![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Paypal/Ebay reporting error (deputies?)
David Butler
ob1db at spamcop.net
Sun Apr 17 15:45:34 EDT 2005
Yes, I am well aware Ebay owns Paypal.
This was for a Paypal Phishing spam. As I pointed out, Paypal has their own
reporting email addresses separate from Ebay. They were being reported
correctly until about a week ago...
David
"Spam Hater" <dkona7b02 at sneakemail.com> wrote in message
news:mailman.130.1113575541.4572.spamcop-help at news.spamcop.net...
> Ummmm, eBay *owns* PayPal!! The LART targets seem appropriate
> to me. What doesn't seem appropriate is the LART itself. What was the
> context in which the PayPal URL was included in the SPAM? Are you
> trying to notify PayPal about a phishing attempt or are you claiming that
> they are SPAMvertising their website??? I don't think SpamCop is the
> right tool for phishing LARTs... I send those separately and uncheck
> the URL reporting for them.
>
> At 10:07 AM 4/15/2005 -0400, David Butler typed:
>
> >After months of correctly parsing Paypal spam to it's own reporting email
> >addresses, the Spamcop engine is suddenly parsing it back to the Ebay
> >parent:
> >
> >Re: http://www.paypal.com/ (Administrator of network hosting website
> >referenced in spam)
> >To: spoof#ebay.com at devnull.spamcop.net (Notes)
> >To: spam at ebay.com (Notes)
> >To: postmaster at ebay.com (Notes)
> >
> >Note that SPOOF email, the phishing email address, no longer accepts
Spamcop
> >reports.
> >
> >Looking on Openrbl.org, I see the addresses formerly used by SC are still
> >the same:
> >
> >Abuse-Whois paypal.com: (paypal.com; paypal.com; paypal.com; paypal.com;
> >paypal.com)
> >[Cached]
> >[whois.abuse.net]
> >accessviolation at paypal.com (for paypal.com)
> >postmaster at paypal.com (for paypal.com)
> >spoof at paypal.com (for paypal.com)
> >SC is parsing this as :Parsing input: paypal.comhost paypal.com (checking
> >ip) = 216.113.188.64host 216.113.188.64 = www.paypal.com (cached)No
recent
> >reports, no history availableRouting details for
> >216.113.188.64[refresh/show] Cached whois for 216.113.188.64 :
> >network at ebay.comUsing abuse net on network at ebay.comabuse net ebay.com =
> >spam at ebay.com, postmaster at ebay.com, spoof at ebay.comUsing best contacts
> >spam at ebay.com postmaster at ebay.com spoof at ebay.comspoof@ebay.com refuses
> >SpamCop reportsUsing spoof#ebay.com at devnull.spamcop.net for statistical
> >tracking.But the openrbl.org analysis shows this still as Paypal:
Address:
> >216.113.188.64 resolved to paypal.com AS: [NO_ROUTE] Net 216/8
> >IANA-NETBLOCK-216 ?Given that Ebay is less responsive, shouldn't this
report
> >to Paypal ??
More information about the SpamCop-Help
mailing list