Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Automate Spamcop Submissions

CmdrTaco posted more than 8 years ago | from the spam-is-bad-mmkay dept.

183

hausmasta writes "Spamcop is pretty much dependent on user input. If no one submits and verifies spam, then they will have no blacklist. However that whole submission and verification process is a bit annoying. Why should I bother to actually submit spam to Spamcop and have it verified? If I just delete it, that will take less time.. This tutorial shows how to automate the Spam Cop submission and verification process. All I do is just put the spam into certain folders and our good old friend cron does the rest."

cancel ×

183 comments

great... (2, Insightful)

dhruvx (942514) | more than 8 years ago | (#15420594)

I guess this will make it much faster to build black lists. But doesn't this also increase the potential risk of submitting wrong messages?

Spamming Spam Cop (0)

Anonymous Coward | more than 8 years ago | (#15420644)

The new Darwin award goes to....

Do you think anybody at spamcop cares? (4, Interesting)

Russ Nelson (33911) | more than 8 years ago | (#15420708)

Do you think anybody at spamcop cares about false positives? If they care, there's no evidence of it. My server was blocked by spamcop this past week. Why? I have no idea, and no way to correct the problem, because when they block you, all they say is "You sent email to one of our secret addresses."

Ummm, they just TOLD you what happened. (5, Informative)

khasim (1285) | more than 8 years ago | (#15420751)

Do you think anybody at spamcop cares about false positives?
Yes, I think they care a lot.
My server was blocked by spamcop this past week.
No, your IP address may have been included on one of the blacklists, but your server was not "blocked".

The person controlling the server that your server was trying to send a message to was using a SpamCop blacklist as a rejection list.

If you want to complain, complain to that person.
Why? I have no idea, and no way to correct the problem, because when they block you, all they say is "You sent email to one of our secret addresses."
The reason to keep those addresses secret is because if the spammers found them, they would not be useful anymore.

If you have a static IP address, the problem is you. Someone with access to your out-bound email is sending spam.

If you have a dynamic IP address, you need to get a static address.

If you cannot get a static address, do not expect your email to always be delivered. You must monitor your logs for the rejection notices and then take whatever actions are necessary to get that site to whitelist your messages.

Don't blame SpamCop for the situation that results in your IP address being reported to them. No one is forced to used SpamCop's blacklists. They choose to use them because they believe they are useful in reducing spam.

Re:Ummm, they just TOLD you what happened. (3, Informative)

Anonymous Coward | more than 8 years ago | (#15420883)

(Posting as AC, but I'm a registered user who posts often)

I work at an EMail marketing company (no, not spam) and we have had our servers placed on blacklists multiple times ... you know why? People who are competetors to our clients signup a spamtrap email to their lists, getting our mailserver blacklisted for sending mail to an address -- even though the mail is a "are you sure you wanna subscribe?" message?

Your casual attitude toward "oh well, shouldn't have sent email to $secretspamtrap" without telling us *what* email or giving us details on how to avoid it in the future (like maybe adding your spamtrap domains to our lists that trigger "oh no, spammer" in our checks), you end up making RBLs more useless, and my job harder.

Re:Ummm, they just TOLD you what happened. (1, Informative)

Anonymous Coward | more than 8 years ago | (#15420926)

and my job harder.

And your job would be so much easier if everyone knew what these addresses were so that everyone could spam the addresses with each other's email headers?

Re:Ummm, they just TOLD you what happened. (1)

moro_666 (414422) | more than 8 years ago | (#15420935)

mod parent as informative.

we have lots of sites out there which send assurance emails to people that register, if a dummy kid who makes a dummy user and puts random data in along the way, the automated welcome or confirmation mail will be sent. if you have hundreds of thousands or millions of users, some of them can accidently trigger it off, some of them can do it on purpose if they somehow have got the knowledge of that `secret address`.

as for the article, one perl script and cron together are far better than the ultimate superscripting h4x0r thing from the article, that mess in tfa with zillion tools and confusion, looks like dental work carried out through the _other_ entrance to your digestion system.

maybe it's time for a whitelist at spamcop ? everybody can rule their domain in, if they are found really sending spam and not registration feedback, they will be blacklisted forever and if possible, fined for their actions. maybe an initial fee for getting whitelisted wouldn't be a bad idea either, that would cut off most of these chines and turkish fuggers.

have a nice day.

You may not want to read this reply. (profanity) (2, Insightful)

khasim (1285) | more than 8 years ago | (#15420965)

I work at an EMail marketing company (no, not spam) and we have had our servers placed on blacklists multiple times ... you know why?
Yes, it is spam.

Fuck you you little shit sucking worm. You and your "business" is the reason that SpamCop and others are necessary. And every single shit for brains like you will always start their posts "I don't send spam".

Yes you do. And I have to spend time finding ways to stop you from filling up my end users' mailboxes with your spam.
People who are competetors to our clients signup a spamtrap email to their lists, getting our mailserver blacklisted for sending mail to an address -- even though the mail is a "are you sure you wanna subscribe?" message?
So ....... your competitors know which addresses are spamtraps ... but you don't.

Sure they do.
Your casual attitude toward "oh well, shouldn't have sent email to $secretspamtrap" without telling us *what* email or giving us details on how to avoid it in the future (like maybe adding your spamtrap domains to our lists that trigger "oh no, spammer" in our checks), you end up making RBLs more useless, and my job harder.
Here's a free clue. I don't give a rat's ass how fucking hard I make your job.

Company A = you
Company B = your client
Company C = evil competitor

You were talking about working at an "EMail marketing company" ... but then you seem to be saying that the addresses you get from Company B have been previously compromised by Company C.

Right ............

So ... when Company B sends out email to those addresses, they don't get blacklisted. Or so you would seem to be saying.

Otherwise, you're taking email addresses from a blacklisted company and sending "not spam" ads to them.

And you expect me to believe that or have sympathy for you?

