Still getting shit spam mail from gowebsend; complaints are ignored and SpamCop reports:
Here is your TRACKING URL - it may be saved for future reference:
formatting link
No source IP address found, cannot proceed. Add/edit your mailhost configuration Finding full email headers Submitting spam via email (may work better) Example: What spam headers should look like Nothing to do.
I need to get a carbon fusion bomb up gowebsend input port.
PS: SpamCop seems to _always_ say "No source IP address found, cannot proceed."
Because the headers of the messages are probably (deliberately) munged and your mail host doesn't care -- accepts them as is!
Get yourself a disposable email account and use that for the spam-prone places that you frequent. When the volume of spam that gets through *their* filters gets too high, just abandon the account in favor of another.
Treat your "precious" email account(s) more carefully -- giving them out only to folks who aren't likely to send crud to you ("Gee, look at this joke that was forwarded 500 times exposing EVERY recipients email address along the way to *anything* that might be inclined to harvest them!")
I.e., did GET your email address in the first place (hint: places like CL are notorious sources of spam)
This may help: It's a list of know spammers. Just go down the list and see if you can correlate gowebsend with its owner. Then, hire a Mafia hit man to dispose of the culprit. It's not as cheap as hiring an email filtering service, but far more fun.
Incidentally, gowebsend.com is well hidden behind Whoisguard Inc, Panama. I couldn't find the real registered owner.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
** COPY, ABUSIVE MESSAGE #1 OF MANY ** Date: Fri, 10 Apr 2015 13:00:00 -0400 [04/10/15 10:00:00 PDT] From: Profit Team Add snipped-for-privacy@gowebsend.com to my Address Book To: snipped-for-privacy@localnet.comAdd snipped-for-privacy@localnet.com to my Address Book Reply-To: snipped-for-privacy@gowebsend.comAdd snipped-for-privacy@gowebsend.com to my Address Book Subject: Look over my shoulder as I bank $1,402.39 in 60 seconds Headers: Show All Headers | Show Mailing List Information HTML Click HERE to view HTML content in a separate window.
Anyone can create fake PayPal screenshots or bank statements.
Click Here to Check
But how many can offer this kind of LIVE video proof of someone personally banking four-figures in a blink of an eye?
See for yourself:
See Yourself
These numbers don?t lie,
You are currently subscribed to gowebsend as snipped-for-privacy@localnet.com Click unsubscribe to be removed from any further mailings from gowebsend
7W7kQgtxPd20/DoPq/qMZe9AT6w= From: Newsletter Add snipped-for-privacy@gowebsend.com to my Address Book List-Unsubscribe: MIME-Version: 1.0 Message-ID: Precedence: bulk Received:
(qmail 6130 invoked from network); 22 Apr 2015 17:52:18 -0000 from unknown (HELO inbound8.hw.buf.ny.localnet.com) ([10.30.204.30]) (envelope-sender ) by maildrop15.localnet.sys (qmail-ldap-1.03) with SMTP for ; 22 Apr 2015 17:52:18 -0000 from m95.xm02.net (m97.xm02.net [162.252.35.117]) by inbound8.hw.buf.ny.localnet.com (Postfix) with SMTP id DA55A4053 for ; Wed, 22 Apr 2015 17:52:17
+0000 (UTC)
Reply-To: snipped-for-privacy@gowebsend.comAdd snipped-for-privacy@gowebsend.com to my Address Book Sender: snipped-for-privacy@m95.xm2.net Subject: In regards to your deposit immediate action required To: snipped-for-privacy@localnet.comAdd snipped-for-privacy@localnet.com to my Address Book X-member: snipped-for-privacy@localnet.com X-time: 49087237 X-unsub: snipped-for-privacy@m95.xm2.net Headers: Show Limited Headers | Show Mailing List Information HTML Click HERE to view HTML content in a separate window.
We recently received a deposit request for funds in the amount of $14,293.28 to your checking account.
The verified sender is a trusted money software system called Quick Cash System.
Click Here to Proceed
Please confirm receipt of the deposit so we can complete the transfer.
Go Here
Thank you.
