![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Re: SpamCop doesn't parse routing info correctly
Tristan Miller
psychonaut at nothingisreal.com
Fri Apr 14 17:10:45 EDT 2006
Greetings.
In article <e1o85j$a6r$1 at news.spamcop.net>, Mike Easter wrote:
>>> Using SC to determine the source of this kind of mail is appropriate,
>>> but you shouldn't be SC reporting these as spam -- I'm assuming that
>>> you are not.
>>
>> Why shouldn't I be?
>
> My thoughts were not that it wasn't unsolicited and unwanted, but more
> that the 'butt' of a SC report, the arizona.edu spamsource, might be
> 'misdirected' [sorta] and if listed could potentially cause 'collateral'
> damage. But, OTOH, maybe it isn't a library terminal at all. And, on
> another hand, maybe a spamcop report might cause some interest on
> arizona.edu's part.
I sent a manual report to abuse at arizona.edu a few days ago and got a
response back from an IT administrator. They've confirmed that the source
is a public access library terminal. This is in line with what the
spammer himself admits -- he makes no attempt to disguise his identity,
freely giving out his name, birthdate, photograph, and often mentions that
he's sending his mails from a public library terminal. As I said, we're
pretty sure he's mentally ill. His e-mails consist of nothing but
incoherent rants that go on for pages and pages about the World Socialist
Party of the United States, of which his late father was a member. This
apparently explains his choice of spam recipients -- I recognize some of
the e-mail addresses as belonging to members and departments of the WSPUS
and affiliated parties overseas.
> In reality, the entity which should be taking action is yahoo against
> its webmailer account moreevilbaddeals at yahoo.com so if I were manually
> reporting, I would be 'talking' to yahoo.
I've been manually reporting to Yahoo! for months and they never take any
action. At worst the reports are ignored, and at best I get an automated
response.
>>> Correct. SC correctly parses yours at nothingisreal; SC incorrectly
>>> parses the worldsocialism because there is a noncompliant MTA
>>> mailserver in the chain..
>>
>> OK, perhaps I should report this to BT Connect, then.
>
> I'm still trying to figure out why that btconnect is in there. I'm now
> thinking it is part of the apparatus for yahoo. Server admins are often
> 'reluctant' to improve on their configuration -- because it isn't really
> bothering /them/ - it just doesn't parse right. If your employer
> recipient were reporting spams which named the btconnect server, they
> might get SCbl listed and interested.
My employer is receiving the spam at spgb at worldsocialism.org. The spammer
is sending to socialistparty at btconnect.com, an obsolete address which
forwards to spgb at worldsocialism.org.
I've since set up mailhosts for my employer's SpamCop account. The
automatic configuration wouldn't work for socialistparty at btconnect.com,
but the administrators waived it. SpamCop now correctly identifies the
University of Arizona IP for the spam.
Regards,
Tristan
--
_
_V.-o Tristan Miller [en,(fr,de,ia)] >< Space is limited
/ |`-' -=-=-=-=-=-=-=-=-=-=-=-=-=-=-= <> In a haiku, so it's hard
(7_\\ http://www.nothingisreal.com/ >< To finish what you
More information about the SpamCop-Help
mailing list