Hahahahahhahahahahahahahahahaha

Re:You may not want to read this reply. (profanity (0)

Anonymous Coward | more than 8 years ago | (#15421041)

Mod parent down please. (Registered user posting anonymously)

No, *you're* the dumb fuck... (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15421133)

It's clear you haven't realized that some email marketing companies are hired by people other than sleazeballs, for reasons other than distributing unsolicited ads. I belong to at least a couple of non-profit organizations that don't run their own mail servers. These organizations use third-party mailers to contact me with news and action requests related to certain political issues. And these organizations have enemies.

Do you morons ever stop to think about your role in a chain of events like the following?

1) An RIAA lobbyist writes some legislative atrocity and pays off a bunch of US congressmen to introduce it as a bill
2) The EFF catches wind of it, and uses an email marketing campaign targeted at its members who have asked to participate in such campaigns to ask its members to protest the RIAA-authored bill
3) The RIAA lobbyist, who has cleverly subscribed to the EFF's mailing list, reports the email to SpamCop
4) ...
5) Profit! (For the RIAA)

The same thing happens with AOL, where the users themselves don't have the cerebral capacity to remember which mass-mail lists they've opted into. SpamCop, by not maintaining a whitelist that allows them to ignore spurious or dishonest spam reports, is serving the interests of worse people than spammers.

But I guess you didn't think of that before you flamed the grandparent to a crispy golden brown, huh.

Re:Ummm, they just TOLD you what happened. (1, Redundant)

misleb (129952) | more than 8 years ago | (#15420978)

Oh come on, "email marketing" is a code word for "spamming" in the biz. OK, maybe, just maybe, your messages are "legit" and maybe you really do take people off your lists when they opt-out, but the reality is that savvy users shouldn't trust opt-outs. Too many spammers use it as a way of verifying good addresses to spam. It is much easier to simply report emails from unwanted "email marketers" as spam.

-matthew

Re:Ummm, they just TOLD you what happened. (0)

misleb (129952) | more than 8 years ago | (#15420991)

Your casual attitude toward "oh well, shouldn't have sent email to $secretspamtrap" without telling us *what* email or giving us details on how to avoid it in the future (like maybe adding your spamtrap domains to our lists that trigger "oh no, spammer" in our checks), you end up making RBLs more useless, and my job harder.

We WANT to make your job harder! Don't you get it?

You want to know how to avoid sending to spamtraps? Don't harvest emails from the web or buy lists from harvesters!

-matthew

Parent post fixed. (2, Funny)

grommit (97148) | more than 8 years ago | (#15421035)

You made a few mistakes in your post so I'm fixing them for you.

(Posting as AC, but I'm a registered user who posts often)

(Posting as AC because I know what I'm doing is wrong and I don't want people to harass me over it)

I work at an EMail marketing company (no, not spam) and we have had our servers placed on blacklists multiple times... you know why?

I drain the life blood of the internet at a Spam farm and we have had our spambots placed on blacklists multiple times because the tripe we send out is flat out spam.

People who are competetors to our clients signup a spamtrap email to their lists, getting our mailserver blacklisted for sending mail to an address -- even though the mail is a "are you sure you wanna subscribe?" message?

People who receive our spam report it to RBLs and our spambots get blocked even though our spam has circular links which verify e-mails of the people that we spam.

Your casual attitude toward "oh well, shouldn't have sent email to $secretspamtrap" without telling us *what* email or giving us details on how to avoid it in the future (like maybe adding your spamtrap domains to our lists that trigger "oh no, spammer" in our checks), you end up making RBLs more useless, and my job harder.

You are making my life as a spammer more difficult than those web pages that said that I could make $5000/month from home said it would be. Please stop. We both know you want to buy Cialis, Viagra and refinance your mortgage so just click on the links already. Sheesh.
<EOF>
There ya go, fixed your post right up. No need to thank me.

Re:Ummm, they just TOLD you what happened. (2, Insightful)

duncf (628065) | more than 8 years ago | (#15421097)

I'm pretty sure this would be impossible if you used a double opt-in subscription system.

Plus, since they use secret spam traps, then your competitors couldn't sign them up unless somehow they knew what the spam trap addresses are. And if they did know the secret spam trap addresses, they'd probably be making money off selling the addresses to spammers so the spammers could clean their lists. They probably wouldn't worry too much about thwarting your spamming -- I mean marketing -- business.

Re:Ummm, they just TOLD you what happened. (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15421145)

First, "double opt-in" is spammer-speak, implying some redundant step. "Verified opt-in" is more descriptive. But what the OP is complaining about is getting blacklisted for the verification email, which is a legitimate complaint if true.

Re:Ummm, they just TOLD you what happened. (0, Troll)

alienw (585907) | more than 8 years ago | (#15421107)

E-mail marketing is spam. That's what spamcop.net is supposed to block. You are a spammer, so you need to stop bitching.

Re:Ummm, they just TOLD you what happened. (3, Insightful)

techno-vampire (666512) | more than 8 years ago | (#15421340)

Not all email marketing is spam. I get regular emails from a mail order company, advertising their wares. I get them because I asked for them, and occasionally buy something. That's not spam. Spam is unsolicicted commercial email.

Re:Ummm, they just TOLD you what happened. (-1, Flamebait)

Pig Hogger (10379) | more than 8 years ago | (#15421194)

I work at an EMail marketing company (no, not spam) and we have had our servers placed on blacklists multiple times ... you know why? People who are competetors to our clients signup a spamtrap email to their lists, getting our mailserver blacklisted for sending mail to an address -- even though the mail is a "are you sure you wanna subscribe?" message?
Booo Hooo fucking Hooo! Cry me a river!

What a shitty dumbfuck you are. You work for a real big bunch of fucky slimeballs!

If someone (y'all) is stupid enough to devise a system that DOES NOT CONFIRM that one wants to be subcribed, and therefore be abused by "competitors", he deserves to be blacklisted and to rot in SPEWS until the heat-death of the Universe.

You are the sole architect of your woes. By setting up an abusable system, you got abused and your complacency has only brought you well deserved grief.

A proper system will make sure that no one will be subscribed against his will; but it seems that you're bunch of numbskulls too dense to think of a way to do it, and no, I'm not going to tell you how to do it, because you dipshits don't deserve free technical advice, since you're too dumbfucked to find it where it is.