You are currently subscribed to gowebsend as snipped-for-privacy@localnet.com Click unsubscribe to be removed from any further mailings from gowebsend
** END COPY **
** COPY, ABUSIVE MESSAGE #3 OF MANY ** Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="iso-8859-1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; q=dns/txt; l=1750; d=m95.xm02.net;s=2014; h=from : to : subject : date : mime-version : content-type : reply-to; bh=3n24Ponn6cb3iAEvRE5SH5tabfNTuUBQgkQuFIoHQI0=; b=CNWmsslniowLcokNs/NHY+CYLPmmtrGJZZl8ThIeGFi9kJC3osF/GZHpvyeaZQtjShxJr+pJ VI0zbPZRLvmzk6Il/tR1KpSedfHgjnC+2Qf+p1KYjWFZ+24LdGuR52Y2ur9tIFvVUi7APdKg Lsa+BbRqSrXp8/IHViUj9L5Ltrg=; Date: Thu, 23 Apr 2015 13:00:00 -0400 [04/23/15 10:00:00 PDT] DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=2014; d=m95.xm02.net; h=sender:from:to:subject:date:mime-version:content-type:reply-to; b=lIAzm+1wJ2mc/b+nHdMcUlnrQYHSN/XeldLbfF2P7WDP7M/j0RhrfhIWkgDvshzBFyNjhpKL LrvkOhpb5XmY5/8YkE056nSGedh7nluwdf3+ln7FygPWVhuKWeMILQQl3T649xE6Rcnym+sa E6+3e/tJwF8Ofl/R4qEdkWpQrNs= From: Profit Team Add snipped-for-privacy@gowebsend.com to my Address Book List-Unsubscribe: MIME-Version: 1.0 Message-ID: Precedence: bulk Received:
(qmail 18144 invoked from network); 24 Apr 2015 10:15:34 -0000 from unknown (HELO inbound5.hw.buf.ny.localnet.com) ([10.30.204.17]) (envelope-sender ) by maildrop15.localnet.sys (qmail-ldap-1.03) with SMTP for ; 24 Apr 2015 10:15:34 -0000 from m95.xm02.net (m99.xm02.net [162.252.35.119]) by inbound5.hw.buf.ny.localnet.com (Postfix) with SMTP id 3F9E8E00D5 for ; Fri, 24 Apr 2015
10:15:31 +0000 (UTC)
Reply-To: snipped-for-privacy@gowebsend.comAdd snipped-for-privacy@gowebsend.com to my Address Book Sender: snipped-for-privacy@m95.xm2.net Subject: Your quick cash system ($1,000/hr) To: snipped-for-privacy@localnet.comAdd snipped-for-privacy@localnet.com to my Address Book X-member: snipped-for-privacy@localnet.com X-time: 49087237 X-unsub: snipped-for-privacy@m95.xm2.net Headers: Show Limited Headers | Show Mailing List Information HTML Click HERE to view HTML content in a separate window.
Hey,
Your new app is ready for download! Go Here To Download Now
This is a 24hr special for customers only!
This will close for good in 24 hours - Hurry.
Enjoy!
You are currently subscribed to gowebsend as snipped-for-privacy@localnet.com Click Here to unsubscribe from gowebsend.
3145-120 Geary Blvd, San Francisco, CA 94118
** END COPY **
** COPY, ABUSIVE MESSAGE #4 OF MANY ** Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="iso-8859-1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; q=dns/txt; l=2590; d=m95.xm02.net;s=2014; h=from : to : subject : date : mime-version : content-type : reply-to; bh=IDKUUMLs7eZJfFCHlUo6zlCClRyEkDLKBKvw53g9bNg=; b=iShhuTaLD10XhneRFMDtEBY/BNaC8J4S4IUOiYkWAOupyyzntzlycxl0tKrOlJD0j7JzBnIX cx5Aneu/SitCgLoJlbOT7AIZxGhCIpHaNsHhSqSpbfi/yCL7d3fcgTxIzSv55PohJC6O/5rm
02PbroFm1zDIWVKFeIkA/JRv4eE=; Date: Fri, 24 Apr 2015 13:00:00 -0400 [04/24/15 10:00:00 PDT] DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=2014; d=m95.xm02.net; h=sender:from:to:subject:date:mime-version:content-type:reply-to; b=w5byjfsGQvIB2wln/OODcMTRjzSoZrxHIeCFHiZJLYeL3Xt2iL8eDuimCAqsY+AHvKjvfmP6 f442gzgf/sF2DI1leZtzI1EeXhbsPm3EC1Dt+EXGNCBNofJ/U8GThAL/Ehui38KKRcdaZ4B+ Y04pkfYdkYb/a4DQMFnlxGMfjwc= From: Profit Team Add snipped-for-privacy@gowebsend.com to my Address Book List-Unsubscribe: MIME-Version: 1.0 Message-ID: Precedence: bulk Received:
(qmail 27190 invoked from network); 25 Apr 2015 23:06:53 -0000 from unknown (HELO inbound9.hw.buf.ny.localnet.com) ([10.30.204.34]) (envelope-sender ) by maildrop15.localnet.sys (qmail-ldap-1.03) with SMTP for ; 25 Apr 2015 23:06:53 -0000 from m95.xm02.net (m98.xm02.net [162.252.35.118]) by inbound9.hw.buf.ny.localnet.com (Postfix) with SMTP id 6C32464129 for ; Sat, 25 Apr 2015
