Slashdot Mirror
Automate Spamcop Submissions
hausmasta writes "Spamcop is pretty much dependent on user input. If no one submits and verifies spam, then they will have no blacklist. However that whole submission and verification process is a bit annoying. Why should I bother to actually submit spam to Spamcop and have it verified? If I just delete it, that will take less time.. This tutorial shows how to automate the Spam Cop submission and verification process. All I do is just put the spam into certain folders and our good old friend cron does the rest."
I guess this will make it much faster to build black lists. But doesn't this also increase the potential risk of submitting wrong messages?
Apparently you've missed the point of SpamCop. YOU are still supposed to VERIFY that EVERYTHING you submit is ACTUALLY SPAM. False reports hurt SpamCop and all SpamCop users.
If you want to cut down on Spam, then tighten you filters and reject it at SMTP level. Then anything that still makes it through, submit it to SpamCop. Automating your initial submission is okay, but DO NOT AUTOMATE THE VERIFICATION PROCESS.
... you might want to reconsider using any of them. Lots of companies that have nothing to do with spam have been targetted due to proximity in IP space, or using a provider the RBL maintainer hates.
RBLs are a waste of time, they give immense power to a few individuals and groups, more often with an axe to grind. Do you really want to do that? Rhetorical question, you don't.
I have spamcop checking turned off. Maybe because the service is tuned to north american audiences, I don't know, but its recommendations seem completely arbitrary and frequently mistakenly marks genuine email for me. With two emails (from a legitimate source) one can be marked OK, the other one not.
By contrast, local filtering generally works excellenty. When I finally turned off all on-line checking, I have a perceptible bump in the quality of filtering.
Trust the Computer. The Computer is your friend.
Well, submitting the mails may be interesting, but here's a (probably) even better idea.
:)
1. Maintain a repository of scripts for offending webshops (can be based on SF, or distributed by P2P). Each of the scripts goes to post a complaint in BlueFrog-like manner.
2. Write an extension to Thunderbird (and maybe to others as well) that, when I click a "Junk" on a mail, goes and fires the corresponding complaint script. Alternatively, have a cron job for that.
3. ???
4. Profit
Well, look, this is much less questionable than Blue Frog's approach - I'm actively and individually complaining on the spam I got. I don't have the registry of those who want to be exempted - just to annoy the spammers and drive them out of business. What the program actually supplies is automation of the complaint process, without which I, arguably, would not bother complaining - but if it's just one click, I may choose to do so!
You can simply ask the SpamCop admins to enable so called "quick reporting" for your account. Then, you just change your address from submit.RANDOMHASH@mail.spamcop.net to quick.RANDOMHASH@mail.spamcop.net, and you're all set. The spams you forward (via attachments) to this address are auto-reported immediately, no need to go clicking on the website.
The only slight drawback to this method is that quick reports only get sent for the source of the spam, but not for the web sites advertised in them.
Do you think anybody at spamcop cares about false positives? If they care, there's no evidence of it. My server was blocked by spamcop this past week. Why? I have no idea, and no way to correct the problem, because when they block you, all they say is "You sent email to one of our secret addresses."
Don't piss off The Angry Economist
Mechanize::SpamCop is another tool you can use.
I'm a longtime spamcop.net user. I've used it to filter numerous email addresses through its spam filter, which is effective and accurate, and highly configurable. However the allure of GMail prompted me to forward my other addresses to GMail and begin phasing out the spamcop address. Which is when I noticed something interesting:
I don't receive spam to my spamcop.net address! This result is very interesting, mainly because my spamcop address is a "dictionary word" address. I can only conclude that spammers must avoid spamcop.net email.
Which is making me rethink my decision to phase out spamcop.net. Have any other long-time users noticed this with their spamcop.net email?
Be heard || Be herd
The person controlling the server that your server was trying to send a message to was using a SpamCop blacklist as a rejection list.
If you want to complain, complain to that person.The reason to keep those addresses secret is because if the spammers found them, they would not be useful anymore.
If you have a static IP address, the problem is you. Someone with access to your out-bound email is sending spam.
If you have a dynamic IP address, you need to get a static address.
If you cannot get a static address, do not expect your email to always be delivered. You must monitor your logs for the rejection notices and then take whatever actions are necessary to get that site to whitelist your messages.
