|
SpamCop is a free spam reporting service, allowing recipients of unsolicited bulk email (UBE) and unsolicited commercial email (UCE) to report the offense to the sender's Internet Service Provider (ISP), and sometimes their web host. SpamCop uses these reports from its volunteers to compile a DNSBL of computers sending spam called the "SpamCop Blocking List" (SCBL) and websites referenced in the spam are used to create the Spam URI Realtime Blocklists (SURBL) RHSBL. SpamCop has tools for ISPs to manage reports sent to them, see details on the individual spam messages and to mark spam incidences as being resolved. Paying members can configure how reports are sent and avoid a "nag" screen, among other benefits. There are also forums for discussing these services. View of a modern spam email, containing an advertising image. ...
An Internet service provider (abbr. ...
Web hosting is a service that provides Internet users with online systems for storing information, images, video, or any content accessible via the web. ...
A DNSBL is a means by which an Internet site may publish a list of IP addresses that some people may want to avoid and in a format which can be easily queried by computer programs on the Internet. ...
SURBL is an acronym for Spam URI Realtime Blocklists, a method for detecting spam by searching e-mail message bodies for Uniform Resource Identifiers (URIs) which are known to appear in spam messages. ...
A DNSBL is a means by which an Internet site may publish a list of IP addresses that some people may want to avoid and in a format which can be easily queried by computer programs on the Internet. ...
Overview
Like other DNSBLs, SpamCop's SCBL is controversial. Criticism primarily comes from those whose IP address has been listed by the SCBL, resulting in their mail being rejected by servers that use the SCBL. Third parties that don't send spam are affected when an IP address they use becomes listed on the SCBL due to reports that accuse their IP address of being a spam/UBE source. This can happen because their IP address is shared with many other customers of their ISP. It may also be the result of malicious, careless or over-zealous reporting of spam. An IP address (Internet Protocol address) is a unique address that devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address. ...
Additionally, SpamCop automatically lists IP addresses that send mail to spamtrap email addresses. Since these addresses may be falsely used as a return address on spam messages, backscatter caused by these spam messages (including vacation messages and other auto-replies) can result in an otherwise innocent server being blocklisted if it fails to employ backscatter prevention techiques. One of the unique features of the SCBL, however, is that a listing expires automatically when no spam is reported from that source for 24 hours. A spamtrap is a honeypot used to collect spam. ...
Backscatter is the reflection of light, radar, radio, or other electromagnetic waves directly back to the direction they came from. ...
SpamCop notes that "The SCBL is aggressive and often errs on the side of blocking mail. By using the SCBL, you can block a lot of spam, but you also may block or filter wanted email" and suggests using the SCBL as part of a scoring system. Unfortunately many ISPs and IT consultants use the SCBL as a simple screen, often without making it explicit to their clients that valid incoming messages may be (indeed from time to time will almost certainly be) rejected.
Although SpamCop recommends that the SCBL be used as a filter, rather than a block, its Web site contains detailed instructions only on how to set it up as a total block "for administrators who cannot use a more subtle approach for whatever reason." - there is no help or support for those wanting to use it as a filter.
SpamCop provides procedures for ISPs to request a de-listing; see SCBL dispute resolution. Users of listed IPs can use other IP Addresses or smart hosts if their outgoing mail servers are blocked. SpamCop's on-line forums and FAQ pages, as well as news.admin.net-abuse.blocklisting, are sources of advice to users who find themselves blocked. On the forums, other users will give advice, although some can be impatient with those who are not familiar with the system and terminology involved and have not read the multiple, overlapping FAQs. A smart host is a type of mail relay server which allows an SMTP server to route e-mail to an intermediate mail server rather than directly to the recipient’s server. ...
news. ...
SpamCop also has a fee-based email system which provides email accounts that are optionally filtered by the SCBL, as well as other blocklists.