Re:Ummm, they just TOLD you what happened. (0)

Anonymous Coward | more than 8 years ago | (#15421211)

Idiot.
Try reading the damn comment, the reason they're getting blacklisted is their competitors are getting them to send confirmation emails to spam traps

Re:Ummm, they just TOLD you what happened. (1)

deep44 (891922) | more than 8 years ago | (#15421329)

So how are your client's competitors finding out the SpamCop email addresses? Sounds like there's _some_ way of doing it - you might want to look into that before they put you out of business.. (as opposed to complaining on Slashdot about bad guys making your job "harder")

Re:Ummm, they just TOLD you what happened. (1)

lon3st4r (973469) | more than 8 years ago | (#15420972)

My server was blocked by spamcop this past week.
No, your IP address may have been included on one of the blacklists, but your server was not "blocked". The person controlling the server that your server was trying to send a message to was using a SpamCop blacklist as a rejection list. If you want to complain, complain to that person.

Ahem, and what is he gonna reply? Why is he blocking this poor chap's server? He's only gonna say that it's because he's using SpamCop and SpamCop says his IP was reported as a spammer.

* lon3st4r *

ah, the "secret mailbox" bit... (1)

SuperBanana (662181) | more than 8 years ago | (#15421034)

The reason to keep those addresses secret is because if the spammers found them, they would not be useful anymore. If you have a static IP address, the problem is you. Someone with access to your out-bound email is sending spam.

Only problem is that I keep hearing from friends who have really locked down mail servers but keep getting blocked by spamcop...yet spamcop claims the friend's mail server sent a message to one of their secret mailboxes.

Don't blame SpamCop for the situation that results in your IP address being reported to them.

I'm sorry, but that's pass-the-buck bullshit. If spamcop is technically incompetent, of course they should be blamed when they improperly list someone.

Re:Ummm, they just TOLD you what happened. (1)

Dan Ost (415913) | more than 8 years ago | (#15421126)

Aren't you overlooking the fact that even if he has a static IP address
that someone might have forged their packets such that they appeared to
originate from his IP?

It seems a little harsh to assume that he's done something wrong when
there is an alternative that doesn't assign blame.

Re:Ummm, they just TOLD you what happened. (1)

AndersM (32304) | more than 8 years ago | (#15421160)


The reason to keep those addresses secret is because if the spammers found them, they would not be useful anymore.

If you have a static IP address, the problem is you. Someone with access to your out-bound email is sending spam.


I understand you've never administrated services for a user base which you don't completely control? How is a conscientious administrator who wants to fix the problem supposed to identify the spamdrone-infected PC if Spamcop won't even give up a queue ID to search for in the logs? With a network where several thousand clients, such as student laptops and PCs in dorms, are not under centralised administration (and thus get infected by spyware because their users run with default administrator privileges enabled), this is a real problem.

Once the email's been sent by the client it gets processed by your outgoing mail gateways, and suddenly Spamcop blacklists your outgoing mail relays. And servers all over the place start rejecting your users' email, and the users start complaining to you. And unless the spamdrone sent enough email to really make an impact on your traffic, and it actually sent its email straight to your mail gateways and not a subordinate mail server which normally has a lot of traffic, and relays through your mail gateways.

Think about the problem and the answer is simple. (1)

khasim (1285) | more than 8 years ago | (#15421232)

I understand you've never administrated services for a user base which you don't completely control?
That would depend upon what you mean by "completely control".
How is a conscientious administrator who wants to fix the problem supposed to identify the spamdrone-infected PC if Spamcop won't even give up a queue ID to search for in the logs?
#1. Block all outgoing traffic on port 25. Except for the mail servers that you control.

#2. Rate limit the out-bound traffic on those mail servers.

#3. MONITOR your servers. If someone's queue suddenly fills up with 10,000 messages, lock it and investigate it.
With a network where several thousand clients, such as student laptops and PCs in dorms, are not under centralised administration (and thus get infected by spyware because their users run with default administrator privileges enabled), this is a real problem.
See above.

Don't focus on trying to get the info out of SpamCop.

Focus on identifying the spammer behaviour on your network BEFORE it gets to SpamCop.
Once the email's been sent by the client it gets processed by your outgoing mail gateways, and suddenly Spamcop blacklists your outgoing mail relays.
Yep. So the idea is to limit the out-going rate by user and to monitor those queues.

The problem is not sending email to a SpamTrap address.

The problem is sending out thousands of spam emails.

The SpamTrap address is just a tool to identify when an address is probably sending out thousands of spam emails.
And unless the spamdrone sent enough email to really make an impact on your traffic, and it actually sent its email straight to your mail gateways and not a subordinate mail server which normally has a lot of traffic, and relays through your mail gateways.
If you don't have the authority to correctly design the network and mail servers, then it is not your problem. It is the problem of whomever does have that authority.

10,000 messages at 4KB is "only" 40MB. You'll see more traffic than that in mp3 shares. So don't focus on the "traffic" on your network.

Again, limit the out-going email rate per account. Then monitor those queues.

If you cannot do that because you aren't allowed to, then it is not your problem.

Otherwise, do it.

Re:Ummm, they just TOLD you what happened. (1)

goaliemn (19761) | more than 8 years ago | (#15421206)

you apparently think spamcop never has false positives on their blackhole lists. I had a user that was getting alot of spam. They left my ISP and as a courtesy, I put in a .forward for the user, on their request. The new ISP thought I was relaying spam, and reported me to some blacklists. Apparently, they never bothered to actually try to relay through my mailserver, as I did have it locked down. It too me quite awhile to get removed, and most of the spots that had blacklisted me wouldn't tell me.. "you sent spam. you're bad. you're evil" is the reply I got from most.

Alot of people do get falsely listed, and its a PITA to get removed. I invited some to try to relay through me and they didn't try and didn't care.

SpamCop is a pain in the ass (2, Interesting)

kullnd (760403) | more than 8 years ago | (#15420908)

There are some services provided on the internet that make your server more likely to get hit with these stupid things, and personally I think that services like this are nothing but a pain in the ass and a crutch to people trying to run some types of non-spamming sites...