23:05:27 +0000 (UTC)
Reply-To: snipped-for-privacy@gowebsend.comAdd snipped-for-privacy@gowebsend.com to my Address Book Sender: snipped-for-privacy@m95.xm2.net Subject: Whatever you do?do NOT open this email! To: snipped-for-privacy@localnet.comAdd snipped-for-privacy@localnet.com to my Address Book X-member: snipped-for-privacy@localnet.com X-time: 49087237 X-unsub: snipped-for-privacy@m95.xm2.net Headers: Show Limited Headers | Show Mailing List Information HTML Click HERE to view HTML content in a separate window.
?unless you want to earn MILLIONS without hardly having to lift a finger!
This all-new UNLIMITED commissions system has BLOWN my mind:
Click Here to Proceed
Get ready for all your money problems to disappear?. Click Here to Proceed
Enjoy the "loose" change,
You are currently subscribed to gowebsend as snipped-for-privacy@localnet.com Click Here to unsubscribe from gowebsend.
3145-120 Geary Blvd, San Francisco, CA 94118
** END COPY **
This example only has the headers which would normally be shown to a user, which isn't sufficient for an anti-spam tool.
This example has all of the headers, but the formatting is messed up. If that's how you're pasting it, it probably won't work.
Is this from a webmail interface? See whether there is an option to download the raw message as plain text.
The part which the anti-spam tool will want is this:
Received: (qmail 6130 invoked from network); 22 Apr 2015 17:52:18 -0000 from unknown (HELO inbound8.hw.buf.ny.localnet.com) ([10.30.204.30]) (envelope-sender ) by maildrop15.localnet.sys (qmail-ldap-1.03) with SMTP for ; 22 Apr 2015 17:52:18 -0000 from m95.xm02.net (m97.xm02.net [162.252.35.117]) by inbound8.hw.buf.ny.localnet.com (Postfix) with SMTP id DA55A4053 for ; Wed, 22 Apr 2015 17:52:17 +0000 (UTC)
But this looks as if all of the Received: headers have been collapsed into a single header, which may not work.
Not copying all the headers, or perhapos your MX (mail server) is broken. perhaps the emails come from an "internal" source..... man y possibilities
The first "Received:" header is usually the interesting one. Could be youre running something that corrupts those. I heard some versions of microsoft exchange do this.
There's a word wrap problem there (but I'm assuming that's not present in the original - some newsreaders corrupt long lines).
It's also in the wrong place. as a trace header is should be at the top. not after content-type.
That received header has two from clauses and all of that comes after the semicolon. Only the timestamp should come after the semicolon, and there should only be one "from". in other words extremely non-standard, basically unparseable. it could be argued that it's even email anymore.
RFC2821 is the relevant standards document: mostly section 4.4. seems (at-least one of) your server{s} and/or your email client is malfunctioning. replace or contact the vendor for a fix.
Microsoft Exchange? What is that? Did i or did i not SAY that i use Webmail? I log into my localnet e-mail account and view whatever messages i choose; SYMPLE!
I cannot block/filter anything; localnet gives NO tools other than a generic blacklist (where i have to remove one asshole to "eliminate" another asshole). Why the f* cannot these assholes be held to a nova furnace (and be
None, but most vendors strive to comply. through compliance with the signalling standards comes interoperability, and without that there is no communication.
as someone else suggested it looks like the received headers have been grouped and concatenated probably due to a bug in your webmail.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.