while all others delivered, and > while we were not on the spamcop list, indicate the possibility that > they are engaging in malicious reporting to disrupt our list? Without having more details it would be impossible to guess; but my instinct would say 'no' -- but it is very easy to challenge or rebut an errant or mistaken report in which your mail is being reported as a spamsource. > How can > I determine if this is the case? No other messages have been > interrupted and no other subscribers' mail has generated these > bounces. > > One of the bounce messages appears below. I will post additional info > as necessary. > nitro57@classicnet.net > Delivery failed > 554 Service unavailable; Client host [68.95.78.35] blocked using > bl.spamcop.net; Blocked - see > http://www.spamcop.net/bl.shtml?68.95.78.35 That IP is currently not scbl listed - nor listed in other db/s. Only a deputy can dig up some old history. If a spam sourced at that IP were spamcop reported, the notify from SC would go to sbc-abuse@sbc.com - but if you are the administrator for epsi.net, you could register with abuse.net to be notified about epsi abuses, and you could request SC to also notify you for anything pertaining to that arin registered netblock whois -h whois.arin.net 68.95.78.35 ... SBC Internet Services 68.88.0.0 - 68.95.255.255 Comment: Contact abuse@swbell.net for policy abuse issues. EPSI.net 68.95.78.0 - 68.95.78.255 Comment: For Policy Abuse issues, contact: abuse@swbell.net whois -h whois.abuse.net epsi.net ... No abuse address is registered with abuse.net Complaints should go to abuse@ (the domain) with copies to postmaster@ (the domain) (Including a suggestion that they register with abuse.net, by emailing update@abuse.net might be a good idea too) > nitro57@classicnet.net > Delivery failed > 554 Service unavailable; Client host [68.95.78.35] blocked using > bl.spamcop.net; Blocked - see > http://www.spamcop.net/bl.shtml?68.95.78.35 That delivery failure notice may have been accurate and correct at the time; or occasionally someone uses a blocklist and sets it up wrong and the information is misleading. This information is almost a week old. It may have been listed at that time. If you were getting the notifies for spams from your server, you would be able to tell what's going on better. -- Mike Easter kibitzer, not SC admin From puoti at inwind.it Wed Dec 8 21:05:15 2004 From: puoti at inwind.it (Ivan Leo Puoti) Date: Wed Dec 8 15:10:13 2004 Subject: [SpamCop-List] Re: make love not spam In-Reply-To: References: Message-ID: Ivan Leo Puoti wrote: > > Ok, I tried it. I get a bunch of x'd out images and a ton of load > errors. > > I know about this, to fix it please save the page to your local hard > drive and open it from your hard drive, and it will work again. > I hope to soon find a better solution. The page is working correctly again, if you have problems write to me, my address is puoti@inwind.it Ivan. From tmcgraw at spamcop.net Wed Dec 8 13:03:31 2004 From: tmcgraw at spamcop.net (Tim McGraw) Date: Wed Dec 8 16:05:03 2004 Subject: [SpamCop-List] Re: mailing list question In-Reply-To: References: Message-ID: Mike Easter wrote: > > No discussion of mailing list administration is complete without two words: best practices. http://www.mail-abuse.com/an_listmgntgdlines.html I sometimes include that link in manual LARTS where I have been forge-subscribed by a non confirmed-opt-in system. From nobody at nowhere.invalid Thu Dec 9 00:16:13 2004 From: nobody at nowhere.invalid (Steven Maesslein) Date: Wed Dec 8 18:20:03 2004 Subject: [SpamCop-List] [C&C] Spammy mixes up diet pills and mortgages Message-ID: Those "fat" m0rtgage payments are unhealthy.... Lose a little weight from your "fat" m0rtgage payments. [url to spamvertised site] The 60 second refinance diet plan. -- Steve BOFH excuse #387: Your computer's union contract is set to expire at midnight From nobody at spamcop.net Wed Dec 8 19:57:42 2004 From: nobody at spamcop.net (PeterJ) Date: Wed Dec 8 20:00:03 2004 Subject: [SpamCop-List] PayPal mssg NOT spam Message-ID: Just curious on people's thoughts regarding valid PayPal emails...is it common for SpamCop reporters to accidentally report them because they are so rare? See full message source of a legitimate PayPal email (received today)posted in .spam with same subject as this post. The source is munged, Z = my full name and Y = my email address. This email was blocked by the SpamCop BL when my SpamCop email account received it for me, however my bayesian filtering (by POPFile) corrected the mistake and moved it to my inbox. One thing I have noticed about bayesian filtering, it is very good at determining the difference between phishes and valid emails. To the point of being uncanny. Is PayPal getting a bum rap because they rarely mail people and are clearly outnumbered by phishes or is something else going on? PeterJ From nobody at spamcop.net Wed Dec 8 19:17:43 2004 From: nobody at spamcop.net (Tom) Date: Wed Dec 8 20:20:13 2004 Subject: [SpamCop-List] Re: LARTED? References: Message-ID: On Mon, 06 Dec 2004 00:43:17 -0500, David 1 wrote: >> Which is why the sooner you can report spam to the time it was >> delievered, the better. >> >My