In example, I run a couple online forums. These forums can be configured to send notification messages to it's users when someone replies to a post they made or sends them a private message. They can also subscribe to threads and get updates anytime someone makes a new post that meets their subscription. I was added to a blacklists in the past because suddenly someone who REQUESTED these simple notification messages (which most people find very nice to get) decided that they didnt want it and submitted it as spam.. Suddenly my entire server cant send emails to anyone running that blacklist, for no good reason whatsoever.

The problem with these services is that they require end users to be smart. Problem with that is there is alot of stupid idiots on the internet that will submit shit that should not be submitted, something they asked for that could be turned off by simply changing their profile options.

I hate those stupid services, and I will not run them on any of my servers, I'll deal with the junkmail and let each individual person deal with the junk as it arrives in their box, most email clients do offer junk mail filtering, and I figure that if they are not smart enough to use them (or ask for help setting it up) than they can deal with it. I would prefer this over people who do know how to use a computer not being able to get emails from legit senders.

Re:Do you think anybody at spamcop cares? (1)

hostguy2004 (818334) | more than 8 years ago | (#15421029)

Russ Nelson is not some rookie on his first server. For those who don't know he is a major contributor to the qmail support list. He publicly stated that he does not support spammers. But yet he is still caught because of SpamCops ridgid policies. I think his experience highlights exactly what is wrong with SpamCop and RBLs in general.

Spamcop is a mail admin's worst nightmare (1)

Kattare (528707) | more than 8 years ago | (#15420779)

The problem is that Spamcop encourages people to use it as a way to reject mail at the entry point, rather than as a tool for spam scoring (Spamassassin, etc.) ...

We frequently get blocked because one of our users desktops has been pwned and the virii manage to SMTP-AUTH using our users login and password. (usually not too hard to manage) These ones we can catch pretty quickly with our logging system.

The really painful ones are when someone finds a hole in an application we're hosting for someone and spews mail through it (formmail.pl, anyone. ;-) ... They eventually manage to hit one of spamcops honeypot addresses and we instantly get blocked in a manner in which we cannot track where the rogue spam came from! Spamcop does not provide copies of emails that hit their honeypot, for understandable reasons, but surely they realize that it also makes it impossible for an admin of a large organization to pin down the spammer...

Spamcop needs to adjust their website to explain how to use their list to score spam, and they need to ditch the honeypots and stick to user-submitted spam until they decide to work with the ISP's that are actually trying to eliminate it.

On the incomming mail side, we love Spamcop. We score the mail higher using their blacklist and let our users set the trigger level for either deletion or automatic filtering to a sub-folder.

Re:great... (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#15420814)

But doesn't this also increase the potential risk of submitting wrong messages?

Yes, we run a mailing list and some dick decided that he didn't like a message he received and submitted it as spam and our mail gateway got blacklisted. Fucker. It was a completely ontopic message for the list which he subscribed to! Automated spam ANYTHING is a bad idea. When in doubt, just delete the fucking message assholes.

Re:great... (1)

alfs boner (963844) | more than 8 years ago | (#15421051)

I was a religious SpamCop user for awhile. You tattle to SpamCop on a spam you receive, it checks its various databases, and then notifies various network authorities of the problem.

Problem being, that several of the network authorities are huge megacorps where the complaints get filed with the rest of 98,000 or are spamhosts themselves.

I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.

Isn't effectiveness the whole reason eight-year-olds tattle in the first place? ("Billy hit me!" Billy gets in trouble. (And Tommy gets beaten up after school.)) Somehow, I don't think enough spammers got in trouble.

Spamcop TOS? (1)

ArsenneLupin (766289) | more than 8 years ago | (#15420596)

Is this compliant to Spamcop's terms of services? Automating might make it too easy to accidentally submit false positives...

Re:Spamcop TOS? (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420607)

I don't think they prohibit automated reporting. I wouldn't point it at a Spamassassin-controlled junk folder, though. I would rather scan the messages and drop them into a designated folder, which is what it looks from the writeup what his approach is.

stupid idea (0)

Anonymous Coward | more than 8 years ago | (#15420600)

please make sure to unsubscribe from all mailing lists you subscribed to before doing this.

NO NO NO (5, Interesting)

Anonymous Coward | more than 8 years ago | (#15420604)

Apparently you've missed the point of SpamCop. YOU are still supposed to VERIFY that EVERYTHING you submit is ACTUALLY SPAM. False reports hurt SpamCop and all SpamCop users.

If you want to cut down on Spam, then tighten you filters and reject it at SMTP level. Then anything that still makes it through, submit it to SpamCop. Automating your initial submission is okay, but DO NOT AUTOMATE THE VERIFICATION PROCESS.

Re:NO NO NO (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420617)

From the FA:
"Spamfolder"
Then you need to create a folder where you put all your spam into.. . .

This looks to me like his intent is to automate the SpamCop submission process, not the verification process.

Re:NO NO NO (0)

Anonymous Coward | more than 8 years ago | (#15420631)

From the FA:


Spamcop form submission script

Well, so far we have forwarded all spam emails to spamcop, received their verifcation emails containing the ID for the form submisson and sent that data to a PHP script.
Now you create...


He's automating the whole process.

Re:NO NO NO (2, Informative)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420660)

The key words to me were "where you put all your spam into." I read this as meaning that a human, not a script, would be filling the folder. Unless the Spamfolder is populated automatically, this process could be compliant, and I could certainly have missed something, but I don't see where he says he's doing that. In any case, someone submitting legitimate email to SC won't keep his account long.

You don't seem to understand how it works (0)

Anonymous Coward | more than 8 years ago | (#15420685)

SpamCop parses the email, and unless you've got some great regexs in your brain, reading the email's source isn't going to give you the same output. SpamCop may read the headers or body differently than you did, possibly selecting innocents, which you're supposed to manually look at and decide on.

Re:You don't seem to understand how it works (0)

Anonymous Coward | more than 8 years ago | (#15420702)

Then SC shouldn't accept submissions via email, which bypasses the manual check of the parsing process, if that's a concern for them.