Don't blame SpamCop for the situation that results in your IP address being reported to them. No one is forced to used SpamCop's blacklists. They choose to use them because they believe they are useful in reducing spam.
My main address is fairly old - I have been using it for over ten years. I've also been using it with wild abandon pretty much anywhere on the net for as far back as I can remember, and it attracts an absolutely ridiculous amount of spam today. If it was a person, it would have it's own red-carpeted VIP entrance at the veneral disease department at the university hospital.
I today filter with a bayesian filter, and only with a bayesian filter - I quit using those on-line services over a year ago. In addition I pre-approve some addresses to make sure I don't miss anything from people important to me. I see perhaps one spam every third day on average. It spikes temporarily when there's a shift in tactics - I get three or four a day - and then it calms down again to one a week or thereabouts.
Trust the Computer. The Computer is your friend.
Think of the time spent verifying spam as an investment; use your time now and have far less spam/worries about genuine mail being marked as spam in the future. Not to mention the saved minutes that you can spend browsing slashdot more thoroughly.
Everyone I talk to didnt vote for him - how is he in office
The more widely known your email address becomes, the greater the chance that some zombie or virus will see it in someone's address book and send spam pretending to come from you. Spamcop will generally believe that you sent the spam, as far as I can tell.
They routinely list w3.org (W3C) as a source of spam for this (incorrect) reason.
Spamcop says you should not use their results as authoratative, but only as one factor to consider, but in practice a number of large companies blacklist anyone listed by spamcop automatically.
If you are going to automate submissions to spamcop, please at least use SPF to verify that the sender was in fact associated with that domain, where SPF records are available.
Live barefoot!
free engravings/woodcuts
There are some services provided on the internet that make your server more likely to get hit with these stupid things, and personally I think that services like this are nothing but a pain in the ass and a crutch to people trying to run some types of non-spamming sites...
In example, I run a couple online forums. These forums can be configured to send notification messages to it's users when someone replies to a post they made or sends them a private message. They can also subscribe to threads and get updates anytime someone makes a new post that meets their subscription. I was added to a blacklists in the past because suddenly someone who REQUESTED these simple notification messages (which most people find very nice to get) decided that they didnt want it and submitted it as spam.. Suddenly my entire server cant send emails to anyone running that blacklist, for no good reason whatsoever.
The problem with these services is that they require end users to be smart. Problem with that is there is alot of stupid idiots on the internet that will submit shit that should not be submitted, something they asked for that could be turned off by simply changing their profile options.
I hate those stupid services, and I will not run them on any of my servers, I'll deal with the junkmail and let each individual person deal with the junk as it arrives in their box, most email clients do offer junk mail filtering, and I figure that if they are not smart enough to use them (or ask for help setting it up) than they can deal with it. I would prefer this over people who do know how to use a computer not being able to get emails from legit senders.
+++ATH0 NO CARRIER
Step 1. You submit the spam to Spamcop.
How about:
Step 1. You submit SPAM to Spamcop, that you know 100% for sure without doubt is absolutely nothing but pure, clean and uncut SPAM?
You know, a human is much better at detecting spam than any regex is. If you dont submit non-spam emails in the first place, then you dont need step 2 and 3. And what this guy is doing (As far as I understand) is to put actual SPAM in a specific folder, and letting cron take care of the needless steps 2 and 3.
Let me stress this once more - A human brain is much better at detecting spam than ANY machine. If that were not true, we wouldnt even NEED things like SpamCop or any other spam protection, because SPAM would die out on the spot if machines were better at detecting spam than humans.
If I recieve an email telling me about penis enlargement or viagra, I will without doubt know that I have never in my life asked anybody on this planet to inform me of such products.
Unless you're talking about consumer level ISPs, there are going to be more than two options for your exit traffic. If there aren't, you can buy the right to relay via a non-pink server.
I too have felt the cold finger of injustice.
Fuck you you little shit sucking worm. You and your "business" is the reason that SpamCop and others are necessary. And every single shit for brains like you will always start their posts "I don't send spam".
Yes you do. And I have to spend time finding ways to stop you from filling up my end users' mailboxes with your spam.So
Sure they do.Here's a free clue. I don't give a rat's ass how fucking hard I make your job.