avg. According to spam cop usually runs between 2 - 5 hours, is that >considered ok??? Not bad. If you can get it out with "0" hours, that's ideal, mostly because it means it might get blocked before the spam run has completed. Still two to five hours assures that the spam is really spam because the more that report a particular run, the better the chance is that the IP will be listed (if it isn't already in a listed block). Even then, by reporting an already listed IP, it stays listed. From MikeE at ster.invalid Wed Dec 8 17:18:17 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 20:20:57 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: PeterJ wrote: > Just curious on people's thoughts regarding valid PayPal emails...is > it common for SpamCop reporters to accidentally report them because > they are so rare? There are paypal phishes and there are paypal spams and their are wanted paypal mails or mailing list promotions > See full message source of a legitimate PayPal email (received > today)posted in .spam with same subject as this post. The source is > munged, Z = my full name and Y = my email address. A better way to show an item is to parse it, save the tracker, cancel the report and post the tracker here like this: www.spamcop.net/sc?id=z700639788zd9620738ea38430253ba7a141b661fb9z That particular tracker isn't as good as a tracker of the original 'unbent' item would've been -- where 'bent' refers to the undesirable EOL wrapping introduced by newsreader posting wraps. > This email was blocked by the SpamCop BL when my SpamCop email account > received it for me, however my bayesian filtering (by POPFile) > corrected the mistake and moved it to my inbox. One thing I have > noticed about bayesian filtering, it is very good at determining the > difference between phishes and valid emails. To the point of being > uncanny. The item was caught by SC because the IP is listed in the SCbl. That means that reporters have been reporting spams from that IP. That means either that they are mistaken, and they wanted PayPal to be sending them mail, or agreed to it, or that PP is sending people promotional mail they consider spam. That IP is also listed in a bl called spam cannibal, which I don't understand yet. > Is PayPal getting a bum rap because they rarely mail people and are > clearly outnumbered by phishes or is something else going on? Perhaps you are a subscriber to that PP 'newsletter' promotion - perhaps PP doesn't handle its newsletter mailing list optimally - perhaps other SC reporters are reporting their newsletters mistakenly - perhaps they aren't. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Wed Dec 8 17:24:01 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 20:25:03 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: Mike Easter wrote: > There are paypal phishes and there are paypal spams and their are > wanted paypal mails or mailing list promotions << I dunno. Get me a beer while you're up, OK? Tnx. >> -- Mike Easter's alterego and alteralterego From nobody at devnull.spamcop.net Wed Dec 8 19:26:58 2004 From: nobody at devnull.spamcop.net (Cat) Date: Wed Dec 8 20:30:03 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam In-Reply-To: References: Message-ID: PeterJ wrote: > Is PayPal getting a bum rap because they rarely mail people and are > clearly outnumbered by phishes or is something else going on? Something else is going on. I have a PayPal account with my e-mail notifications set so that the only communication I should receive from PayPal is e-mail regarding payment notifications. I specifically made sure that all other e-mail notifications were unchecked. Today, PayPal ignored my account preferences and sent their newsletter to me. PayPal is outright guilty of spamming people who never asked to receive their newsletters. From nobody at spamcop.net Wed Dec 8 20:42:02 2004 From: nobody at spamcop.net (Ellen) Date: Wed Dec 8 20:45:02 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: "PeterJ" wrote in message news:cp87u7$1r3$1@news.spamcop.net... > Just curious on people's thoughts regarding valid PayPal emails...is it > common for SpamCop reporters to accidentally report them because they > are so rare? > Well there are 19 reports from 19 people in the last week and a large number of those are from the last 24 hours with the same subject line dealing with paypal shops so I think this is more than a case of accidental. Ellen From mfkmek820 at yahoo.com Wed Dec 8 16:57:03 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Wed Dec 8 21:00:02 2004 Subject: [SpamCop-List] Re: No access to reported spam References: Message-ID: "WazoO" wrote in message news:cp7i8o$jk6$1@news.spamcop.net... > "Fred K" wrote in message > news:cp7f5s$hjo$1@news.spamcop.net... >> As of 12:30pm 12/7/04, I cannot access my spam reports to send them. Both >> via links in the email and directly from the SC.net site. > > A lot of ground covered there, but so few details. Does one > assume that you can log into a www.spamcop.net page? Have > you talked to you ISP to see if some new filtering went into > effect yesterday? Does "past history" show anything out > of the ordinary? Just a few things to look at ... Well, other web