Slashdot Mirror

← Back to Stories (view on slashdot.org)

Automate Spamcop Submissions

Posted by ryuzaki0 on from the spam-is-bad-mmkay dept.

hausmasta writes "Spamcop is pretty much dependent on user input. If no one submits and verifies spam, then they will have no blacklist. However that whole submission and verification process is a bit annoying. Why should I bother to actually submit spam to Spamcop and have it verified? If I just delete it, that will take less time.. This tutorial shows how to automate the Spam Cop submission and verification process. All I do is just put the spam into certain folders and our good old friend cron does the rest."

12 of 183 comments (clear)

  1. NO NO NO by Anonymous Coward · · Score: 5, Interesting

    Apparently you've missed the point of SpamCop. YOU are still supposed to VERIFY that EVERYTHING you submit is ACTUALLY SPAM. False reports hurt SpamCop and all SpamCop users.

    If you want to cut down on Spam, then tighten you filters and reject it at SMTP level. Then anything that still makes it through, submit it to SpamCop. Automating your initial submission is okay, but DO NOT AUTOMATE THE VERIFICATION PROCESS.

  2. A frog-like idea by gsasha · · Score: 2, Interesting

    Well, submitting the mails may be interesting, but here's a (probably) even better idea.

    1. Maintain a repository of scripts for offending webshops (can be based on SF, or distributed by P2P). Each of the scripts goes to post a complaint in BlueFrog-like manner.
    2. Write an extension to Thunderbird (and maybe to others as well) that, when I click a "Junk" on a mail, goes and fires the corresponding complaint script. Alternatively, have a cron job for that.
    3. ???
    4. Profit :)

    Well, look, this is much less questionable than Blue Frog's approach - I'm actively and individually complaining on the spam I got. I don't have the registry of those who want to be exempted - just to annoy the spammers and drive them out of business. What the program actually supplies is automation of the complaint process, without which I, arguably, would not bother complaining - but if it's just one click, I may choose to do so!

  3. Do you think anybody at spamcop cares? by Russ+Nelson · · Score: 4, Interesting

    Do you think anybody at spamcop cares about false positives? If they care, there's no evidence of it. My server was blocked by spamcop this past week. Why? I have no idea, and no way to correct the problem, because when they block you, all they say is "You sent email to one of our secret addresses."

    --
    Don't piss off The Angry Economist
  4. Re:considering all the damage RBLs do ... by Russ+Nelson · · Score: 2, Interesting

    Different DNSBLs have different policies. Spamcop's simply happens to suck, but that doesn't mean that everybody's does. For example, spamhaus's listing are very reliable.

    --
    Don't piss off The Angry Economist
  5. spammers avoid spamcop by 0xC2 · · Score: 4, Interesting

    I'm a longtime spamcop.net user. I've used it to filter numerous email addresses through its spam filter, which is effective and accurate, and highly configurable. However the allure of GMail prompted me to forward my other addresses to GMail and begin phasing out the spamcop address. Which is when I noticed something interesting:

    I don't receive spam to my spamcop.net address! This result is very interesting, mainly because my spamcop address is a "dictionary word" address. I can only conclude that spammers must avoid spamcop.net email.

    Which is making me rethink my decision to phase out spamcop.net. Have any other long-time users noticed this with their spamcop.net email?

    --
    Be heard || Be herd
  6. Needless? by JanneM · · Score: 2, Interesting

    My main address is fairly old - I have been using it for over ten years. I've also been using it with wild abandon pretty much anywhere on the net for as far back as I can remember, and it attracts an absolutely ridiculous amount of spam today. If it was a person, it would have it's own red-carpeted VIP entrance at the veneral disease department at the university hospital.

    I today filter with a bayesian filter, and only with a bayesian filter - I quit using those on-line services over a year ago. In addition I pre-approve some addresses to make sure I don't miss anything from people important to me. I see perhaps one spam every third day on average. It spikes temporarily when there's a shift in tactics - I get three or four a day - and then it calms down again to one a week or thereabouts.

    --
    Trust the Computer. The Computer is your friend.
  7. SpamCop is a pain in the ass by kullnd · · Score: 2, Interesting

    There are some services provided on the internet that make your server more likely to get hit with these stupid things, and personally I think that services like this are nothing but a pain in the ass and a crutch to people trying to run some types of non-spamming sites...

    In example, I run a couple online forums. These forums can be configured to send notification messages to it's users when someone replies to a post they made or sends them a private message. They can also subscribe to threads and get updates anytime someone makes a new post that meets their subscription. I was added to a blacklists in the past because suddenly someone who REQUESTED these simple notification messages (which most people find very nice to get) decided that they didnt want it and submitted it as spam.. Suddenly my entire server cant send emails to anyone running that blacklist, for no good reason whatsoever.

    The problem with these services is that they require end users to be smart. Problem with that is there is alot of stupid idiots on the internet that will submit shit that should not be submitted, something they asked for that could be turned off by simply changing their profile options.

    I hate those stupid services, and I will not run them on any of my servers, I'll deal with the junkmail and let each individual person deal with the junk as it arrives in their box, most email clients do offer junk mail filtering, and I figure that if they are not smart enough to use them (or ask for help setting it up) than they can deal with it. I would prefer this over people who do know how to use a computer not being able to get emails from legit senders.