Re:You don't seem to understand how it works (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15420714)

Step 1. You submit the spam to Spamcop.
Step 2. Spamcop parses it and notifies you that it's ready for your to inspect
Step 3. You inspect the spam to verify that it is spam and no innocents are being sent reports.

Automating step 1 isn't the problem; automating step 3 is. He's using PHP to fake a form submit to automate step 3, and that will hurt SpamCop.

Re:You don't seem to understand how it works (2, Interesting)

KingOfGod (884633) | more than 8 years ago | (#15420916)

Step 1. You submit the spam to Spamcop.

How about:
Step 1. You submit SPAM to Spamcop, that you know 100% for sure without doubt is absolutely nothing but pure, clean and uncut SPAM?

You know, a human is much better at detecting spam than any regex is. If you dont submit non-spam emails in the first place, then you dont need step 2 and 3. And what this guy is doing (As far as I understand) is to put actual SPAM in a specific folder, and letting cron take care of the needless steps 2 and 3.

Let me stress this once more - A human brain is much better at detecting spam than ANY machine. If that were not true, we wouldnt even NEED things like SpamCop or any other spam protection, because SPAM would die out on the spot if machines were better at detecting spam than humans.

If I recieve an email telling me about penis enlargement or viagra, I will without doubt know that I have never in my life asked anybody on this planet to inform me of such products.

Re:You don't seem to understand how it works (0)

Anonymous Coward | more than 8 years ago | (#15420966)

Sigh... you're still not understanding how it works. SpamCop isn't a Bayesian filter. It simply scans messages you submit for the mail servers a message came through and any included links in the email. Then you have the option of sending automated messages to the admins for those netblocks/ISPs. But what if that email contains a legit website that's simply been added by the spammer to potentially hurt them? Or what if your mail route has changed slightly, causing your own ISP to appear to be the last untrusted mailer in the chain? That's why a human needs to inspect the reports. If you take that out it just creates false positives that hurt all the users.

Re:NO NO NO (1)

ljc86 (921909) | more than 8 years ago | (#15420635)

Agree in principal, but he's talking about a way to fast track the actual process - so manually placing e-mails in a folder and then not having to jump through hoops to submit.

Of course, if users then misuse it by setting up filters to automatically put mail in there...

Re:NO NO NO (4, Informative)

AaronLawrence (600990) | more than 8 years ago | (#15420668)

The point is, that YOU should CHECK the results of spamcop's parsing, to make sure something dumb hasn't happened - like listing your own provider as the spammer.

This can happen outside your control because your email provider has changed configuration and messed up headers.

Spamcop only needs small numbers of properly checked submissions. Piles of submissions don't help - it's not a statistical process like Bayesian filters.

Re:NO NO NO (1)

stunt_penguin (906223) | more than 8 years ago | (#15420764)

Um yea true- but I think everyone's missing a point- surely a one click/step/time-setup solution is the way that spam reporting *should* work. I mean, in Thunderbird if you hit the 'J' key the machine will mark it as junk and add that mail's data to the spam filter's aggregated data.

Surely any spam software shoudl work in roughly the same way?

Re:NO NO NO (1)

AaronLawrence (600990) | more than 8 years ago | (#15420794)

No, because if you make a mistake submitting to spamcop thousands of people will feel the effects (potentially). Make a mistake in your own junk mail, its only you that gets hurt.

Re:NO NO NO (1)

stunt_penguin (906223) | more than 8 years ago | (#15420888)

Hang on, surely a single accidental submission to Spamcop doesn't make a significant difference to the overall picture. That would make it much too easy to do as you say, to accidentally block a valid sender, but to also maliciously blacklist an entire company's email with a few clicks. If the software isn't set up to ignore the few wild submission results from the overall spam data it gets, then it isn't worth having.

Re:NO NO NO (1)

sporkmonger (922923) | more than 8 years ago | (#15420753)

Mod parent up.

Beyond just that, blacklists like SpamCop constantly block legitimate mail, especially from webmail providers like GMail. For awhile, virtually every message I sent from GMail was blocked by various spam filters because SpamCop decided to put Google's ip addresses on their blacklist. That was a very frustrating two weeks.

Frankly, I discourage the use of SpamCop altogether. Content-based filtering does a good enough job.

That is GMail's fault. (1)

khasim (1285) | more than 8 years ago | (#15420799)

Google runs GMail's system so that their servers are the LAST verifiable IP address in the chain.

What that means is if I upload a message to a GMail server, their headers will NOT include the IP address of my machine.

So SpamCop has no way of identifying the IP address that originally sent the spam to the GMail server.

So SpamCop reports the GMail server as the "source" of the spam. And that IP address gets blacklisted.

Personally, I believe that the "free" email services should assign people to work with the various blacklists. Even if Google won't change the behaviour of their servers, they should still be able to help SpamCop find the correct IP address via the unique message ID of each email. And also correctly identify the IP addresses of their mail servers so SpamCop wouldn't have to guess if it was a legit GMail server or not.

I've had to whitelist GMail, HotMail, Yahoo! and even AOL's mail servers at the SMTP level because of this. And it is NOT easy finding which IP addresses belond to their mail servers. They still run through SpamAssassin (because of the Nigerian royalty scams) but they are always accepted.

It's a "solution" and it mostly works for me. I just with the "free" email services would run their own RBL's so I could verify the IP addresses of servers that HELO with *.google.com or just gmail.com.

Re:That is GMail's fault. (0)

Anonymous Coward | more than 8 years ago | (#15420870)

Are you a fucking retard? It's a web based e-mail system. There IS no other mail server submitting shit to it, just a web browser. What would be the point in blocking a web browser? God you people are fucking stupid sometimes.

Re:NO NO NO (1)

Net_fiend (811742) | more than 8 years ago | (#15420941)

I don't know what perspective you guys are reading this from, but since I work for a small ISP I see it from that point of view. And I can see how it could quickly become a problem if it were abused. ATM there has to be some manual work in digging through e-mail to determine whether something is legit or spam, and if its spame where it actually originated from. I can't count the number of times I'll get an e-mail from some ignorant person using gmail or yahoo declaring that a customer of ours is sending spam when in reality its someone spoofing our domain (which no one can prevent). Utilizing SPF is somewhat of a wash because in order for SPF to work everyone needs to use it otherwise those who don't use SPF get the spoofed messages.