pages and my emails worked fine. I was talking about clicking on the link in the email, and the "Report now" on the SC webpage. Either way I got the old server not found. Other links on SC webpage worked as advertised. This went on for 30'. Then I had to go somewhere. Now it is ok as of 5PM EST. Fred k From nobody at spamcop.net Wed Dec 8 21:13:52 2004 From: nobody at spamcop.net (PeterJ) Date: Wed Dec 8 21:15:04 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam In-Reply-To: References: Message-ID: Thanks Ellen, Cat, and Mike, It appears the email I am referring to is definitely not a PayPal phish, but instead PayPal is not honoring user notification settings. I guess whether people report this email using SpamCop, by manual report, or "wait and see" is what will determine the immediate outcome (with regards to the SpamCop BL.) Thanks for the info. I definitely do not remember ever having an issue with PayPal sending me email inappropriately in the past...definitely not going to help their reputation much. Off to check my PayPal "notification" settings. PeterJ From nobody at spamcop.net Wed Dec 8 21:27:07 2004 From: nobody at spamcop.net (PeterJ) Date: Wed Dec 8 21:30:02 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam In-Reply-To: References: Message-ID: > Off to check my PayPal "notification" settings. > Well, turns out that my "notification" settings were as Cat described, set to only email me when a payment is made/received and such. I did notice this at the bottom of PayPal's notification page: *PayPal reserves the right to contact our users regarding important product or policy announcements. I think it is a stretch to qualify PayPal's recent ", See the Great Deals at PayPal Shops" emails in this category. It is not a policy announcement, but perhaps could be very weakly argued a "product announcement." My guess is they will continue to get reported and I PayPal should seriously consider elaborating on the caveat above. PeterJ From nobody at spamcop.net Wed Dec 8 21:44:40 2004 From: nobody at spamcop.net (PeterJ) Date: Wed Dec 8 21:45:03 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam In-Reply-To: References: Message-ID: Ok, last response to myself. I guess I find this intriguing and I am beginning to wonder if PayPal my have a leg to stand on given that clause in my previous post where they reserve the right to contact you regarding changes to the product and policies. Below is a relevant snipped section from PayPal's privacy info (found here >> http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside ** Our Contacts with PayPal Customers We communicate with users on a regular basis via e-mail to provide requested services, and we also communicate by phone to resolve customer complaints or investigate suspicious transactions. We use your e-mail address to confirm your opening of a PayPal account, to send you notice of payments that you send or receive through PayPal (including referral payments described below), to send information about important changes to our products and services, and to send notices and other disclosures required by law. Generally, users cannot opt out of these communications, but they will be primarily informational in nature rather than promotional. We also use your e-mail address to send you other types of communications that you can control, including the PayPal Periodical newsletter, auction tips, customer surveys and notice of special third-party promotions. You can choose whether to receive some, all or none of these communications when you complete the registration process, or at any time thereafter, by logging in to your account on the PayPal Web site and changing your preferences in the Profile page of the My Account tab. You can also change your choices at any time through the same procedure. In connection with independent audits of our financial statements and operations, the auditors may seek to contact a sample of our customers to confirm that our records are accurate. However, these auditors cannot use personally identifiable information for any secondary purposes. ** It is the last sentence of the first paragraph that makes me wonder... PeterJ From MikeE at ster.invalid Wed Dec 8 19:24:01 2004 From: MikeE at ster.invalid (Mike Easter) Date: Wed Dec 8 22:25:08 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: PeterJ wrote: > *PayPal reserves the right to contact our users regarding important > product or policy announcements. > > I think it is a stretch to qualify PayPal's recent ", > See the Great Deals at PayPal Shops" emails in this category. It behooves PP to not screwup -- to just send the appropriate notifications when appropriate and to only send their promotional newsletters to those who want them. Not only does it besmirch the reputation of PP which is trying to be a 'merchant' and have some 'brandname' integrity to be spammish; but it also gets their IP onto blocklists and interferes with the effectiveness of the distribution for not only those who want the newsletters, but also some other PP communications which might be desired by the people who are blockling the spamming IP. So, unlike the 'typical' spammer who has all kinds of strategies to