    --
    +++ATH0 NO CARRIER
  8. Re:You don't seem to understand how it works by __aaxwdb6741 · · Score: 2, Interesting

    Step 1. You submit the spam to Spamcop.

    How about:
    Step 1. You submit SPAM to Spamcop, that you know 100% for sure without doubt is absolutely nothing but pure, clean and uncut SPAM?

    You know, a human is much better at detecting spam than any regex is. If you dont submit non-spam emails in the first place, then you dont need step 2 and 3. And what this guy is doing (As far as I understand) is to put actual SPAM in a specific folder, and letting cron take care of the needless steps 2 and 3.

    Let me stress this once more - A human brain is much better at detecting spam than ANY machine. If that were not true, we wouldnt even NEED things like SpamCop or any other spam protection, because SPAM would die out on the spot if machines were better at detecting spam than humans.

    If I recieve an email telling me about penis enlargement or viagra, I will without doubt know that I have never in my life asked anybody on this planet to inform me of such products.

  9. Great, I guess this means more of these: by mobby_6kl · · Score: 4, Interesting
    Technical details of permanent failure:
    PERM_FAILURE: SMTP Error (state 9): 550 5.7.0 Your server IP address is in the SpamCop database, bye
    No, I don't send spam, and this was bounced back to my gmail address anyway.
  10. I believe Spamcop sold my "private" address by Radi-0-head · · Score: 3, Interesting

    I was a Spamcop subscriber, using their SMTP forwarding/filtering system. I got fed up with the downtime and the false positives, and canceled the account. A month later, I start getting MASSIVE amounts of spam directed to the "secret" account that is set up for forwarding of "clean" email. Most of these messages had both my true email account and the secret account as recipients.

    There's no possible way anyone could have guessed this address (it consisted of random characters), and Spamcop was the only other organization that ever had record of it, and that ever used both of these addresses together.

    I don't trust them at all.

    1. Re:I believe Spamcop sold my "private" address by mmclean · · Score: 5, Interesting

      Amen to the don't trust them at all bit. They are more than happy to provide customer service when you are spending money to establish and account, but once they have your money forget it.

      I had an account over a year ago, the real email account with storage and was having a problem with it. I emailed support, no answer. I posted in the Spamcop form and the moderator (the great and powerful Wazoo) decided that I was full of shit and my problem didn't exist. A few days later, I posted different symptoms of the problem in a new thread and the great and powerful Wazoo decided that I was reiterating the same problem (didn't even take time to read and realize that I was posting different symptoms). He then merged the threads -- essentially burying my problem report at the end of a long thread so that no one could read it without clicking through 3-4 pages of the previous post. I posted in the forum actually begging for support -- and was constantly squashed by Wazoo.

      When I finally did get an answer from my email to support, the content of that email was essentially "we saw the thread in the forum and Wazoo says it's not a problem."

      This was one of the worst, most pathetic customer experiences that I have ever had -- and I had previously thought Spamcop were the "good guys" and directed many different friends, relative, and clients to them -- needless to say I cancelled, a number of my friends cancelled, and they've gotten zero new business from my recommendations.

  11. Re:spamcop blows by Anonymous Coward · · Score: 1, Interesting

    If you rejected mail during SMTP you would not be sending unsolicited email at all.

    Some kinds of backscatter are pretty much impossible to do at SMTP time if you have a reasonably distributed email architecture:
    1) "Hi, I'm out of the office. I'll read your mail when I get back tomorrow. If you need something in the meantime, contact Bob."
    2) "Hi, we accepted this message earlier, but it looks like the user has gone over quota and we haven't been able to deliver it. You might want to try calling them."
    3) "Hi, it looks like you sent mail to foo-subscribe and are trying to subscribe to our foo mailing list. Reply to confirm and activate your subscription."

    In normal circumstances, these are really nice messages to get, and guess what? Most people like them and find them valuable, and users demand them!

    Sure, these can be a problem if the envelope sender didn't actually send the message, so what's an admin to do? Well, fortunately we have ways to authenticate the sender: SPF and DomainKeys. And you can also check the spam score of the message, and check for bulk or autoresponse headers and so on. These are all things a responsible admin might do in his attempts to satisfy his users and still do the right thing. And SpamCop itself recommends that you check DK/SPF.

    But guess what? It won't do you any good, because:

    How many sites publish DK/SPF anyhow? Maybe 5% at the most?

    That's right, despite their recommendations, SpamCop's own spamtrap addresses do not publish SPF or DomainKeys records. They run a service that complains in a most vociferous way if it ever receives one tiny bit of backscatter, but they won't take even the simplest of steps to prevent it. If any site should publish SPF records, it's a spamtrap! Seriously, how hard is it to publish a freaking SPF record?

    So then, you get blocked by various sites that use SpamCop as a blacklist (exactly the way SpamCop tells them to), and the pairs of users involved have no clue what's going on, and you end up trying to get a hold of some remote mailserver admin to explain SpamCop's listing policy to him and convince him that it's a good thing that his customers be able to communicate with people with whom they have business relationships, and he tells you the guy who configured the mail server was a consultant, and he has no idea how the blacklisting works, and he's running Joe'sMailServer 1.0 and wants you to help him fix it, as if you're not already behind on other projects because of this whole situation...

    You see? You start off happy and trying to do the right thing by your users and by the world, and SpamCop's retarded policies come in and make you hate your life. Shouldn't email be about helping people communicate instead of walking through the anti-spam crusaders' minefields?