Reporting from webmail (e.g. gmail, hotmail)? (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420625)

Give me the ability to check my spams and submit them to SpamCop (rather than having to go through each webmail's contortions to get full headers) and I'd have lots more food for the SCBL. On my personal server, I block all of LACNIC and APNIC, so I don't get much spam there.

Blue Security (1)

Spy der Mann (805235) | more than 8 years ago | (#15420749)

Why not modify Blue Security's Firefox reporting tool? It used e-mail for reporting spam from yahoo and hotmail at Blue Sec.

Re:Blue Security (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420947)

That's a good idea--I didn't know the Blue Frog tool did its reporting via email, figured it opened up some kind of other connection to Blue Security. But you're right--if it's sending email already, it should be trivial to change it to a SpamCop reporting address.

Wonder what the license on that source that's floating around is (IIRC, it got pulled when Blue Security caved/was paid off/was threatened physical harm by the spammers).

Alternative method: Ypops + ISP's smtp (1)

Spy der Mann (805235) | more than 8 years ago | (#15421008)

A possible alternative is to use YPops! (another sourceforge project) for gathering your Yahoo! mail's Bulk mail folder. Then, using another SMTP server (like your ISP's) forward the bulk mails to SpamCop.

Re:Blue Security (1)

wayne (1579) | more than 8 years ago | (#15421141)

Why not modify Blue Security's Firefox reporting tool?

Funny, yesterday on the #okopipi IRC channel, I suggested that okopipi should automate submissions to spamcop, nanas, dcc and razor, in addition to the FTC and SEC submissions that bluefrog did. Basically, it would give the spammers several more good reasons to pay attention to okopipi's do-not-spam list.

Dependant (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#15420632)

Dependant is a noun, dependent is an adjective.

Re:Dependant (0)

Anonymous Coward | more than 8 years ago | (#15420659)

http://dictionary.reference.com/search?q=dependant [reference.com]

At the bottom:

"dependant
adj
1: contingent on something else [syn: dependent, qualified]"

considering all the damage RBLs do ... (2, Insightful)

Anonymous Coward | more than 8 years ago | (#15420637)

... you might want to reconsider using any of them. Lots of companies that have nothing to do with spam have been targetted due to proximity in IP space, or using a provider the RBL maintainer hates.

RBLs are a waste of time, they give immense power to a few individuals and groups, more often with an axe to grind. Do you really want to do that? Rhetorical question, you don't.

Re:considering all the damage RBLs do ... (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420670)

What other means do you have in mind to get providers to stop carrying spammers' traffic? If one subscribes to a pink contract ISP and can't get one's legitimate email through, the obvious solution is to change ISPs. This gets your email through and deprives the rogue ISP of revenue. There's nothing immoral or illegal about that solution--users of RBLs have a right to refuse mail from anyone they wish, and customers have the right to choose ISPs with good reputations whose IP space won't be blacklisted.

Duopoly (1)

tepples (727027) | more than 8 years ago | (#15420728)

If one subscribes to a pink contract ISP and can't get one's legitimate email through, the obvious solution is to change ISPs.

If both ISPs that offer service to one's geographic area are pink, then how does one find the money to move and a job in the new location?

Re:Duopoly (2, Insightful)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420956)

Unless you're talking about consumer level ISPs, there are going to be more than two options for your exit traffic. If there aren't, you can buy the right to relay via a non-pink server.

Re:considering all the damage RBLs do ... (0)

Anonymous Coward | more than 8 years ago | (#15420770)

RBL?

It'd be nice if you define your acronym at least the first time you use it, because I have no fucking idea what you are talking about.

Re:considering all the damage RBLs do ... (0)

Anonymous Coward | more than 8 years ago | (#15420932)

According to Wikipedia [wikipedia.org] , it stands for Realtime Blackhole List.

It also stands for a couple of other things, but artillery and crappy hip-hop groups don't seem as relevant to this discussion. Although I suppose they could all be used to reduce spam in some way... ;)

Re:considering all the damage RBLs do ... (0)

Anonymous Coward | more than 8 years ago | (#15420964)

Anyone reading Slashdot who doesn't already know the expansion for RBL is Realtime Blackhole List and what it is, or isn't willing to take the time to Google for it, isn't informed enough to be entitled to an opinion on or to make commentary about this topic.

Re:considering all the damage RBLs do ... (2, Informative)

AaronLawrence (600990) | more than 8 years ago | (#15420689)

Spamcop specifically avoids those two problems (though it has others).
It only blocks specific IPs identified as sources of spam.
And it only blocks due to submitted spam - no manual entries.

So, your comments are irrelevant to spamcop.

Re:considering all the damage RBLs do ... (2, Interesting)

Russ Nelson (33911) | more than 8 years ago | (#15420722)

Different DNSBLs have different policies. Spamcop's simply happens to suck, but that doesn't mean that everybody's does. For example, spamhaus's listing are very reliable.

Spamcop webmail (1)

daybot (911557) | more than 8 years ago | (#15420649)

I used Spamcop's paid webmail service before Gmail came along. Naturally, it had semi-automated reporting. It took me to a reporting page with all the mail it thinks is SPAM and all those I've personally tagged and I had to tick all those I wanted to report.

I did "Select All" and went through the list looking for false positives. This process was only time consuming if you didn't do it regularly and it reassured me that I knew everything that was being reported was indeed SPAM.

Just deleting it will take longer (1)

Tim C (15259) | more than 8 years ago | (#15420656)

Oh sure, it's quicker for any given email, but if you just delete it, Spamcop will never know about it. If Spamcop never knows about it, it'll never block it. If it never blocks it, you'll just keep on getting the spam. The more spam you get, the longer you spend just deleting it...