distribute their spam and avoid blocklists, if a 'legitimate' business gets its email distribution lists screwed up, it has very bad consequences for them. One good thing about the SCbl is that it is so dynamic -- if the spamming or rather spam reporting - stops, then the SCbl listing goes away automatically. One disadvantage of being listed is that the listing itself has a tendency to perpetuate or prolong, people who find an item spamtagged are more likely to report it than if it had not been so tagged. So being listed begets being listed by spamcop mailusers and some similars. -- Mike Easter kibitzer, not SC admin From nobody at spamcop.net Thu Dec 9 07:52:02 2004 From: nobody at spamcop.net (nospam) Date: Wed Dec 8 22:55:02 2004 Subject: [SpamCop-List] Re: Strangeness? SC "not resolving" working URLs heavily today. References: Message-ID: in article cp7fs5$i4c$1@news.spamcop.net, Mike Easter at MikeE@ster.invalid wrote on 12/8/04 10:07 PM: > R. Asby Dragon wrote: >> So far today: >> 4 out of 8 submiisions have come back as "Cannot Resolve" the >> spamvertised URL; but I can open them here. All of them are CN >> hosted sites. They *are* "slow to open"; looks like things aren't >> well on the routing. >> >> Is it possible that the spammers (or possibly the hosts) are blocking >> requests from known Spamcop IP addresses ? Or has somebody at SC set >> the "resolve" time too short to see these? > > In the past, the most common condition of those which the poster can > resolve and SC can't is that the nameservice is a bit of a mess; or > rather, quite a bit of a mess. > > 'We' can only see how bad the nameservice is according to our own > resolvers, other resolvers we might access elsewhere, and the resolving > 'analysis' tools somewhere like dnsstuff. > > Weird and pokey nameservice /might/ also choose to block the nameservice > to spamcop. > > The only way to talk about a specific site resolution condition is by > posting it. I've been having the same problem, but it seems to be a kind of pokiness, If I "View original Mail" and then return to the parser they usually resolve on the second, and sometimes 3d try. Makes reporting spamvertized sites a pain though. Interestingly the frequency of this occurrence has jumped since that Lycos screensaver hit the news, so I keep wondering if it's the cause or coincidence. I have to admit, If it were that I'd like my spamvertized sites to show up on the recent sites page. :). After all ist not as if the haha - net cnc-noc, crc or chinanet are doing anything with their spamsites, other than helping their clients cycle through names to avoid milters. From ube_never at YAHOO.COM Wed Dec 8 22:24:55 2004 From: ube_never at YAHOO.COM (R. Asby Dragon) Date: Thu Dec 9 01:20:03 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: "PeterJ" wrote in message news:cp8cd0$589$1@news.spamcop.net... > Thanks Ellen, Cat, and Mike, > > It appears the email I am referring to is definitely not a PayPal phish, > but instead PayPal is not honoring user notification settings. I guess > whether people report this email using SpamCop, by manual report, or > "wait and see" is what will determine the immediate outcome (with > regards to the SpamCop BL.) Thanks for the info. I definitely do not > remember ever having an issue with PayPal sending me email > inappropriately in the past...definitely not going to help their > reputation much. Off to check my PayPal "notification" settings. Think "Ebay'ed" ; same company now. From nobody at devnull.spamcop.net Thu Dec 9 01:52:35 2004 From: nobody at devnull.spamcop.net (Cat) Date: Thu Dec 9 02:55:12 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam In-Reply-To: References: Message-ID: PeterJ wrote: > Well, turns out that my "notification" settings were as Cat described, > set to only email me when a payment is made/received and such. I did > notice this at the bottom of PayPal's notification page: I wonder why they decided to start ignoring account preferences. That was definitely very unprofessional on their part. > I think it is a stretch to qualify PayPal's recent ", > See the Great Deals at PayPal Shops" emails in this category. It is not > a policy announcement, but perhaps could be very weakly argued a > "product announcement." My guess is they will continue to get reported > and I PayPal should seriously consider elaborating on the caveat above. I sent a manual complaint to PayPal's upstream, which came up as glbx.net (Global Crossing) when I ran it through SpamCop. I wasn't sure whether it would be considered acceptable to send a SpamCop complaint on this one since I am a PayPal user but didn't subscribe to their newsletter, so that's why I canceled the report and sent a manual complaint. I also complained to PayPal about this through their contact page and asked why they ignored my preferences. From little at pussy.com Thu Dec 9 01:12:15 2004 From: little at pussy.com (Tha King) Date: Thu Dec 9 04:10:08 2004 Subject: [SpamCop-List] access Message-ID: http://secure.ibill.com/cgi-win/ccard/rscookie.exe?RevShareID=glantern&returnto=http://www.wow-videos.com From little at pussy.com Thu Dec 9 01:13:52 2004 From: little at pussy.com (Tha King) Date: Thu Dec 9 04:10:17 