Be careful; spammers often forge headers, so it's safest to learn how to read headers and to check the Received header fields to determine the actual provenance of the spam.
See also http://www.medwayhosting.com/spam-l/deobfuscation-by-Shmuel/index.html -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of CM Poncelet <[email protected]> Sent: Saturday, September 15, 2018 11:18 AM To: [email protected] Subject: Re: Spam alert: Model9 FWIW SPAM mail can be sent to https://www.spamcop.net/ with a copy sent also to the spammer's email domain administrator (provided the abuse@<whatever> email ID is keyed into spamcop's spare 'copy-to' box that is). The spammer's email domain is the one following the '@' sign. The 'report abuse to administrator' email address for the spammer can then be found at https://secure-web.cisco.com/11Rj0URRt6sLw_P2VizI4v2gdo26_pqiMBOP4zRkAM9-nlimjAnJlp6-HqEGNDK45XOhG_VTyx16nYKlAIefZOQmBra9MEF93HPIeLS5vbiAsFVzznEzHo2lSbXQvBnH38UQdlaGjh0FoMPuvBFVkKfKlCBLKlaZzbWslfmFqD5dTroH3mLYhTWW2-BpKFanB2QBw-KOxk-9bJxdS_VxcTS_e-V3LBt78MwqkwkTaFC9Pe27XGZ9RjDmjEydMCf-aKrgri83XGA-v0_4zruL8Mc6FiY11LtePMKgwlFflae5fq-bApl2L6OmK2rJ6fxWx5yGC5ZbmUNS-i4Sjt0Q_TbD7MEKvN8bydxHMmMYxno5rcBNluTJhs4-hLvVz4UFvMN6OhsxAGmGSLQBMR0y9oxuj5CYMaEklwXglSxfkWhROAtRqX2gQABZrZR7Zr0pd/https%3A%2F%2Fwww.whois.com%2F. (Yes, it can be spoofed - but the headers/metadata show the spammer's real email ID.) This practically always stops any further junk mail being sent out. (BTW My filters store any emails from unrecognised senders - e.g. from Model9 - in my 'trash' folder, from where they are then deleted. So, NOPWAD.) HTH, CP On 14/09/2018 22:30, Arthur wrote: > On 14 Sep 2018 03:50:14 -0700, in bit.listserv.ibm-main > (Message-ID:<[email protected]>) > [email protected] (Giliad Wilf) wrote: > >> Got this e-mail too, inspected it with some concerns, but finally >> opened it. >> It could prove useful, as the CEO advised my previous employer on >> performance issues we had, to our satisfaction. >> This CEO co-authored many IBM publications, both white and red, and >> was a visiting developer at IBM of some z/OS components. > > If you know the CEO, tell him not to spam. Don't let spammers prosper. > It wouldn't be the first time a CEO didn't know what his marketing > people are doing. > > Also, I forwarded it to the edress in the anti-spam header: >> X-Report-Abuse-To: [email protected] (see >> https://secure-web.cisco.com/1GujClvauL3cZ7Io1yNJWzrQB65DX2GHqmo7k9mSuX0Sw_X-mm6dI9Qi6EVPBrTOH1bNZmdgoKeqCGlQVoAkQHBsBRwEWzEUtgLBKc_OXDTtg9FYlTWokRgcLE2A0PMyKEUGrDJqOSv9MvA54e82tOnlC_8nzHszc-QYR18WjcIYd4GWOkx_PSaEwIPgkQ4CDw5dRThVxbmgCcfrz0gG9jfIQ7z-g6IHBxk8q8FI8aSUOB57tojOhkVtETICUfHE-_TVZtECjebk4N1dfijeEwuG435GtFJ-lnOcztvHRf5igqrrQB-wI6ferMNfOl-OOWPOr79Neji7M63YpKo-ChGzKU0NDnE3ASgupXuqc76ZV1P8vivc0Lvszw7JvqA80oVB7lEZlYS30wqvL6D4xxgz3jBHszeWYT9PF2Du5N3I5J5eA9hpKFn1dAYEArQ9cX17mBzGWPSUqFVmq4ieGAA/https%3A%2F%2Fwww.hubspot.com%2Fabuse-complaints%29 > > I'm not sure how much good it'll do, but I did get a response from > that. If the rest of you also report it, it might make a difference. > He did say they "will be investigating to ensure compliance with our > acceptable use policy." > > And, in reference to another post: I did not go to Share; I did not > subscribe; it was sent to this edress which I use *only* for IBM Main. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > . > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
