FutureQuest, Inc. FutureQuest, Inc. FutureQuest, Inc.

FutureQuest, Inc.
Go Back   FutureQuest Community > General Site Owner Support (All may read/respond) > Email & Mailing List Management
Reload this Page Spamcop troubles and apology
User Name
Password  Lost PW

Reply
 
Thread Tools Search this Thread Display Modes
Old 01-16-2002, 09:03 PM   Postid: 60368
janderk
Visitor
 
janderk's Avatar

Forum Notability:
0 pts:
[Post Feedback]
 
Join Date: Dec 2000
Location: Amsterdam
Posts: 362
Spamcop troubles and apology
I just messed up big time.

Because I hate spammers as much most others, I use Spamcop to report them to the proper authorities. However, lately I received repeatedly a spam that Spamcop identified as coming from FutureQuest.

Thought about that for a 0.2 seconds and thought that it was probably a hacked FormMail script or something like that and reported the spammer.

Terra responded to me that the email was *not* originating from FutureQuest and that I should not report FutureQuest through Spamcop as it could get FutureQuest blacklisted. A nice person as I am I promised not to do that anymore and to send any emails indicating possible spam from futurequest directly to FutureQuest and not through spamcop.

Then I did the really really stupid thing : When processing spam late at night, without to much thinking, I did not notice that I send two more Spamcop complaints to FutureQuest.

I should not have done that. It took some serious begging and being nice to get on speaking terms with Terra again. And all I was doing was getting the community servers blacklisted... All joking aside, I want to publicly apologize for my utterly stupid non-thinking moronic actions.

To prevent this from happening again I decided not to use spamcop anymore at all. It's the delete button from know on.

My question is:
Does anyone know why spamcop comes up with the futurequest as spam source when parsing the spam? I do not get it. Here's the trace for one of the emails. It shows that it can no longer be reported because it is too old, but it indicated FutureQuest abuse address at the end before.

Second question:
Would it help to contact spamcop about them reporting innocent ISP's?

Jan Derk
janderk is offline   Reply With Quote
Old 01-16-2002, 09:45 PM   Postid: 60370
sheila
Site Owner
 
sheila's Avatar

Forum Notability:
0 pts: Even-handed
[Post Feedback]
 
Join Date: Aug 1999
Location: Metro Los Angeles Area
Posts: 7,398
I have to say, I just don't really understand why the FutureQuest servers come up for reporting, nor why this results in them being "blacklisted".

I no longer get FutureQuest listed as a reporting option. I also goofed (once) and reported one of the FQ servers through Spamcop (back in Dec. I think it was). This caused them to target FQ as a possible open relay and tag them for testing.

According to my email correspondence with Spamcop admins:
If the possible open relay server has never before been reported, it will be tested. If it comes up to NOT be an open relay, then after that it will not come up as a possible reporting address (possible open relay). In fact, FutureQuest is no longer appearing as a possible report anymore unless there is an email address or link embedded in the body of the spam message that contains one of my domains hosted at FutureQuest.

Also, according to the admins, there is no way to get off the Spamcop blackhole list, except to wait and quit the spamming. My understanding, is that a 2% or higher spam rate for an ISP (out of all mail for that ISP that goes through the Spamcop system) results in the ISP being added to the Spamcop blackhole list. After two weeks, if no more spam comes through from that ISP, then they are removed from the blackhole list.

Don't know if any of this helps?
__________________
sheila
http://www.thinkspot.net/sheilaruns/
sheila is offline   Reply With Quote
Old 01-17-2002, 03:24 AM   Postid: 60384
 Arthur
Developer
 
Arthur's Avatar
 
Join Date: Nov 2000
Location: The Netherlands
Posts: 2,212
Quote:
Does anyone know why spamcop comes up with the futurequest as spam source when parsing the spam?
From the Spamcop analysis it look likes it's caused by the fact that your domain and the server (Rasmus) have different IP addresses. Spammers often spoof the addresses or mess with the headers in other ways.
Take a look at the path the email travelled;
Received: from plain (61.153.9.29 [61.153.9.29]) by webpack.libmail.sdx.sh.cn
Received: from unknown (202.109.105.201) by digitaldutch.com (63.236.215.29)
Received: from rasmus.futurequest.net (63.151.112.3) by pt01.futurequest.net

plain -> webpack -> unknown -> digitaldutch -> ? -> rasmus -> pt01
The 'problem' is the question mark. The Spamcop script follows the path (starts at pt01, then rasmus and so on), but there's a gap it doesn't know how to handle.
The script thinks the email can't have come from digitaldutch, so says that's a fake, so that must be the culprit.

The best thing would be if FQ could have qmail report the virtual IP addy of the domain to pt01 instead of the IP of the server the domain's on.
Arthur is offline   Reply With Quote
Reply

« Previous Thread | New Threads | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 07:47 PM.

Forum Home - Guidelines - Mark all Forums Read - Archive - FutureQuest, Inc. - Privacy - Top

Running on vBulletin®
Copyright © 2000 - 2013, Jelsoft Enterprises Ltd.		 Hosted & Administrated by FutureQuest, Inc.
Images & content copyright © 1998-2013 FutureQuest, Inc.
FutureQuest, Inc.