Post by AsterixI didn't say my software prohibits me - it's rather Spamcop's web
form. Eudora lets me forward the spam to a sumbission address without
inspection, but then I completely lose control of where the reports
go. Examining the X-lines is of limited or no interest for that
purpose.
I could use Eudora with SpamPal. SpamPal would identify and tag 'all'
of my spam and tag none of my goodmail. I could use Eudora to the
submit and submit all of my spams at one time I presume. The parser
reporter would provide me with links for each and every spam and then I
could go to the tracker link to oversee and report the spam which I
haven't opened yet.
Then, the parser reporter would show me the headers of the submitted
spam which headers contain my SpamPal's Xlines so that I can see why
each item was spam. Next, SC is going to tell me how it wants to
report. My experience has been that I can recognize an IB in the
deobfuscated links. If I am confused, I can look at the raw spambody
available at the parser.
I could do that, but I don't do it that way for various reasons.
Post by AsterixI'm more concerned about not reporting "innocent bystander'
- and/or joe-job - web links in the body.
If I were 'inspecting' a spam in the parser view entire spam and I were
confused about IB or j-j and couldn't handle the problem by looking at
the raw body, then I guess I could go to my mailuser agent and render
it, but I would rather not do that. I don't like for the spamitem to
get ahead on my 'scoresheet' -- which scores me higher if I never open
an item I think is a mail which is really a spam, or if I don't have to
open an item to determine it is a spam, or if I don't have to open an
item to report it properly.
For me personally, it is a scorecard. For the various kinds of masses
it is advice to not be opening their spam 'foolishly' or insecurely --
where insecurely means insecure in operating system, mailuser agent, or
browser rendering engine configuration and insecurely also means
insecure in mental condition or pledge commitment. Masses include
unwitting newbies as well as spamcop reporters, see below.
Post by AsterixAnd making sure that real spamvertized links get parsed.
How can I do *that* without opening and reading the spam?
I know that when I used to do it, I could do it. Currently I am not
reporting spamvertised links to providers. My 'personal' spam only
contains blackhat/unresponsive spamvertiser providers.
Post by AsterixOr just use the web form at all without opening the spam?
The webform at the tracker URL gives you total access to the complete
spam. If you can submit it to the submit address without opening it,
you can see the entire raw spam at the tracker.
Post by Asterix"How do I report spam without opening it - being sure it is really
spam I'm reporting?"
As above.
Post by AsterixAs far as I can tell you didn't. You just repeat *what* you don't
recommend - not *why*. As if spam inspection was some kind of black
magic that only you can master.
Most of what I try to 'advise' or teach about mail/spam handling is what
I recommend to the 'masses' which includes the majority of spamcop
reporters. Some advanced spamfighters do all kinds of things I don't
recommend to the mass of SC reporters, including going to the website
and exploring it.
Post by AsterixAnd you didn't tell Nigel that the site
http://www.thestocktongroup.com/ is alive and kicking (maybe it
wasn't yesterday)
Yesterday it didn't resolve, today it is 66.226.64.30 rDNS
pro29.abac.com
Abacus America
NetRange: 66.226.64.0 - 66.226.95.255
OrgAbuseEmail: ***@aplus.net
not currently blocklisted anywhere, including spews or spamhaus, so the
present IP doesn't have a history of unresponsiveness.
Currently SC resolves it quickly.
Post by AsterixI thought it might be on a "bulletproof" domain that block DNS queries
from SC. Sometimes I get the feeling that some spamvertized sites are
not online - or even in DNS - until a day or two *after* the spam is
sent. Quite an elabotate scheme to dodge reports.
--
Mike Easter
kibitzer, not SC admin