2004 Subject: [SpamCop-List] s'more Message-ID: http://signups.triplexcash.com/hit.php?w=105565&s=25&p=2 From no_spam at no.spam.com Thu Dec 9 10:38:20 2004 From: no_spam at no.spam.com (mdes) Date: Thu Dec 9 04:40:09 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: WazoO wrote: > "mdes" wrote in message > news:cp533e$2c0$1@news.spamcop.net... >> >> I sent 3 reports (6-dec 8:56, 7-dec 9:23 and 7-dec 20:43), and I >> received > no mail from SpamCop for reporting :( >> The last received report followed my mail on 5-dec 16:26. >> >> I know there are problems with the SpamCop server, but for 1.5 day ! > > And have you done any troubleshooting? Logging in on a > www.spamcop.net page for instance? Are there reports > waiting there to "Report Now" ... is there an indication > that e-mail to your registered e-mail account has been > bouncing ... have you checked the FAQ over in the > web-based Forum area that has a few entries dealing > with missed/lost/delayed e-mail ... did your ISP start > a new filtering process .... on and on ... You should better have replied: "See FAQ at http://forum.spamcop.net/forums/index.php?showtopic=1848" From no_spam at no.spam.com Thu Dec 9 11:03:06 2004 From: no_spam at no.spam.com (mdes) Date: Thu Dec 9 05:05:45 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: mdes wrote: > WazoO wrote: >> "mdes" wrote in message >> news:cp533e$2c0$1@news.spamcop.net... >>> >>> I sent 3 reports (6-dec 8:56, 7-dec 9:23 and 7-dec 20:43), and I >>> received >> no mail from SpamCop for reporting :( >>> The last received report followed my mail on 5-dec 16:26. >>> >>> I know there are problems with the SpamCop server, but for 1.5 day ! >> >> And have you done any troubleshooting? Logging in on a >> www.spamcop.net page for instance? Are there reports >> waiting there to "Report Now" ... is there an indication >> that e-mail to your registered e-mail account has been >> bouncing ... have you checked the FAQ over in the >> web-based Forum area that has a few entries dealing >> with missed/lost/delayed e-mail ... did your ISP start >> a new filtering process .... on and on ... > > You should better have replied: "See FAQ at > http://forum.spamcop.net/forums/index.php?showtopic=1848" But, in my preferences, there is no button to reset the bounce flag :( http://forum.spamcop.net/forums/index.php?showtopic=1848 says: | 3. If your login is successful, then (also noted in the above FAQ) | the issue may simply be that for some reason, your e-mail address | has been flagged as having bounced. Once flagged, SpamCop will | not waste any more time trying to send anything to that address. | Look through your settings here, looking for the option to reset this | flag by cicking on the _button_. From nobody at spamcop.net Thu Dec 9 06:30:44 2004 From: nobody at spamcop.net (Miss Betsy) Date: Thu Dec 9 06:30:03 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: "PeterJ" wrote in message news:cp8d5s$5nb$1@news.spamcop.net... > > > Off to check my PayPal "notification" settings. > > > > Well, turns out that my "notification" settings were as Cat described, > set to only email me when a payment is made/received and such. I did > notice this at the bottom of PayPal's notification page: > > > *PayPal reserves the right to contact our users regarding important > product or policy announcements. > > > I think it is a stretch to qualify PayPal's recent ", > See the Great Deals at PayPal Shops" emails in this category. It is not > a policy announcement, but perhaps could be very weakly argued a > "product announcement." My guess is they will continue to get reported > and I PayPal should seriously consider elaborating on the caveat above. I had to use Paypal to buy something on line. It very definitely said I didn't have to have a paypal account in order to use my credit card. I don't need paypal and did not set up an account. And I got the email. So I can't even check my preferences because I don't have an account. Miss Betsy From hwolfe at spamcop.net Thu Dec 9 05:49:13 2004 From: hwolfe at spamcop.net (Herb Wolfe) Date: Thu Dec 9 06:50:03 2004 Subject: [SpamCop-List] Re: false positives/negatives In-Reply-To: References: Message-ID: Herb Wolfe wrote: > Lately, the last few weeks or so, it seems a lot of messages have been > marked wrong by spamcop. I've had a couple of messages slip through, and > then sometimes a dozen or more similar, if not identical messages, that > are marked spam. I have also had a few marked spam, that I don't know > why they are, that accidentally get reported before I can whitelist > them. I get hundreds of pieces of mail daily, and it isn't possible to > look at each and every one. Can someone offer an explanation or advice? > > ~herb It looks like my only option is to change raise the Spamassassin filter level, letting more junk come through, to avoid legit email getting marked as spam. It would be nice if there was an option to whitelist a sender that did get through the filter, so that they don't get marked as spam in a later message, which has been my problem lately. From nobody at xyzzy.claranet.de Thu Dec 9 15:00:27 2004 From: nobody at xyzzy.claranet.de (Frank Ellermann) Date: Thu Dec 9 09:05:12 2004 