I have spamcop turned off (4, Insightful)

JanneM (7445) | more than 8 years ago | (#15420658)

I have spamcop checking turned off. Maybe because the service is tuned to north american audiences, I don't know, but its recommendations seem completely arbitrary and frequently mistakenly marks genuine email for me. With two emails (from a legitimate source) one can be marked OK, the other one not.

By contrast, local filtering generally works excellenty. When I finally turned off all on-line checking, I have a perceptible bump in the quality of filtering.

spamcop blows (1, Insightful)

Anonymous Coward | more than 8 years ago | (#15420681)

they constantly list and relist one mf my servers because it bounces mail back to them. well, it is not a bounceback. it is an auto reply to a mailing list submission that customers actually use.
measuring the mail we get from non-customers, the amount of mail that is not valid that gets a reply is negligible.

yet, spamcop decides that ALL auto replies are spam.

the only explanation I can come to is that most of that mail is from their super secret spam finding system.

wrong.

Re:spamcop blows (1)

Russ Nelson (33911) | more than 8 years ago | (#15420740)

yet, spamcop decides that ALL auto replies are spam.

Yup. They're attacking the symptom of forgeries (misdirected auto replies) rather than the cause of forgeries: unsigned email. DomainKeys will get rid of 99% of all forgeries. Instead of blocking sites that send auto replies, they should be blocking sites that don't sign their email with DomainKeys.

Or perhaps less radically, they should block sites that send auto replies to email with a forged DomainKey.

Re:spamcop blows (0)

Anonymous Coward | more than 8 years ago | (#15420944)

When you send an auto-reponse to a spam message which has been sent to you using a forged the envelope-from address you are sending unsolicicited email to someone who never initiated any communication with you to begin with. You are sending SPAM! If you rejected mail during SMTP you would not be sending unsolicited email at all.

How many sites publish DK/SPF anyhow? Maybe 5% at the most?

Re:spamcop blows (1)

Ph33r th3 g(O)at (592622) | more than 8 years ago | (#15420987)

I publish SPF records and still get bounces from forgeries constantly. I do get the occasional enjoyment of clicking a challenge/response link that lands in my catchall address to help show people using these annoying ineffective systems the error of their ways :).

Re:spamcop blows (1)

alfs boner (963844) | more than 8 years ago | (#15421064)

I used to be an avid SpamCop user for awhile. Tattle on spam to spamcop, and spamcop tells different network authorities about the problem after it looks through some databases.

Problem being, that several of the network authorities are huge megacorps where the complaints get filed with the rest of 98,000 or are spamhosts themselves.

I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.

Isn't effectiveness the whole reason eight-year-olds tattle in the first place? ("Billy hit me!" Billy gets in trouble. (And Tommy gets beaten up after school.)) Somehow, I don't think enough spammers got in trouble.

A frog-like idea (2, Interesting)

gsasha (550394) | more than 8 years ago | (#15420683)

Well, submitting the mails may be interesting, but here's a (probably) even better idea.

1. Maintain a repository of scripts for offending webshops (can be based on SF, or distributed by P2P). Each of the scripts goes to post a complaint in BlueFrog-like manner.
2. Write an extension to Thunderbird (and maybe to others as well) that, when I click a "Junk" on a mail, goes and fires the corresponding complaint script. Alternatively, have a cron job for that.
3. ???
4. Profit :)

Well, look, this is much less questionable than Blue Frog's approach - I'm actively and individually complaining on the spam I got. I don't have the registry of those who want to be exempted - just to annoy the spammers and drive them out of business. What the program actually supplies is automation of the complaint process, without which I, arguably, would not bother complaining - but if it's just one click, I may choose to do so!

Have you not heard of SpamCop Quick Reports? (2, Informative)

Ivan Todoroski (132826) | more than 8 years ago | (#15420686)

You can simply ask the SpamCop admins to enable so called "quick reporting" for your account. Then, you just change your address from submit.RANDOMHASH@mail.spamcop.net to quick.RANDOMHASH@mail.spamcop.net, and you're all set. The spams you forward (via attachments) to this address are auto-reported immediately, no need to go clicking on the website.

The only slight drawback to this method is that quick reports only get sent for the source of the spam, but not for the web sites advertised in them.

Policy of use (1)

michelcultivo (524114) | more than 8 years ago | (#15420700)

The user who submits the spam may comply with a "spam submission" police, after the system administrators see that's a spam then will be sent to spamcop. Never let the final user do the poor job.

Good Tutorial (3, Informative)

Ythan (525808) | more than 8 years ago | (#15420720)

Mechanize::SpamCop [cpan.org] is another tool you can use.

spammers avoid spamcop (4, Interesting)

0xC2 (896799) | more than 8 years ago | (#15420743)

I'm a longtime spamcop.net user. I've used it to filter numerous email addresses through its spam filter, which is effective and accurate, and highly configurable. However the allure of GMail prompted me to forward my other addresses to GMail and begin phasing out the spamcop address. Which is when I noticed something interesting:

I don't receive spam to my spamcop.net address! This result is very interesting, mainly because my spamcop address is a "dictionary word" address. I can only conclude that spammers must avoid spamcop.net email.

Which is making me rethink my decision to phase out spamcop.net. Have any other long-time users noticed this with their spamcop.net email?

spammers avoid spamcop...not (1)

Jac_no_k (5957) | more than 8 years ago | (#15420858)

I too am a long time spamcop user... But spammers do not avoid my account. However, my wife who also has a spamcop address receives almost no spam. Biggest difference I guess is my address is everywhere on the net.

Re:spammers avoid spamcop...not (1)

0xC2 (896799) | more than 8 years ago | (#15420929)

I guess since I've used the spamcop.net address as a "filter" address, I managed to keep it off the lists.

Some mothers do have 'em (0)

Anonymous Coward | more than 8 years ago | (#15420796)

Hmmm Betty. The cat did a whoopsee on me manual spamcop submissions.

Seriously, this just increases the risk of false positives.

Hmmm.

Needless? (2, Interesting)

JanneM (7445) | more than 8 years ago | (#15420825)

My main address is fairly old - I have been using it for over ten years. I've also been using it with wild abandon pretty much anywhere on the net for as far back as I can remember, and it attracts an absolutely ridiculous amount of spam today. If it was a person, it would have it's own red-carpeted VIP entrance at the veneral disease department at the university hospital.