Company A = you
Company B = your client
Company C = evil competitor
You were talking about working at an "EMail marketing company"
Right
So
Otherwise, you're taking email addresses from a blacklisted company and sending "not spam" ads to them.
And you expect me to believe that or have sympathy for you?
Hahahahahhahahahahahahahahahaha
(Posting as AC, but I'm a registered user who posts often)
(Posting as AC because I know what I'm doing is wrong and I don't want people to harass me over it)
I work at an EMail marketing company (no, not spam) and we have had our servers placed on blacklists multiple times... you know why?
I drain the life blood of the internet at a Spam farm and we have had our spambots placed on blacklists multiple times because the tripe we send out is flat out spam.
People who are competetors to our clients signup a spamtrap email to their lists, getting our mailserver blacklisted for sending mail to an address -- even though the mail is a "are you sure you wanna subscribe?" message?
People who receive our spam report it to RBLs and our spambots get blocked even though our spam has circular links which verify e-mails of the people that we spam.
Your casual attitude toward "oh well, shouldn't have sent email to $secretspamtrap" without telling us *what* email or giving us details on how to avoid it in the future (like maybe adding your spamtrap domains to our lists that trigger "oh no, spammer" in our checks), you end up making RBLs more useless, and my job harder.
You are making my life as a spammer more difficult than those web pages that said that I could make $5000/month from home said it would be. Please stop. We both know you want to buy Cialis, Viagra and refinance your mortgage so just click on the links already. Sheesh.There ya go, fixed your post right up. No need to thank me.
It's clear you haven't realized that some email marketing companies are hired by people other than sleazeballs, for reasons other than distributing unsolicited ads. I belong to at least a couple of non-profit organizations that don't run their own mail servers. These organizations use third-party mailers to contact me with news and action requests related to certain political issues. And these organizations have enemies.
...
Do you morons ever stop to think about your role in a chain of events like the following?
1) An RIAA lobbyist writes some legislative atrocity and pays off a bunch of US congressmen to introduce it as a bill
2) The EFF catches wind of it, and uses an email marketing campaign targeted at its members who have asked to participate in such campaigns to ask its members to protest the RIAA-authored bill
3) The RIAA lobbyist, who has cleverly subscribed to the EFF's mailing list, reports the email to SpamCop
4)
5) Profit! (For the RIAA)
The same thing happens with AOL, where the users themselves don't have the cerebral capacity to remember which mass-mail lists they've opted into. SpamCop, by not maintaining a whitelist that allows them to ignore spurious or dishonest spam reports, is serving the interests of worse people than spammers.
But I guess you didn't think of that before you flamed the grandparent to a crispy golden brown, huh.
I was a Spamcop subscriber, using their SMTP forwarding/filtering system. I got fed up with the downtime and the false positives, and canceled the account. A month later, I start getting MASSIVE amounts of spam directed to the "secret" account that is set up for forwarding of "clean" email. Most of these messages had both my true email account and the secret account as recipients.
There's no possible way anyone could have guessed this address (it consisted of random characters), and Spamcop was the only other organization that ever had record of it, and that ever used both of these addresses together.
I don't trust them at all.
That someone who all but admits to being a spammer is mod'ed up 3 times (after posting anon)...
While the follow-ups criticising such are mod'ed down.
Seems like there are a lot of pro-spammer accounts with mod points today.
Anyway, you're still wrong.
#1. The "competitors" you're complaining about would have to have poisoned your "clients" email listing prior to you receiving those listings. That's just unrealistic. Either they'd have to have:
1a. Poisoned almost every company's email listings in which case SpamCop would be dead because every company would be listed on it each time it sent any mailings.
1b. Have someone inside your company telling them who your clients are and then poisoning them BEFORE you get the listing.
#2. Your competitors have lots of accounts that they use to report your sendings to SpamCop. If your competitors have that much expertise and time, then why are they wasting it blacklisting you?
#3. Your competitors already know the SpamCop spamtraps. Why aren't they making a LOT more money as real spammers with this knowledge? Why waste any time/effort on you? They can avoid the spamtraps themselves and get their spam out.
No. None of that makes any sense. You're a spammer and you're mad that SpamCop is being used to kill your spam business.