![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Re: Phish mail usually not reported to real site
Mike Easter
MikeE at ster.invalid
Fri Mar 24 01:19:53 EST 2006
Bill wrote:
> I notice that when I pass phish mail that I've received through
> Spamcop, it typically does not end up reporting it to the owner
> of the website that is being spoofed.
A spamcop notify of the provider for URL in a spam is supposed to be
about that site being *spamvertised*. The entity being spoofed is *not*
supposed to be getting a apsmcop spamvertiser notify, and in fact the
spoofed entity would 'qualify' as an innocent bystander, vis a spamcop
notify whose purpose is to advise the provider that their client is
spamvertising.
The spoofed entity would be a 3rd party to notify.
> I personally think that
> ebay/Paypal mail should always been sent to spoof at ebay/paypal,
> etc.
Whether the spoofed entity is notified by a spamcop 3rd party notify or
by a manual notify is the discretion of the paid spamcop reporter. The
free reporter doesn't get to use 3rd party spamcop notifies.
> The only times it seems to get reported to the actual site
> is when there is a link to that site in the email.
And those spamcop notifies are *not * appropriate, since the spoofed
entity is not a spamvertiser.
> The user
> should have a way of telling Spamcop "this is phish mail" and
> selecting where it gets sent to, as well as the FBI or whoever
> investigates these things.
The paid spamcop reporter can add additional notifies. That is
described here:
http://www.spamcop.net/fom-serve/cache/126.html How should I select the
recipients for my spam report? -- Other email addresses (members only,
experts only) -- SpamCop will make no assertions about the
administrator's role, so you should include some of your own comments in
the "additional notes" space. Explain why you think they should review
the spam report. You can put up to four email addresses into this field
Notice the part about assertions about the role of the notified. A
normal SC notification is an official spamcop 'accusation' that the
object of the notification is that the URL client is a spamvertiser.
The spoofed entity is *not* a spamvertiser.
The spoofed entity's spoof address is an appropriate notify, for example
either manually by a free reporter or as a 3rd party by a spamcop
reporter, but not an appropriate spamcop report in the regular sense.
--
Mike Easter
kibitzer, not SC admin
More information about the SpamCop-Help
mailing list