Limitations For first-time SpamCop Reporters, the SpamCop Parsing and Reporting Service requires each report to be manually verified that it is spam and that the destination of the spam reports is correct. People who use tools to automatically report spam, who report email that is not spam, or report to the wrong people may be fined or banned. This verification requires extra time and effort. Despite these steps, reports to innocent bystanders do happen and ISPs may need to configure SpamCop to not send further reports if they don't want to see them again. SpamCop Reporters with a proven track record are allowed to file Quick Reports, reducing both time and effort.
It is not clear whether reporting one's spam using SpamCop's reporting service actually reduces the amount of spam that one receives, and complaints on SpamCop's online forum provide anecdotal evidence to support some skepticism about its effectiveness. While some spammers may use SpamCop's reports for listwashing, others could retaliate. Spammers who determine the identity of the complaintants can, by doing so, also verify that the email addresses are still in use. What is clear is that much spam email is filtered or blocked by the SCBL, which is fed by many SpamCop Reporters reporting their spam. This is known as the process through which mailing lists that contain email addresses that did not voluntarily subscribed and therefore, complain or object to the mailing, are removed. ...
That said, SpamCop is effective at helping ISPs, web hosts and email providers identify accounts that are being abused and shut them down before the spammer finishes operations. Finally, SpamCop provides information from its reports to third parties who are also working to fight spam, amplifying the impact of its services beyond its own reach.
It is also remarkable in its own right that SpamCop has survived for so many years, considering the severity of opposition other anti-spam companies have faced in the past, most notably osirusoft and Blue Security. SpamCop has dealt with attacks by spammers thus far by hiring services from Akamai, but is still the target of many hackers and could face serious difficulties like those faced by Blue Security if it continues to grow in size and effectiveness. The successful attack on Blue Security shows that significant offensive weapons can be wielded by the criminal syndicates behind spammers. SpamCop views itself as an attempt to stop spam without the necessity of governmental intervention, but because it lacks the power of a government or large ISP, it may have greater difficulty dealing with spammers' expertise as well as the large "bot" networks that they control and that they used to cripple Blue Security with a massive DDoS attack. The Spam Prevention Early Warning System (SPEWS) is an anonymous service which maintains a list of IP address ranges belonging to Internet service providers which host spammers. ...
The Blue Frog software tool, produced by Blue Security Inc. ...
Akamai Technologies, Inc. ...
A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system. ...
Fake similar organizations Several websites exist purporting to provide similar services to SpamCop.net. For example, abusecentral.org appears to be run by phishers who redirect webtraffic to abusecentral.org when people try to enter the phishing website in ways that phisher doesn't want. This will give investigators the incorrect impression that the phishing site has been taken down. Another such organization is SpamCop.com. According to posts on SpamCop.net's forum, SpamCop.com is a newer service owned by a company named Interspectrum, which uses the service to market its anti-spam products. The use of the same name for the same type of service may constitute trademark infringement, and may be confusing to new users who expect the more established of the two services to be hosted on the .com top-level domain. This phishing attempt, disguised as an official email from a (fictional) bank, attempts to trick the banks members into giving away their account information by confirming it at the phishers linked website. ...
Trademark infringement is a violation of the exclusive rights attaching to a registered trademark without the authorisation of the trademark owner or any licensees (provided that such authorization was within the scope of the license). ...
History SpamCop was founded in 1998 as an individual effort. As the reporting service became more popular, staff was added and the SCBL became more useful. It has commonly been the target of DDoS attacks and lawsuits from organizations listed in the SCBL. Email security company IronPort purchased SpamCop, but it remains independently run with only 3-4 staff by founder Julian Haight. A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system. ...
It has been suggested that civil trial be merged into this article or section. ...
IronPort Systems of San Bruno, CA, USA is an email anti-spam appliance provider. ...
See also For a real blue frog see Dendrobates azureus. ...
The Spamhaus Project is a largely volunteer effort founded by Steve Linford in 1998 that aims to track e-mail spammers and spam-related activity. ...
List poisoning is a tactic for detecting or diverting e-mail spammers by tricking them into including invalid addresses into mailing lists. ...
The Network Abuse Clearinghouse assembles data on what its sponsors see as misuse of the Internet. ...
External links |
Feeds |
Contact