Subject: [SpamCop-List] Re: What is munged in this report? References: Message-ID: <41B85A7B.21F8@xyzzy.claranet.de> Fred K wrote: > I did not go to the preference for advanced users, since I > consider myself still wet behind the ears as far as spam and > it's intricacies is concerned. The "advanced" stuff is rather harmless, see Mike's answer. You could select "always unmunged". If you have JavaScript enabled in your browser (and _that_ is dangerous), then you don't need this option, you can decide it on a case by case base. I simply use the default ("munged") and only switch to "unmunged" in cases like the German Nazi spam (earthlink is the hoster of many Nazi sites) when I'm very annoyed. You could select "3rd party reports default off". I really considered it, the private eye digging through my spam is a royal PITA, but OTOH I'm a "free" reporter, and Julian needs cash for his service. Therefore I kept the "default on". Finally there's the "screen name", which is in fact the name used in your spam reports. Anonymous cowards can do whatever they like, I used my name. So far no spammers tried to kill me, but YMMV. SpamCop reports are not directly about getting less spam. They help others to fight spam (white hats evaluating SC reports, or mailers using the SC black list, or SURBL listing spamvertized URLs, or SpamAssassin using SCBL and SURBL, etc.) Mike's description of a sport was nice, maybe a fox hunt, and we're the bloodhounds. Bye, Frank From spamcopdeputy at cox.net Thu Dec 9 08:31:40 2004 From: spamcopdeputy at cox.net (Andy P. Jung) Date: Thu Dec 9 09:35:03 2004 Subject: [SpamCop-List] Viagra Cialis Spam Message-ID: Would forwarding Viagra spam to Pfizer get them to go after those bastards for trademark infringement? The same applies to Cialis. How about Microsoft on pirated software Spam? -- Andy P. Jung Metairie, Louisiana U.S.A. (Home of Senator Elect David Vitter) http://www.JungWorld.com/ To reply via e-mail, please visit my web site. From MikeE at ster.invalid Thu Dec 9 07:17:43 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 9 10:20:02 2004 Subject: [SpamCop-List] Re: PayPal mssg NOT spam References: Message-ID: Miss Betsy wrote: > I had to use Paypal to buy something on line. It very definitely > said I didn't have to have a paypal account in order to use my > credit card. I don't need paypal and did not set up an account. > And I got the email. So I can't even check my preferences because > I don't have an account. PayPal may be adopting the 'congressional' attitude as voiced in 'you can spam' act, that if the spam is can spam compliant then it is legal and they should be doing it. The latest salvo in the legal mainsleaze spam experience. I guess you should unsubscribe ;-) ... that's what your congresscritters and their pals at the DMA think. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Thu Dec 9 07:30:53 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 9 10:35:02 2004 Subject: [SpamCop-List] Re: false positives/negatives References: Message-ID: Herb Wolfe wrote: > It would be nice if there was an option to whitelist a sender that did > get through the filter, so that they don't get marked as spam in a > later message, which has been my problem lately. Disclaimer: I've never seen the inside of spamcop mail, I just know what I read on the 'outside' around here and the forum information There is an option to whitelist a sender; and a whitelisted sender rule 'should' be configured to disregard any rules after that, and there's also the issue of the order of the rules. Here's a forum entry for Q: None of my personal filters are working. http://forum.spamcop.net/forums/index.php?showtopic=2321 -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Thu Dec 9 09:52:16 2004 From: nobody at devnull.spamcop.net (WazoO) Date: Thu Dec 9 10:55:02 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: "mdes" wrote in message news:cp97uq$kuu$1@news.spamcop.net... > > > > You should better have replied: "See FAQ at > > http://forum.spamcop.net/forums/index.php?showtopic=1848" Noting that this one item was just one of the "look at this" list I started with. But glad I included one that held the key. > But, in my preferences, there is no button to reset the bounce flag :( > > http://forum.spamcop.net/forums/index.php?showtopic=1848 says: > | 3. If your login is successful, then (also noted in the above FAQ) > | the issue may simply be that for some reason, your e-mail address > | has been flagged as having bounced. Once flagged, SpamCop will > | not waste any more time trying to send anything to that address. > | Look through your settings here, looking for the option to reset this > | flag by cicking on the _button_. Can't really help you there, as I don't use the e-mail thing. However, noting that at the bottom of that FAQ entry, it says; [Edited by Wazoo 2004/06/19 to include Navigatr1's experience with the bounce flag.] There's been a lot of changes to the web-page layout since then. If you find the "right thing" to flip the flag, I'll be glad to update that FAQ entry with a better / current description. From kchuplis at nospamalltel.net Thu Dec 9 10:27:21 2004 From: kchuplis at nospamalltel.net (Karen) Date: Thu