I today filter with a bayesian filter, and only with a bayesian filter - I quit using those on-line services over a year ago. In addition I pre-approve some addresses to make sure I don't miss anything from people important to me. I see perhaps one spam every third day on average. It spikes temporarily when there's a shift in tactics - I get three or four a day - and then it calms down again to one a week or thereabouts.

Investment (3, Informative)

Zindagi (875849) | more than 8 years ago | (#15420839)

Think of the time spent verifying spam as an investment; use your time now and have far less spam/worries about genuine mail being marked as spam in the future. Not to mention the saved minutes that you can spend browsing slashdot more thoroughly.

So what you want to do, essentially... (0, Redundant)

geobeck (924637) | more than 8 years ago | (#15420841)

...is spam Spamcop?

Forgeries (2, Insightful)

Ankh (19084) | more than 8 years ago | (#15420849)

The more widely known your email address becomes, the greater the chance that some zombie or virus will see it in someone's address book and send spam pretending to come from you. Spamcop will generally believe that you sent the spam, as far as I can tell.

They routinely list w3.org (W3C) as a source of spam for this (incorrect) reason.

Spamcop says you should not use their results as authoratative, but only as one factor to consider, but in practice a number of large companies blacklist anyone listed by spamcop automatically.

If you are going to automate submissions to spamcop, please at least use SPF to verify that the sender was in fact associated with that domain, where SPF records are available.

Re:Forgeries (1)

dacarr (562277) | more than 8 years ago | (#15421092)

Not really. The system is intelligent enough to check the headers and verify the hostnames aren't bogus when checked against the IP addresses - and if one's SMTP server is correctly set up, then it will still get the hails from the client SMTP system.

Great, I guess this means more of these: (4, Interesting)

mobby_6kl (668092) | more than 8 years ago | (#15420942)

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550 5.7.0 Your server IP address is in the SpamCop database, bye
No, I don't send spam, and this was bounced back to my gmail address anyway.

That's why I prefer Exim4. (1, Offtopic)

khasim (1285) | more than 8 years ago | (#15421175)

Technical details of permanent failure:
PERM_FAILURE: SMTP Error (state 9): 550 5.7.0 Your server IP address is in the SpamCop database, bye
With Exim4, I can customize the rejection messages so that they include the phrase:
Please call email admin at (NNN) NNN-NNNN
Spam zombies and such won't ever call. But if you're a person, and your email server is halfway decent, you'll see the rejection notice and you can call me and I can add you to whomever's whitelist. Or you can call that person directly and s/he can add you to his/her whitelist.

Technology rocks, but people should never over-estimate it.

Always include some alternate means for a legitimate person to easily contact you to resolve the problem. Phone, fax, IM, whatever.

Cron? (1)

KidSock (150684) | more than 8 years ago | (#15420963)

All I do is just putting the spam into certain folders and our good old friend cron does the rest.

Man I can't believe we're still doing this. Cron? The proper way to do this is to have a "Spam" button on your email program that triggers a script (and preferrably provide default scripts for things like SpamCop).

LOL! (0, Offtopic)

JoloK (728770) | more than 8 years ago | (#15420985)

Spamcop... that's funny!

Spamcop sucks (0)

Anonymous Coward | more than 8 years ago | (#15420993)

SpamCop sucks since it blindly "trusts" anything that is submitted. I hope that spammers use this automation procedure to submit every server in the world and thus render SpamCop as the useless piece of crap that it truly is.

False positives (1)

orionware (575549) | more than 8 years ago | (#15421046)

We have a client that we send out over 30,000 emails per month using campaignmonitor.com.

Their list is a double opt-in and still every month we get notified by campaign monitor that there were users in the list who complained of spam. EVERY single one of them were AOL users.

Even though there was an un-subscribe at the bottom of the newsletter they explicitly subscribed to, AOL has a nice little button for them to click if they no longer want to receive those emails. Then AOL automatically submits a spam complaint.

We used the ORBS and spamcop modules on our email server but stopped using them because we would have lots of users complaining that they they wouldn't receive email from clients because they would get trapped. Most were just regular uers whose ISP's had IP's on the list.

I used to be one of those SPAMCOP/ORBS Nazis, taking the "at any cost" attitude to reduce spam, however in the real world, the blacklists are just too inaccurate.

Really automated spam submission (0)

Anonymous Coward | more than 8 years ago | (#15421326)

Abuse [sourceforge.net] has been automating spam submission to the proper autorities for a few years now. I am sure that, if necessary, it would be possible to add Spamcop to the list of recipients.

As a user, why should I worry about this? (1)

Mistshadow2k4 (748958) | more than 8 years ago | (#15421427)

Why put myself through this when there is an easier way? I use gmail pretty much exclusively. I just checked my account and there is currently 850 (!) spam emails in my spam folder. There was one spam email in my inbox. Nomrally I never see this at all because what doesn't register as spam with gmail gets caught by Thunderbird. Furthermore, I can set Thunderbird to download copies of my email and leave the originals on the server, so if there is spam in my inbox all I have to do is go to my gmail account in my browser, open the spam email and click the "report spam" button.

I'm not trying to troll Spamcop or anything but why deal with an anti-spam service that complicated enough to need a tutorial on how to report spam when it's much easier to do that with gmail? Plus whatever gets past gmail usually gets caught by Thunderbird's junk mail filter.

I believe Spamcop sold my "private" address (3, Interesting)

Radi-0-head (261712) | more than 8 years ago | (#15421430)

I was a Spamcop subscriber, using their SMTP forwarding/filtering system. I got fed up with the downtime and the false positives, and canceled the account. A month later, I start getting MASSIVE amounts of spam directed to the "secret" account that is set up for forwarding of "clean" email. Most of these messages had both my true email account and the secret account as recipients.

There's no possible way anyone could have guessed this address (it consisted of random characters), and Spamcop was the only other organization that ever had record of it, and that ever used both of these addresses together.

I don't trust them at all.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...