Dec 9 11:25:02 2004 Subject: [SpamCop-List] Why am I being blocked!!!!!!!! Message-ID: I have one list I have been on and also a University I TEACH FOR and today I am getting my mail back as undeliverable due to SPAM COP. This is making me EXCEPTIONALLY CROSS. I have contacted their admins, but I am really, really, angry over this. I have done NOTHING and yet SPAM COP is causing a LOT of disruption in my life and yet, I CANNOT FIND A WAY TO CONTACT SPAMCOP besides this forum and THAT is making me MORE angry. Please, someone from your admin REPLY. Extremely disgruntled Karen Chuplis From dfm2a3l0t2 at spymac.com Thu Dec 9 11:37:21 2004 From: dfm2a3l0t2 at spymac.com (D.F. Manno) Date: Thu Dec 9 11:40:03 2004 Subject: [SpamCop-List] Re: Viagra Cialis Spam References: Message-ID: In article , "Andy P. Jung" wrote: > Would forwarding Viagra spam to Pfizer get them to go after those bastards > for trademark infringement? The same applies to Cialis. How about Microsoft > on pirated software Spam? I don't know about the drug companies, but Micro$oft wants the software spam. If you're in the U.S., forward it to: piracy@microsoft.com -- D.F. Manno dfm2a3l0t2@spymac.com "The work goes on, the cause endures, the hope still lives and the dream will never die." From somewhat at odds.tld Thu Dec 9 16:40:19 2004 From: somewhat at odds.tld (Derek T) Date: Thu Dec 9 11:45:02 2004 Subject: [SpamCop-List] Re: Why am I being blocked!!!!!!!! In-Reply-To: References: Message-ID: Karen wrote: > I have one list I have been on and also a University I TEACH FOR and today I > am getting my mail back as undeliverable due to SPAM COP. This is making me > EXCEPTIONALLY CROSS. I have contacted their admins, but I am really, really, > angry over this. I have done NOTHING and yet SPAM COP is causing a LOT of > disruption in my life and yet, I CANNOT FIND A WAY TO CONTACT SPAMCOP > besides this forum and THAT is making me MORE angry. Please, someone from > your admin REPLY. > > Extremely disgruntled > Karen Chuplis > > please post the IP of the server you allege is 'blocked' then we might be of some help. o/w please post the whole text of the rejection message. You will find help aplenty here: http://forum.spamcop.net/forums/index.php?showforum=3 From mfkmek820 at yahoo.com Thu Dec 9 07:57:18 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Thu Dec 9 12:10:04 2004 Subject: [SpamCop-List] Re: s'more References: Message-ID: "Tha King" wrote in message news:cp94n3$inm$1@news.spamcop.net... > http://signups.triplexcash.com/hit.php?w=105565&s=25&p=2 > Are we being spammed? I think so Fred k From no_spam at no.spam.com Thu Dec 9 18:04:38 2004 From: no_spam at no.spam.com (mdes) Date: Thu Dec 9 12:10:13 2004 Subject: [SpamCop-List] Re: SpamCop Painfully Slow 2 References: Message-ID: WazoO wrote: > "mdes" wrote in message > news:cp97uq$kuu$1@news.spamcop.net... >>> >>> You should better have replied: "See FAQ at >>> http://forum.spamcop.net/forums/index.php?showtopic=1848" > > Noting that this one item was just one of the "look at this" list > I started with. But glad I included one that held the key. > >> But, in my preferences, there is no button to reset the bounce flag >> :( >> >> http://forum.spamcop.net/forums/index.php?showtopic=1848 says: >>> 3. If your login is successful, then (also noted in the above FAQ) >>> the issue may simply be that for some reason, your e-mail address >>> has been flagged as having bounced. Once flagged, SpamCop will >>> not waste any more time trying to send anything to that address. >>> Look through your settings here, looking for the option to reset >>> this flag by cicking on the _button_. > > Can't really help you there, as I don't use the e-mail thing. > However, noting that at the bottom of that FAQ entry, it says; > [Edited by Wazoo 2004/06/19 to include Navigatr1's experience with the > bounce flag.] > > There's been a lot of changes to the web-page layout since > then. If you find the "right thing" to flip the flag, I'll be > glad to update that FAQ entry with a better / current > description. --- >If you find the "right thing" Does anybody has an idea to find it in http://www.spamcop.net/mcgi?action=showadvanced ? Not me :( From mfkmek820 at yahoo.com Thu Dec 9 08:12:55 2004 From: mfkmek820 at yahoo.com (Fred K) Date: Thu Dec 9 12:15:03 2004 Subject: [SpamCop-List] Minor SC change Message-ID: At some convenient time I request consideration for a minor change. When I paste an address in the window for SC to resolve, often it comes back with more than one address. If I copy, lets say 2 addys that were given, and paste into the user report window, only the first one shows up in the window. I believe that is caused by the CR/LF between the addys. Why not put multiple addys in one line with a comma seperator. This would then allow pasting of up to the four addys into the user report window without having to do a workaround. Fred k From kchuplis at nospamalltel.net Thu Dec 9 11:47:32 2004 From: kchuplis at nospamalltel.net (Karen) Date: Thu Dec 9 12:45:02 2004 Subject: [SpamCop-List] Re: Why am I being blocked!!!!!!!! References: Message-ID: "Derek T" wrote in message news:cp9v58$26r$1@news.spamcop.net... > Karen wrote: > > I have one list I have been on and also a University I TEACH FOR and today I > > am getting my mail back as undeliverable due to SPAM COP. This is making me > > EXCEPTIONALLY CROSS. I have contacted their admins, but I am really, really, > > angry over this. I have done NOTHING and yet SPAM COP is causing a LOT of > > disruption in my life and yet, I CANNOT FIND A WAY TO CONTACT SPAMCOP > > besides this forum and THAT is making me MORE angry. Please, someone from > > your admin REPLY. > > > > Extremely disgruntled > > Karen Chuplis > > > > > please post the IP of the server you allege is 'blocked' then we might > be of some help. o/w please post the whole text of the rejection message. > > You will find help aplenty here: > > http://forum.spamcop.net/forums/index.php?showforum=3 Here are the ones I got back today: This is the Postfix program at host duck.inebraska.com. I'm sorry to have to inform you that your message could not be be delivered to one or more recipients. It's attached below. For further assistance, please send mail to If you do so, please include this problem report. You can delete your own text from the attached returned message. The Postfix program : host a.mx.saintleo.edu[199.44.215.33] said: 591 your host [199.184.119.13] is blacklisted by bl.spamcop.net - contact your IT or ISP - copy to blacklist@saintleo.edu. (in reply to RCPT TO command) And This is the Postfix program at host duck.inebraska.com. I'm sorry to have to inform you that your message could not be be delivered to one or more recipients. It's attached below. For further assistance, please send mail to If you do so, please include this problem report. You can delete your own text from the attached returned message. The Postfix program : host a.mx.saintleo.edu[199.44.215.33] said: 591 your host [199.184.119.13] is blacklisted by bl.spamcop.net - contact your IT or ISP - copy to blacklist@saintleo.edu. (in reply to RCPT TO command) : host a.mx.saintleo.edu[199.44.215.33] said: 591 your host [199.184.119.13] is blacklisted by bl.spamcop.net - contact your IT or ISP - copy to blacklist@saintleo.edu. (in reply to RCPT TO And This is the Postfix program at host duck.inebraska.com. I'm sorry to have to inform you that your message could not be be delivered to one or more recipients. It's attached below. For further assistance, please send mail to If you do so, please include this problem report. You can delete your own text from the attached returned message. The Postfix program : host imagicomm.com[128.121.220.147] said: 553 5.3.0 Rejected - see http://spamcop.net/bl.shtml? 199.184.119.13 (in reply to MAIL FROM command) From MikeE at ster.invalid Thu Dec 9 09:53:38 2004 From: MikeE at ster.invalid (Mike Easter) Date: Thu Dec 9 12:55:02 2004 Subject: [SpamCop-List] Re: Why am I being blocked!!!!!!!! References: Message-ID: 199.184.119.13 rDNS duck.inebraska.com output server SCbl listed, no other listings. I predict out of office autoresponders hitting spamtraps. Let's see what Ellen sez. -- Mike Easter kibitzer, not SC admin From spamcop at bas.kookt.nl Thu Dec 9 18:55:47 2004 From: spamcop at bas.kookt.nl (basalk) Date: Thu Dec 9 13:00:02 2004 Subject: [SpamCop-List] Re: Viagra Cialis Spam References: Message-ID: "Andy P. Jung" schreef in bericht news:cp9nk5$t9v$1@news.spamcop.net... > Would forwarding Viagra spam to Pfizer get them to go after those bastards > for trademark infringement? I read in a webnews article somewhere that Pfitzer wants to sue Viagra spammers. They did not need the actual spam it said. Today I read that 60% of all email is spam (at least) so I guess most spammers have the email adress of Pfitzer and spam them too. Bas --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.805 / Virus Database: 547 - Release Date: 8-12-2004 From nobody at spamcop.net Thu Dec 9 13:01:48 2004 From: nobody at spamcop.net (Pop) Date: Thu Dec 9 13:05:03 2004 Subject: [SpamCop-List] Re: Minor SC change References: Message-ID: "Fred K" wrote in message news:cpa13d$3sa$1@news.spamcop.net... | At some convenient time I request consideration for a minor change. | When I paste an address in the window for SC to resolve, often it comes back | with more than one address. If I copy, lets say 2 addys that were given, and | paste into the user report window, only the first one shows up in the | window. I believe that is caused by the CR/LF between the addys. Why not put | multiple addys in one line with a comma seperator. This would then allow | pasting of up to the four addys into the user report window without having | to do a workaround. | | Fred k | | It looks like you're talking about OE6? If so, how are you doing the copy operation? I often copy that way when I manually LART and have no problem with it. Sometimes the cr/lf -looks- funny because the cr/lf's carry into the address window and it becomes a column of addresses instead of on one row/line, but they still work fine and are interpreted properly by the mail client when I click Send. Maybe you're not noticing they're in a column instead of in a row? Or have I misunderstood? Just my guess Pop From baloo at ursine.dyndns.org Thu Dec 9 10:06:27 2004 From: baloo at ursine.dyndns.org (Paul Johnson) Date: Thu Dec